`
`supports automated rule modification, the Requester points out that Coss et al. disclose the
`
`firewall 211 supports automated rule modification:
`
`Dynamic rules are rules which are included with the access rules as a need arises,
`for processing along with the access rules, e.g., by a rule processing engine.
`Dynamic rules can include unique, current information such as, for example,
`specific source and destination port numbers. They can be loaded at any time by
`trusted parties, e.g., a trusted application, remote proxy or firewall
`administrator, to authorize specific network sessions. A dynamic rule can be set
`for single-session use, or its use can be limited as to time. Once a dynamic rule has
`served its function, it can be removed from the rule set. The dynamic rules allow a
`given rule set to be modified based on events happening in the network without
`requiring that the entire rule set be reloaded. [Coss et al., col. 8, lines 24-36,
`emphasis added]
`
`Regarding the assertion that the invention is somehow new because the modification is a
`
`function of some combination of time, data transmitted to or from the user, or location the user
`
`accesses, the Requester points out that Coss et al. disclose that dynamic rule modification is a
`
`function of these features:
`
`Exemplary dynamic rules include a "one-time" rule which is only used for a single
`session, a time-limited rule which is used only for a specified time period, and a
`threshold rule which is used only when certain conditions are satisfied. Another
`type of dynamic rule includes rules which define a host group, such that the host
`group can be modified to add or drop different hosts without altering other aspects
`of the access rule set. Other dynamic rules may be used to facilitate rule setup in
`certain specific types of processing applications. For example, an FTP proxy
`application could use a dynamic rule to authorize establishment of an FTP data
`channel in response to a data request. The dynamic rule in this example would
`typically not be loaded until a data request is made over the FTP control
`session, and could be limited to one use and made active for only a limited time
`period. The rule set therefore need not include a separate data channel rule for use
`with all requests. As a result, the rule specification and rule processing are
`simplified, and security is improved. [Coss et al., col. 8, lines 37-55, emphasis
`added]
`
`Regarding the assertion that the invention is somehow new because the instructions to
`
`modify the rule set are received from either the user side or the network side of the redirection
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 21 of 484
`
`Panasonic-1012
`Page 938 of 1408
`
`
`
`server, the Requester points out that Coss et al. disclose receiving instructions from a firewall
`
`administrator:
`
`"Dynamic rules can include unique, current information such as, for example,
`specific source and destination port numbers. They can be loaded at any time by
`trusted parties, e.g., a trusted application, remote proxy or firewall administrator,
`to authorize specific network sessions." [Coss et al., col. 8, lines 26-31, emphasis
`added]
`
`Coss et al.' s Figure 1 illustrates Administrator processor 115 is on the network side of the
`
`firewalls 111, 113, 114:
`
`104
`
`FIG.1
`
`Coss et al.' s Figure 2 illustrates Administrator processor (ADM) 215 is on the user side of
`
`firewall 211 :
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 22 of 484
`
`Panasonic-1012
`Page 939 of 1408
`
`
`
`FIG. 2
`
`Regarding the assertion that the invention is somehow new because the rule modification
`
`involves removing or reinstating at least a part of the rule set, the Requester points out that Coss
`
`et al. disclose removing a rule from a currently programmed rule set:
`
`Dynamic rules are rules which are included with the access rules as a need arises,
`for processing along with the access rules, e.g., by a rule processing engine.
`Dynamic rules can include unique, current information such as, for example,
`specific source and destination port numbers. They can be loaded at any time by
`trusted parties, e.g., a trusted application, remote proxy or firewall administrator, to
`authorize specific network sessions. A dynamic rule can be set for single-session
`use, or its use can be limited as to time. Once a dynamic rule has served its
`function, it can be removed from the rule set. The dynamic rules allow a given
`rule set to be modified based on events happening in the network without requiring
`that the entire rule set be reloaded. [Coss et al., col. 8, lines 24-36, emphasis added]
`
`Regarding the assertion that the invention is somehow new because the redirection server
`
`is located between the user computer and the public network, the Requester points out that Coss
`
`et al. illustrate in Figure 2 (shown above) that firewall 211 is connected between the user site 201
`
`and the Internet 105. Additionally, the APA in Figure 1 of the' 118 patent illustrates that it was
`
`well-known to locate a gateway 108 between a user computer 100 and a public network such as
`
`the Internet 110:
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 23 of 484
`
`Panasonic-1012
`Page 940 of 1408
`
`
`
`F/G.1
`
`As set forth below in sections III and IV of this request, each of claims 16-24, 26-27, 36-
`
`43 and 68-90 is unpatentable as obvious over Coss et al. in view of the AP A. The record shows
`
`that no application of this combination of prior art references was ever applied to any claims of
`
`the ' 118 patent.
