Appeal No. 2002-0384 Application No. 09/111,849 logs to be kept (col.4, lines 16-23)." The examiner contends that it would have been obvious to modify Bell to include removal of the record at the end of the time period "in the same conventional manner, as suggested by Freud [sic, Freund]." The examiner provides as motivation, "to keep track of user login activities to thereby restrict access to the system only to authorized users, which would further prevent sophisticated brute force attacks on the password, as suggested by Freud [sic, Freund] (col.3, lines 65-66; col.4, lines 7-28)." Freund (column 4, lines 16-28) discloses that rules can be made for a computer "to determine what events should be logged (including how long are logs to be kept)." Although Freund suggests that events may be removed at the end of some period of time, we find no teaching in Freund as to why one would want to remove an event record in response to the end of the time period for detecting such events. It is unclear to us how removing an event record would "keep track of user login activities to thereby restrict access to the system only to authorized users," as asserted by the examiner. As the references fail to teach the limitation of claim 4 and of the claims grouped therewith, we cannot sustain the obviousness rejection of claims 4, 5, 11, 12, 16, and 17. 7Page: Previous 1 2 3 4 5 6 7 8 9 NextLast modified: November 3, 2007