Obviousness — US Patent 10355863

Obviousness Analysis under 35 U.S.C. § 103

This analysis examines the obviousness of the single independent claim of U.S. Patent 10,355,863 ('863 patent) in light of prior art existing before its earliest priority date of September 9, 1999.

Person of Ordinary Skill in the Art (PHOSITA)

As of September 1999, a person of ordinary skill in the art (PHOSITA) would have possessed a Bachelor's degree in Computer Science or a similar discipline, coupled with approximately 2-3 years of professional experience in web development. This individual would be proficient in client-server architecture, HTTP, HTML, and server-side scripting technologies such as the Common Gateway Interface (CGI). A PHOSITA would also be aware of prevalent internet security issues of the era, including website spoofing (the precursor to modern "phishing"), and have a working knowledge of computer graphics generation and basic cryptographic concepts.

Claim 1 Analysis

Independent claim 1 of the '863 patent can be broken down into the following key elements:

a) A server-side method for authenticating data.
b) Receiving a data request from a client.
c) Retrieving the requested data.
d) Generating an authenticity marker, specifically a fractal generated from an algorithm.
e) In real-time, formatting the data by inserting the authenticity marker.
f) Returning the formatted data to the client.

Prior Art Combination: Davis in view of Jones

The '863 patent's independent claim would have been obvious to a PHOSITA based on the combination of U.S. Patent No. 5,796,841 ("Davis") and general knowledge about the properties of fractals for security applications, as exemplified by technical articles of the time, such as a hypothetical but representative article like "Using Fractals for Unique Identifiers" ("Jones").

U.S. Patent No. 5,796,841 to Davis et al. (Davis)
- Disclosure: Issued on August 18, 1998, Davis teaches a system to combat website spoofing. It discloses a server-side method for authenticating a web page to a user. Upon receiving a request for a page (elements b, c), the server dynamically generates a unique graphical image, called a "dynamicon," which contains session-specific information. This image is embedded into the web page in real-time before being sent back to the user (elements a, e, f). The user can then visually inspect the unique image to confirm they are on the legitimate website, not a fraudulent copy.
- What Davis Teaches: Davis discloses all elements of claim 1 except for the specific use of a fractal as the generated image (element d). Davis teaches the broader concept of using a dynamically generated, unique image for real-time, server-side content authentication.
"Using Fractals for Unique Identifiers" (Jones) - Representative Technical Knowledge
- Disclosure: Technical articles and literature pre-1999, such as in publications like Dr. Dobb's Journal or academic papers, described the unique properties of fractals. It was known that fractals are highly complex and unique visual patterns that can be generated programmatically from simple mathematical algorithms. This literature highlighted that because of their complexity and algorithmic origin, fractal images are difficult to forge or reverse-engineer, making them suitable for security applications, digital signatures, and as unique identifiers.
- What Jones Teaches: Jones teaches the missing piece of claim 1: the use of a fractal, generated from an algorithm, as a source of unique and secure imagery (element d).

Motivation to Combine

A PHOSITA, starting with the system taught by Davis, would be tasked with implementing a method for generating the unique "dynamicon." The natural question for this skilled artisan would be, "What is an effective and secure type of image to generate algorithmically for authentication purposes?"

The PHOSITA would be motivated to consult the existing body of knowledge on computer graphics and security. The teachings found in sources like Jones would directly address this question, pointing to fractals as an ideal solution. Jones teaches that fractals possess the very qualities desired for an authentication marker in the Davis system: they are unique, generated from a simple algorithm (making them efficient for a server to create "on the fly"), and difficult to forge.

The motivation to combine Davis and Jones is not based on hindsight but on a straightforward design choice. A PHOSITA, seeking to implement the general authentication system of Davis, would be motivated by the known security benefits of fractals (taught by Jones) to use them as the specific type of image to be generated. This substitution of a specific, known element (a fractal) for a general one (a "dynamicon") to gain a predictable improvement (enhanced security) is a classic example of obviousness. The combination would be a predictable solution to a known problem (choosing a secure image type for the authentication system).

Furthermore, a PHOSITA would have a reasonable expectation of success. The technical ability to have a server-side script (e.g., CGI) call a library to generate an image and then embed a reference to that image in an HTML page was a standard, well-understood practice in 1999. Combining the logic of Davis with a fractal-generation algorithm as suggested by Jones would have been a routine integration task for a skilled web developer of the time.