`
`II.
`
`REQUIREMENTS FOR EX PARTE REEXAMINATION REQUEST
`
`Requester requests ex parte reexamination of U.S. Patent No. 6,779,118 ("the' 118
`
`patent") under 37 C.F.R. § 1.510. In support of its request for ex parte reexamination, Requester
`
`provides the following:
`
`1
`
`Fee for requesting reexamination - 37 C.F.R. § 1.SlO(a)
`
`Authorization for the Office to charge the credit card information provided at the time of
`
`submission for the $2,520.00 filing fee for the present ex parte reexamination request, as set
`
`forth in 37 C.F.R. § 1.20(c)(l) and 37 C.F.R. § 1.510(a). Authorization is hereby given that any
`
`additional fees required may be charged to the same credit card.
`
`Prior Art Patents and Printed Publications Forming the Basis of this Request - 37
`2
`C.F.R. § 1.SlO(a)
`
`The' 118 patent claims priority to U.S. provisional application No. 60/084,014, filed on
`
`May 4, 1998. Reexamination of the' 118 patent is hereby requested on the basis of the following
`
`prior art patents and printed publications:
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 24 of 484
`
`Panasonic-1012
`Page 941 of 1408
`
`
`
`A.
`
`U.S. Patent 6,088,451, hereinafter, He et al.
`
`He et al. lists a filing date of June 28, 1996. Since the filing date is prior to the filing date
`
`of the provisional application of the '118 patent, He et al. is at least prior art under 35 U.S.C.
`
`102(e).
`
`B.
`
`U.S. Patent 6,233,686, hereinafter Zenchelsky et al.
`
`Zenchelsky et al. lists a filing date of January 17, 1997. Since the filing date is prior to
`
`the filing date of the provisional application of the '118 patent, Zenchelsky et al. is at least prior
`
`art under 35 U.S.C. 102(e).
`
`C.
`
`U.S. Patent 5,848,233, hereinafter, Radia et al.
`
`Radia et al. lists a filing date of December 9, 1996. Since the filing date is prior to the
`
`filing date of the provisional application of the ' 118 patent, Radia et al. is at least prior art under
`
`35 U.S.C. 102(e).
`
`D.
`
`U.S. Patent 6,170,012, hereinafter, Coss et al.
`
`Coss et al. lists a filing date of September 12, 1997. Since the filing date is prior to the
`
`filing date of the provisional application of the ' 118 patent, Coss et al. is at least prior art under
`
`35 U.S.C. 102(e).
`
`E.
`
`U.S. Patent 6,779,118 Bl, FIG. 1 and Col. 1, lines 15-67, hereinafter, the Admitted
`
`Prior Art (AP A)
`
`MPEP 2258 section (F) entitled, "Admissions; Use of Admissions" states, "37 CFR
`
`1.104( c )(3) provides that admissions by the patent owners as to matters affecting patentability
`
`may be utilized in a reexamination proceeding."
`
`Col. 1, lines 15-67 of the' 118 patent begin as follows:
`
`"In prior art systems as shown in FIG. 1 ... " ( emphasis added)
`
`As there is no indication or evidence in the record that the described prior art systems are
`
`the work of the inventors of the ' 118 patent, these statements by the inventors in a printed
`
`publication already included in the record (i.e., published U.S. Patent 6,779,118 Bl) constitute an
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 25 of 484
`
`Panasonic-1012
`Page 942 of 1408
`
`
`
`admission of known prior art systems and may therefore be relied upon for both anticipation and
`
`obviousness determinations, regardless of whether the published U.S. Patent 6,779,118 Bl itself
`
`would otherwise qualify as prior art under the statutory categories of 35 U.S.C. 102. Riverwood
`
`Int'! Corp. v. R.A. Jones & Co., 324 F.3d 1346, 1354, 66 USPQ2d 1331, 1337 (Fed. Cir. 2003);
`
`Constant v. Advanced Micro-Devices Inc., 848 F.2d 1560, 1570, 7 USPQ2d 1057, 1063 (Fed.
