A method for controlling access, by at least one authentication server, to protected computer resources provided via an Internet Protocol network, the method comprising: receiving, at the at least one authentication server from at least one access server, identity data associated with at least one client computer device, the identity data forwarded to the at least one access server from the at least one client computer device with a request from the at least one client computer device for the protected computer resources; authenticating, by the at least one authentication server, the identity data received from the at least one access server, the identity data being stored in the at least one authentication server; authorizing, by the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources requested by the at least one client computer device, based on data associated with the requested protected computer resources stored in at least one database associated with the at least one authentication server; and permitting access, by the at least one authentication server, to the at least the portion of the protected computer resources upon successfully authenticating the identity data and upon successfully authorizing the at least one client computer device.
Appeal from the United States District Court for the District of Nebraska in No. 8:12-cv-00124-LES-TDT, Senior Judge Lyle E. Strom.
Abstract Idea: Yes
Despite arguments from the patent owner that the claims on appeal covered a concrete, specific solution to a real-world problem, the Federal Circuit affirmed the district court’s Step One determination. In particular, the Federal Circuit agreed that the claims were directed to “providing restricted access to resources,” an abstract process involving the following steps: “(1) receiving identity data from a device with a request for access to resources; (2) confirming the authenticity of the identity data associated with that device; (3) determining whether the device identified is authorized to access the resources requested; and (4) if authorized, permitting access to the requested resources.”
Something More: No
The Federal Circuit reversed the district court’s Step Two determination that the claims on appeal “[included] inventive concepts to ensure that [the] patents in practice are more than just patents on restricting access to resources” because they “[modified] the way the Internet functions to provide secure access over a protected computer resource.” Instead, the Federal Circuit found that the “claims merely [recited] a host of elements that [were] indisputably generic computer components.” The patent owner argued that the recited “identity data” (such as a hardware identifier) represented a specific and novel solution to a real problem and provided real benefits.” According to the patent owner, by combining these components with hardware identity data, the asserted claims yielded “a novel, effective solution to real-world problems, which industry came to adopt several years after [the patent owner’s] inventions.” The Federal Circuit did not find these arguments persuasive.
To start, the Federal Circuit noted that the specifications of the patents at issue demonstrated the generic nature of the claimed hardware identifiers by indicating that the identifiers were “conventional”. Additionally, the circuit court found no indication that inclusion of the hardware identifiers produced “a result that overrides the routine and conventional use of this known feature” (citing DDR Holdings). As such, the Federal Circuit concluded that the claims “recite[d] no more than the sort of ‘perfectly conventional’ generic computer components employed in a customary manner that [the court has] previously held insufficient to transform the abstract idea into a patent-eligible invention. Intellectual Ventures I LLC v. Symantec Corp., 838 F.3d 1307, 1321 (Fed. Cir. 2016).”
U.S. Patents 8,127,345 (Method and system for managing access to protected computer resources provided via an internet protocol network) and 8,387,155 (System for managing access to protected computer resources)