European Case Law Identifier: | ECLI:EP:BA:2019:T136113.20190109 | ||||||||
---|---|---|---|---|---|---|---|---|---|
Date of decision: | 09 January 2019 | ||||||||
Case number: | T 1361/13 | ||||||||
Application number: | 05825293.3 | ||||||||
IPC class: | G06F 21/00 | ||||||||
Language of proceedings: | EN | ||||||||
Distribution: | D | ||||||||
Download and more information: |
|
||||||||
Title of application: | SYSTEM AND METHOD FOR REPRESENTING A SECURE TIME ON A DEVICE ON AN INSECURE CLOCK | ||||||||
Applicant name: | Nokia Technologies Oy | ||||||||
Opponent name: | - | ||||||||
Board: | 3.5.06 | ||||||||
Headnote: | - | ||||||||
Relevant legal provisions: |
|
||||||||
Keywords: | Inventive step - (no) | ||||||||
Catchwords: |
- |
||||||||
Cited decisions: |
|
||||||||
Citing decisions: |
|
Summary of Facts and Submissions
I. The appeal is against the decision by the examining division, dispatched with reasons on 7 January 2013, to refuse European patent application 05825293.3, on the basis that the subject-matter of claim 1 was not inventive, Article 56 EPC 1973. The following document was relied upon in the reasons for the decision:
D1 = US 2003/0105890 A1.
II. A notice of appeal was received on 15 February 2013, the appeal fee being paid on the same day. A statement of grounds of appeal was received on 14 May 2013.
III. The appellant requested that the decision of the examining division to refuse the application be set aside and a patent be granted on the basis of the application documents that were the object of the refusal, i.e. including the claims filed on 23 October 2009. The appellant made a conditional request for oral proceedings.
IV. The board issued a summons to oral proceedings. In an annex to the summons, the board set out its preliminary opinion on the appeal.
V. On 7 December 2018, the appellant filed amended claims according to two auxiliary requests.
VI. The appellant requests that the decision under appeal be set aside and a patent be granted on the basis of the main request, filed 23 October 2009, or on the basis of one of the auxiliary requests 1 or 2, both filed 7 December 2018.
VII. Independent claim 1 of the main request reads as follows:
"A method of providing modified rights information to an application on an electronic device (12), comprising:
monitoring a system clock (43) on the electronic device;
monitoring a secure clock (41);
calculating the difference between a time of the system clock and a time of the secure clock;
modifying access rights information for the application by the difference between the time of the system clock and the time of the secure clock; and
providing the modified access rights information to the application."
VIII. Independent claim 1 of auxiliary request 1 distinguishes itself from that of the main request in that the access rights information is modified by summing the difference between the time of the system clock and the time of the secure clock with a value indicating an original end time constraint of the access rights information set by a content provider from which the access rights information is received, and by summing the difference between the time of the system clock and the time of the secure clock with a value indicating an original start time constraint of the access rights information set by the content provider.
IX. Independent claim 1 of auxiliary request 2 distinguishes itself from that of auxiliary request 1 in that the method steps are carried out by a centralised access rights information management and storage component of the electronic device, acting in response to a request for access rights information from the application.
X. At the end of the oral proceedings, the chairman announced the board's decision.
Reasons for the Decision
1. The admissibility of the appeal
The appeal is admissible.
2. The invention
The invention relates to time-based access control for applications on an electronic device such as a mobile phone. Since users can freely change date, time and time zone on a mobile telephone, a secure clock should be used instead of the system clock. To use such secure time source in every application would however require substantial integration effort. Also, the presence of two different clocks would be confusing to the user.
The invention therefore foresees a centralised component in the phone, which calculates the difference between the time and date of the mobile phone's system clock and that of a secure clock. The access rights information is modified by the calculated difference, and the modified information is provided to the application when the rights information is needed (see par. [0020]).
3. Main request
3.1 According to the Reasons for the appealed decision (point 1.1), D1 discloses
a) a method of providing modified rights information to an application on an electronic device (Abstract, fig. 1, par. 81);
b) monitoring a system clock on the electronic device (par. 79; the user clock is monitored to check its accuracy);
c) monitoring a secure clock (par. 145, par. 80; the system time data is the secure clock data, the secure clock function is assured by the elements of paragraphs 88 and 49);
d) calculating the difference between a time of the system clock and a time of the secure clock (par. 94, par. 82; the correction of the time implies the calculation of a difference between them, 12g is doing the correction, the difference calculation is needed in order to identify the deviation of the system clock).
3.2 The following features of claim 1 are found not to be disclosed by D1:
e) modifying access rights information for the application by the difference between the time of the system clock and the time of the secure clock and
f) providing the modified access rights information to the application.
3.3 This difference is then said (in point 1.2) to solve the problem of how alternatively to manage the access rights in case of a time difference.
3.4 According to the decision (1.3), D1 in paragraph 142 discloses the modification of the access rights if the time is found to be invalid, which corresponds to the seventh embodiment. The decision considers this to be a motivation for the skilled person to start considering alternative access rights modifications.
3.5 The decision then argues (last paragraph of 1.3) that "Starting from the paragraphs 91 and 142 the person skilled in the art is aware of expressing the access rights in different forms and the modification of the access rights when a time modification takes place, for [whatever] reason. From this knowledge, the person skilled in the art is considered as being in a position to modify D1 to include new content access rules that are modifiable under the condition of time deviations. The access rules are considered as not being of [a] technical nature in the present case. The only technical consideration is the detection of a time deviation and the process of making available to the access rule system such a time deviation. The system of D1 provides such information to the rule system. The person skilled in the art is considered, within his implementation skills, to implement a different access permission rule that takes into consideration the information about the time provided by the system as an alternative to the rules present in D1. For these reasons the difference over D1 does not justify an inventive activity".