`
`Cir. 1988).
`
`Statement pointing out each substantial new question of patentability based on prior
`3
`patents and printed publications - 37 C.F.R. § 1.SlO(b)(l)
`
`This section provides a statement pointing out each substantial new question of
`
`patentability ("SNQ") raised by this Request. A detailed description setting forth the pertinency
`
`of each SNQ with respect to each of claim of the '118 patent is provided below in Section III and
`
`claim charts showing the manner of applying the cited prior art to every claim for each SNQ are
`
`provided below in Section IV.
`
`A.
`
`Claims 2-7, 9-14, 16-24, and 26-43 of the '118 patent are unpatentable under 35
`
`U.S.C. § 103(a) as being obvious over He et al. in view of Zenchelsky et al., and further in
`
`view of the AP A
`
`Requester respectfully submits that claims 2-7, 9-14, 16-24, and 26-43 of the '118 patent
`
`are unpatentable as being obvious over He et al. in view of Zenchelsky et al., and further in view
`
`of the AP A. Although rejections of other claims on the basis of He et al. in view of Zenchelsky
`
`et al., and further in view of the APA were affirmed by the Board Of Patent Appeals and
`
`Interferences in the Decision on Appeal dated August 23, 2011, the combination of He et al.,
`
`Zenchelsky et al, and the APA was never applied in any rejections of claims 2-7, 9-14, 16-24,
`
`and 26-43. The combination of He et al., Zenchelsky et al, and the AP A is not cumulative of any
`
`of the art previously applied to these claims. A reasonable examiner would consider He et al.,
`
`Zenchelsky et al, and the AP A pertinent to the patentability of the requested claims. The specific
`
`details of the pertinence and manner of applying He et al., Zenchelsky et al, and the AP A to each
`
`of the above-identified claims in support of this substantial new question of patentability are
`
`presented below in Sections III and IV.
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 26 of 484
`
`Panasonic-1012
`Page 943 of 1408
`
`
`
`B.
`
`Claims 2-7, 9-14, 28-35, and 44-67 of the '118 patent are unpatentable under 35
`
`U.S.C. § 103(a) as being obvious over Radia et al. in view of the APA, and further in view of
`
`Coss et al.
`
`Requester respectfully submits that claims 2-7, 9-14, 28-35, and 44-67 of the' 118 patent
`
`are unpatentable as being obvious over Radia et al. in view of the AP A, and further in view of
`
`Coss et al. Although the Radia et al. reference was disclosed in an applicant submitted
`
`information disclosure statement during the prior reexamination proceedings, Radia et al. was
`
`not discussed on the record and was never relied upon in any rejection of the claims. Radia et al.
`
`is not cumulative of any of the previously applied art. A reasonable examiner would consider
`
`Radia et al. pertinent to the patentability of the requested claims. Although admissions found in
`
`the '118 patent related to known redirection methods were relied upon to reject claims in the
`
`prior reexamination proceedings, the APA was not applied in a rejection of the claims in the
`
`manner done in this Request. A reasonable examiner would consider the AP A pertinent to the
`
`patentability of the requested claims. The Coss et al. reference is not of record in either the
`
`original examination or prior reexamination proceedings of the' 118 patent. Co-filed patents by
`
`Coss et al. (e.g., U.S. Patents 6,098,172 and 6,154,775) were disclosed in an applicant submitted
`
`information disclosure statement in the prior reexamination proceedings; however, no patent by
`
`Coss was ever discussed on the record or relied upon in any rejection of the claims. Coss et al. is
`
`not cumulative of any of the previously applied art. A reasonable examiner would consider Coss
`
`et al. pertinent to the patentability of the requested claims. The specific details of the pertinence
`
`and manner of applying Radia et al., the APA, and Coss et al. to each of the above-identified
`
`claims in support of this substantial new question of patentability are presented below in Sections
`
`III and IV.
`
`C.
`
`Claims 16-24, 26-27, 36-43 and 68-90 of the' 118 patent are unpatentable under 35
`
`U.S.C. § 103(a) as being obvious over Coss et al. in view of the APA
`
`Requester respectfully submits that claims 16-24, 26-27, 36-43 and 68-90 of the' 118
`
`patent are unpatentable as being obvious over Coss et al. in view of the AP A. The Coss et al.
