Appeal 2007-0153
Application 09/792,918
profile module 220 of Pachauri. These modules are used for designing a
security profile for the user and for implementing a security profile in the
database system (col. 5, ll. 22-29).
Based on the teachings of Pachauri outlined supra, we find ourselves
persuaded by Appellant’s argument that the method of managing security in
a database system of Pachauri is not the same as the claimed authorization
testing without granting authorization or based on rules and policies in a
policy domain, as recited in claims 1 and 24. However, we reach the
opposite conclusion with respect to the authorization testing of claim 35.
2. 35 U.S.C. § 103 rejection of claims
The 35 U.S.C. § 103 rejection of claims 3, 4, 7-9, 10, 12, 21-23, 26,
and 29 over Pachauri in various combinations with Bienvenu, Wood, and
Lewis cannot be sustained as we find no teachings in these references to
overcome the deficiencies of Pachauri discussed above with respect to their
base claims 1 and 24.
With respect to the rejection of claims 36 and 39 under 35 U.S.C.
§ 103 over Pachauri and Wood, Appellant argues combining Wood with
Pachauri would provide no benefit to Pachauri which assumes that the user
is authorized to access the database and merely controls which tasks the user
can perform (Br. 10). We agree with the Examiner (Answer 7) that within
the environment of the database security management system of Pachauri,
using the access information of Wood would improve security by
recognizing the potential attacks.
Wood provides for including temporal, locational, connection type
and/or client capabilities-related information to affect the authentication
7
Page: Previous 1 2 3 4 5 6 7 8 9 10 Next
Last modified: September 9, 2013