3.6 The appellant submits (grounds of appeal, section 2.2) that the fourth embodiment of D1 not only does not disclose features (e) and (f) but also does not disclose features (a) and (d).
3.7 With regard to feature (d), the appellant argues (ibid., paragraph bridging pages 6 and 7) that there are at least two ways in which the device of D1 could correct a user clock time on the basis of the system time. One way would indeed be as in feature (d), i.e. to calculate the difference between the system clock and the secure clock.
However, according to the appellant (ibid., second paragraph of page 7), a second, more straightforward - and therefore to the skilled person more attractive - possibility would be simply to compare the user clock time and the system time, and then to use the user clock time if the times were the same or the system time if they were different.
3.8 With regard to feature (e), the appellant argues (ibid., paragraph bridging pages 7 and 8) that in D1 the reproduction expiration time is adjusted by the counted period for which the system clock is invalid (paragraph 142 in D1), which could be, for instance, two days. In those two days, the difference between the system clock and the secure clock would not be two days but only some rather small value resulting from drift of the free-running system clock. The actual adjustment which takes place in D1 therefore does not correspond to the wording of feature (e) in claim 1.
3.9 With regard to the appellant's argument mentioned under 3.7 above, the board holds that the second possibility mentioned by the appellant is not the one which the skilled person would consider the most obvious manner of implementing the "fourth embodiment" mentioned in D1. As stated for instance in par. [0085] of D1, "the time obtained by correcting the time output from the user clock 21 based on system time data is used". The skilled person would normally not read this as meaning that simply the system time is used. Instead, he or she would normally assume that some correction is applied to the time obtained from the user clock, in the form of a "delta" equal to the difference between the time of the system clock and the time of the user clock. Such a delta would not necessarily be re-determined each time a comparison with the rights information took place.
The board further notes that the statement in D1 (which also relates to the fourth embodiment) according to which "[s]ystem time data can be acquired anywhere if a signal from a navigational satellite can be received" (see par. [0098], first sentence; emphasis by the board) clearly indicates that the system time is not always available. This means that the skilled person cannot rely on the possibility of correcting the user clock, every time this is needed, simply by taking the system time.
The board agrees that the skilled person would not necessarily apply the correction in the manner which the board has indicated, and feature (d) is therefore novel over the disclosure of D1. The board is however nevertheless of the opinion, for the above reasons, that the indicated manner of applying the correction is an obvious solution to a first partial problem, i.e. that of finding a way to apply the correction mentioned in D1.
3.10 The board agrees with the appellant that features (a), (e) and (f) are not disclosed in the "fourth embodiment" of D1.
In D1, the "access rights information" consists in a "reproduction expiration time", after which certain contents can no longer be reproduced by the terminal of D1 (see abstract of D1). In the fourth embodiment of D1, this time is not modified. Instead, the time output by the user clock is corrected (see par. [0082]) and this corrected time is compared with the reproduction expiration time (see par. [0083]).
3.11 However, replacing a comparison of the corrected system clock time with unmodified access rights information by a comparison of the uncorrected system clock time with modified access rights information achieves the same result. The result of the comparison operation is the same. The time required to modify the system clock time or the access rights information is also the same. Therefore, features (a), (e) and (f) do not solve the second partial problem formulated by the appellant in the grounds of appeal, page 6, paragraph 2, last sentence.
3.12 In its reply to the summons (point 12), the appellant proposes that said features solve another problem, i.e that of providing an alternative technical implementation for ensuring that access rights associated with content cannot be bypassed through user modification of an internal clock of a device.
3.13 The board holds that the alternative offered by features (a), (e) and (f) does not have a technical effect, given that said features only provide information to the application enabling it to enforce access rights. The actual enforcement, which could have been considered technical, is not part of the claimed subject-matter.
The alternative offered by features (a), (e) and (f) therefore does not contribute to the presence of an inventive step.
3.14 The board consequently judges that the subject-matter of claim 1 of the main request is not inventive (Article 56 EPC 1973).
4. Auxiliary request 1
The amendment to claim 1 introduced with auxiliary request 1 merely clarifies the claimed subject-matter in a manner in which it was already interpreted by the board in the above reasoning. It therefore does not affect said reasoning, and the subject-matter of claim 1 of auxiliary request 1 is consequently also not considered inventive (Article 56 EPC 1973).
5. Auxiliary request 2
5.1 The board holds that the additional features introduced in claim 1 of this request (see IX.) solve a problem that is unrelated to the problems mentioned above, without providing any synergistic effect.
The problem in question is that of having to integrate the secure clock into every application on the device.
5.2 According to the board, the skilled person would recognise this inconvenience and would want to avoid it.
5.3 A standard approach in automated systems is to delegate difficult tasks which need to be carried out by several applications to some central module. For instance, programs on a computer are not supposed to know the hardware details of a printer in order to generate a printed document. Instead, this task is delegated to the printer driver that is made available by the operating system.
5.4 In the present case, the skilled person would normally consider providing a "centralised component", most likely some software module, to implement the desired functionality, i.e. to ensure that, for each application, access to content is granted on the basis of the "correct" time as defined by the secure clock.
5.5 The skilled person would thus arrive at the subject-matter of claim 1 of auxiliary request 2 without inventive activity. This request consequently also does not satisfy the requirement of Article 56 EPC 1973.
Order
For these reasons it is decided that:
The appeal is dismissed.