`
`reference is not of record in either the original examination or prior reexamination proceedings
`
`of the' 118 patent. Co-filed patents by Coss et al. ( e.g., U.S. Patents 6,098,172 and 6,154,775)
`
`were disclosed in an applicant submitted information disclosure statement in the prior
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 27 of 484
`
`Panasonic-1012
`Page 944 of 1408
`
`
`
`reexamination proceedings; however, no patent by Coss was ever discussed on the record or
`
`relied upon in any rejection of the claims. Coss et al. is not cumulative of any of the previously
`
`applied art. A reasonable examiner would consider Coss et al. pertinent to the patentability of the
`
`requested claims. Although admissions found in the '118 patent related to known redirection
`
`methods were relied upon to reject claims in the prior reexamination proceedings, the APA was
`
`not applied in a rejection of the claims in the manner done in this Request. A reasonable
`
`examiner would consider the AP A pertinent to the patentability of the requested claims. The
`
`specific details of the pertinence and manner of applying Coss et al. and the AP A to each of the
`
`above-identified claims in support of this substantial new question of patentability are presented
`
`below in Sections III and IV.
`
`Identification of every claim for which reexamination is requested, and a detailed
`4
`explanation of the pertinency and manner of applying the cited prior art to every claim for
`which reexamination is requested- 37 C.F.R. § 1.510(b)(2)
`
`Reexamination of all non-canceled and enforceable claims of the '118 patent, i.e., claims
`
`2-7, 9-14, 16-24 and 26-90, is hereby requested. A detailed explanation of the pertinency and
`
`manner of applying the cited prior art to every claim for which reexamination is requested is
`
`found below in Sections III and IV.
`
`5
`
`Copy of every patent or printed publication relied upon - 37 C.F.R. § 1.510(b)(3)
`
`Copies of each patent and printed publication relied upon in this Request are attached to
`
`the Request in Appendices 1-5.
`
`Copy of the entire patent including the front face, drawings, and
`6
`specification/claims (in double column format) for which reexamination is requested, and a
`copy of any disclaimer, certificate of correction, or reexamination certificate issued in the
`patent - 37 C.F.R. § 1.510(b)(4)
`
`A copy of the ' 118 patent is attached to this Request in Appendix 5. A copy of the
`
`reexamination certificate issued in the '118 patent is attached to this Request in Appendix 6.
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 28 of 484
`
`Panasonic-1012
`Page 945 of 1408
`
`
`
`Certification that a copy of the request has been served in its entirety on the patent
`7
`owner - 37 C.F.R. § 1.SlO(b)(S)
`
`A copy of the Certificate of Service is attached to this Request in Appendix 7. Pursuant
`
`to 3 7 C.F .R. § 1.5 IO(b )( 5), this Request is being served on the Patent Owner at:
`
`Hershkovitz & Associates, LLC
`
`2845 Duke Street
`
`Alexandria VA 22314
`
`III. DETAILED EXPLANATION OF THE PERTINENCY OF EACH SNQ
`
`Claims 2-7, 9-14, 16-24, and 26-43 of the '118 patent are unpatentable under 35
`1
`U.S.C. § 103(a) as being obvious over He et al. in view of Zenchelsky et al., and further in
`view of the AP A
`
`Requester respectfully submits that claims 2-7, 9-14, 16-24, and 26-43 of the '118 patent
`
`are unpatentable as being obvious over He et al. in view of Zenchelsky et al., and further in view
`
`of the AP A. The holding on page 10 of the Decision on Appeal in the prior reexamination of the
`
`'118 affirmed the rejections of previously presented dependent claims 32, 37, 42 and 47 as being
`
`obvious over He et al. in view of Zenchelsky et al., and further in view of the AP A. Since claims
`
`32, 37, 42 and 47 depended from independent claims 1, 8, 15, 25, the Board found that it follows
`
`that the independent claims must too be obvious over the same references and entered a new
`
`ground ofrejection for independent claims 1, 8, 15, 25. In response to the Decision on Appeal,
`
`the patent owner canceled the independent claims 1, 8, 15, 25. The record is thereby clear that
`
`canceled independent claims 1, 8, 15 and 25 are unpatentable as being obvious over He et al. in
`
`view of Zenchelsky et al., and further in view of the AP A. In order for any of claims 2-7, 9-14,
`
`16-24, and 26-43 (as they are now numbered and which were dependent upon independent
`
`claims 1, 8, 15 and 25 at the time of appeal) to be patentable, the additional limitation(s)
`
`introduced in each claim that is/are not found in corresponding unpatentable independent claim
`
`1, 8, 15, 25 must be the distinguishing feature(s) that render(s) these claims patentable. However,
`
`as described herein, the limitations introduced in claims 2-7, 9-14, 16-24, and 26-43 are obvious
`
`over He et al. in view of Zenchelsky et al., and further in view of the AP A. The record shows
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 29 of 484
`
`Panasonic-1012
`Page 946 of 1408
`
`
`
`there was never any application of the combination of He et al., Zenchelsky et al., and the APA
`
`as set forth below in any rejection of claims 2-7, 9-14, 16-24, and 26-43 of the' 118 patent. The
`
`combination of He et al., Zenchelsky et al., and the APA is not cumulative of any of the art
`
`previously applied to these claims. A reasonable examiner would consider the below-described
`
`application of He et al., Zenchelsky et al., and the APA pertinent to the patentability of these
`
`claims for at least the reasons discussed below. A claim chart setting forth the manner of
`
`applying He et al., Zenchelsky et al., and the AP A to each of the above-identified claims in
`
`support of this substantial new question of patentability is provided below in Section IV of this
`
`Request.
`
`Claim 2 (includes limitations of canceled claim 1 known to be obvious over He et al. in view
`
`of Zenchelsky et al., and further in view of the APA)
`
`He et al. disclose wherein the redirection server (He et al; credential server 204) further
`
`provides control over a plurality of data to and from the users' computers as a function of the
`
`individualized rule set (He et al; col. 19, lines 2-11, credential server 204 retrieves user
`
`credentials which correspond to an individualized rule set that controls access. Also see He et al
`
`at col. 16, lines 61-67 for detail of user credentials).
`
`Claim 3 (includes limitations of canceled claim 1 known to be obvious over He et al. in view
`
`of Zenchelsky et al., and further in view of the APA)
`
`He et al. disclose wherein the redirection server (He et al; credential server 204) further
`
`blocks the data to and from the users' computers as a function of the individualized rule set (He
`
`et al; credential server 204 retrieves user credentials which correspond to an individualized rule
`
`set that controls access to network elements 104. Conversely, network elements 104 which
`
`cannot be accessed in accordance with the user credentials are inherently blocked from access.
`
`Also see He et al at col. 19, lines 24-31 which describe the scenario where the user access ticket
`
`is actively voided, corresponding to a blocking action).
`
`Claim 4 (includes limitations of canceled claim 1 known to be obvious over He et al. in view
`
`of Zenchelsky et al., and further in view of the APA)
`
`He et al. disclose wherein the redirection server further allows the data to and from the
`
`users' computers as a function of the individualized rule set (He et al. col. 19, lines 2-11,
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 30 of 484
`
`Panasonic-1012
`Page 947 of 1408
`
`
`
`credential server 204 retrieves user credentials which correspond to an individualized rule set
`
`that controls access to network elements 104. Data exchange occurs between accessed network
`
`elements 104).
`
`Claim 5 (includes limitations of canceled claim 1 known to be obvious over He et al. in view
`
`of Zenchelsky et al., and further in view of the APA)
`
`He et al. disclose wherein the redirection server further redirects the data to and from the
`
`users' computers as a function of the individualized rule set (He et al; col. 19, lines 2-11,
`
`credential server 204 retrieves user credentials which correspond to an individualized rule set
`
`that controls access to network elements 104. Data access to network elements 104 corresponds
`
`to data moving to and from users' computers).
`
`Claim 6 (includes limitations of canceled claim 1 known to be obvious over He et al. in view
`
`of Zenchelsky et al., and further in view of the APA)
`
`He et al. disclose wherein the redirection server further redirects the data from the users'
`
`computers to multiple destinations as a function of the individualized rule set (He et al; FIG 10,
`
`plural network elements 104 represent multiple potential destinations for interaction based on
`
`particular user credentials).
`
`Claim 7 (includes limitations of canceled claim 1 known to be obvious over He et al. in view
`
`of Zenchelsky et al., and further in view of the APA)
`
`He et al. disclose wherein the database entries for a plurality of the plurality of users' IDs
`
`are correlated with a common individualized rule set (He et al; col. 16, line 54 through line 68.
`
`Each database entry (record) includes a user ID accompanied by user credentials. The user
`
`credentials are the individualized rules for a particular user).
`
`Claim 9 (includes limitations of canceled claim 8 known to be obvious over He et al. in view
`
`of Zenchelsky et al., and further in view of the APA)
`
`He et al. disclose further including the step of controlling a plurality of data to and from
`
`the users' computers as a function of the individualized rule set (He et al; col. 19, lines 2-11,
`
`credential server 204 retrieves user credentials which correspond to an individualized rule set
`
`that controls access. Also see He et al at col 16, lines 61-67 for detail of user credentials).
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 31 of 484
`
`Panasonic-1012
`Page 948 of 1408
`
`
`
`Claim 10 (includes limitations of canceled claim 8 known to be obvious over He et al. in
`
`view of Zenchelsky et al., and further in view of the AP A)
`
`He et al. disclose further including the step of blocking the data to and from the users'
`
`computers as a function of the individualized rule set (He et al; credential server 204 retrieves
`
`user credentials which correspond to an individualized rule set that controls access to network
`
`elements 104. Conversely, network elements 104 which cannot be accessed in accordance with
`
`the user credentials are inherently blocked from access. Also see He et al. at col. 19, lines 24-31
`
`which describe the scenario where the user access ticket is actively voided, corresponding to a
`
`blocking action).
`
`Claim 11 (includes limitations of canceled claim 8 known to be obvious over He et al. in
`
`view of Zenchelsky et al., and further in view of the AP A)
`
`He et al. disclose further including the step of allowing the data to and from the users'
`
`computers as a function of the individualized rule set. (He et al; col. 19, lines 2-11, credential
`
`server 204 retrieves user credentials which correspond to an individualized rule set that controls
`
`access to network elements 104. Data exchange occurs between accessed network elements 104).
`
`Claim 12 (includes limitations of canceled claim 8 known to be obvious over He et al. in
`
`view of Zenchelsky et al., and further in view of the AP A)
`
`He et al. disclose further including the step of redirecting the data to and from the users'
`
`computers as a function of the individualized rule set (He et al; col. 19, lines 2-11, credential
`
`server 204 retrieves user credentials which correspond to an individualized rule set that controls
`
`access to network elements 104. Data access to network elements 104 corresponds to data
`
`moving to and from users' computers).
`
`Claim 13 (includes limitations of canceled claim 8 known to be obvious over He et al. in
`
`view of Zenchelsky et al., and further in view of the AP A)
`
`He et al. disclose further including the step of redirecting the data from the users'
`
`computers to multiple destinations a function of the individualized rule set (He et al; FIG 10,
`
`plural network elements 104 represent multiple potential destinations for interaction based on
`
`particular user credentials).
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 32 of 484
`
`Panasonic-1012
`Page 949 of 1408
`
`
`
`Claim 14 (includes limitations of canceled claim 8 known to be obvious over He et al. in
`
`view of Zenchelsky et al., and further in view of the AP A)
`
`He et al. disclose further including the step of creating database entries for a plurality of
`
`the plurality of users' IDs, the plurality of users' ID further being correlated with a common
`
`individualized rule set (He et al; col. 16, line 54 through line 68. Each database entry (record)
`
`includes a user ID accompanied by user credentials. The user credentials are the individualized
`
`rules for a particular user).
`
`Claim 16
`
`He et al. disclose a system (He et al; FIG 10) comprising: a redirection server (He et al;
`
`FIG 10, credential server 204) programmed with a user's rule set (He et al; col. 19, line 3,
`
`credential server retrieves user credentials, which correspond to a rule set. When the credential
`
`server 204 retrieves the user credentials, it is programmed with that particular rule set.
`
`Alternatively, providing access by the credential server to the database containing the rule set
`
`can constitute being programmed with the rule set) correlated to a temporarily assigned network
`
`address (Zenchelsky et al; col. 1, lines 30-35 establish well known nature of assigning temporary
`
`IP address to user at session login; col. 1, lines 60-64 establish well known nature of having
`
`source and destination address encoded into communication packets as necessary to facilitate
`
`communication between source and destination. It would have been obvious to one of ordinary
`
`skill in the art to modify He et al; so to provide temporary IP address to a user node and
`
`additionally encode data communication packets with source and destination address as
`
`necessarily to facilitate communication through a switched packet network as taught by
`
`Zenchelsky et al); wherein the rule set contains at least one of a plurality of functions used to
`
`control data passing between the user and a public network (He et al; col. 16, lines 61-67,
`
`credentials define plural functions. Also, note the additional functions at col. 17, lines 6-27
`
`attributed to the overall server system 208); wherein the redirection server is configured to allow
`
`automated modification of at least a portion of the rule set correlated to the temporarily assigned
`
`network address (He et al; col. 17, lines 19-21, database tool associated with server system 208
`
`can create or delete user accounts) and wherein the redirection server is configured to allow
`
`automated modification of at least a portion of the rule set (He et al; col 17, lines 19-21, any of
`
`the user account information can be modified) as a function of some combination of time, data
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 33 of 484
`
`Panasonic-1012
`Page 950 of 1408
`
`
`
`transmitted to or from the user, or location the user attempts to access (He et al; col 17, line 13
`
`attributes a "lifetime" to the authentication. Since any portion of the user account can be
`
`modified, the length of the "lifetime" can be modified as well. Alternatively, since the
`
`modification can be made at any time, the modification can occur "as a function of time". The
`
`"data transmitted" and "location" are optional recitations, and thus do not carry patentable weight
`
`in the current claim (MPEP 2106, Section C). It is also noted that the phrase "some combination"
`
`does not necessarily require two or more of the elements to be present. For example, a
`
`subcombination could be a combination that invokes only one of the elements recited). He et al.
`
`further disclose wherein the redirection server is configured to allow modification of at least a
`
`portion of the rule set as a function of time (He et al., col 17, line 13 attributes a "lifetime" to the
`
`authentication. Since any portion of the user account can be modified, the length of the "lifetime"
`
`can be modified).
`
`He et al. do not explicitly disclose the credential server 204 controls the user's access to
`
`the network using redirection functionality. However, the AP A col. 1, lines 53-57 states "The
`
`browser next sends a request to the server requesting the page. In response to the user's request,
`
`the web server sends the requested page to the browser. The page, however, contains html code
`
`instructing the browser to request some other WWW page - hence the redirection of the user
`
`begins." Also see APA col. 1, lines 38-40 stating, "The redirection oflnternet traffic is most
`
`often done with World Wide Web (WWW) traffic (more specifically, traffic using the HTTP
`
`(hypertext transfer protocol)"). It would have been obvious to incorporate redirection
`
`functionality into the system of He et al. because redirection is an obvious extension of blocking
`
`already performed by He et al. For example, an address blocked for a particular user could be
`
`replaced with another address, perhaps a safer website or a website explaining organizational
`
`policy regarding the blocked website.
`
`Claim 17
`
`He et al. disclose a system (He et al; FIG 10) comprising: a redirection server (He et al;
`
`FIG 10, credential server 204) programmed with a user's rule set (He et al; col. 19, line 3,
`
`credential server retrieves user credentials, which correspond to a rule set. When the credential
`
`server 204 retrieves the user credentials, it is programmed with that particular rule set.
`
`Alternatively, providing access by the credential server to the database containing the rule set
`
`Request for ex parte reexamination of U.S. Patent No. 6,779,118
`Page 34 of 484
`
`Panasonic-1012
`Page 951 of 1408
`
`
`
`can constitute being programmed with the rule set) correlated to a temporarily assigned network
`
`address (Zenchelsky et al; col. 1, lines 30-35 establish well known nature of assigning temporary
`
`IP address to user at session login; col. 1, lines 60-64 establish well known nature of having
`
`source and destination address encoded into communication packets as necessary to facilitate
`
`communication between source and destination. It would have been obvious to one of ordinary
`
`skill in the art to modify He et al; so to provide temporary IP address to a user node and
`
`additionally encode data communication packets with source and destination address as
`
`necessarily to facilitate communication through a switched packet network as taught by
`
`Z