Obviousness

Obviousness Analysis under 35 U.S.C. § 103 for US Patent 7,760,733

To determine the obviousness of US Patent 7,760,733, we must consider whether the differences between the claimed invention and the prior art would have been obvious at the time of the invention to a person having ordinary skill in the art (PHOSITA). This analysis involves the Graham factors: (1) the scope and content of the prior art; (2) the differences between the prior art and the claims; (3) the level of ordinary skill in the pertinent art; and (4) secondary considerations of non-obviousness. The Supreme Court's decision in KSR International Co. v. Teleflex Inc. further emphasizes a "common sense" approach, stating that a combination of familiar elements according to known methods is likely to be obvious if it yields predictable results. A PHOSITA is a hypothetical person who is presumed to know the relevant art and possess ordinary creativity, but is not an inventor or genius.

Level of Ordinary Skill in the Art (PHOSITA)

For US Patent 7,760,733, which relates to filtering ingress packets in network interface circuitry, a PHOSITA would likely have a strong background in computer networking, network interface card (NIC) architecture, and network protocol processing. This would include knowledge of TCP/IP, Ethernet, and data link layer operations, as well as an understanding of hardware-accelerated packet processing and filtering techniques. Educational attainment for such a person would likely include at least a bachelor's degree in computer science or electrical engineering, with several years of experience in network device development or system administration.

Scope and Content of Prior Art

The "Prior Art Citations" section of US7760733B1 lists numerous patents that were considered during its examination. Many of these references generally relate to intelligent network interface devices, TCP/IP offload engines, packet processing, and filtering in network environments. Key themes among these cited patents include:

• TCP/IP Offload Engines (TOE): Many patents, such as US6226680B1 (Alacritech, Inc.), US6389479B1 (Alacritech, Inc.), US20020095519A1 (Alacritech, Inc.), and US6434620B1 (Alacritech, Inc.), describe intelligent network interface devices capable of offloading TCP/IP protocol processing from the host CPU to the NIC. These typically involve managing connection states (e.g., TCBs) in hardware.
• Packet Filtering and Classification: References like US6594268B1 (Lucent Technologies Inc.) and US6798743B1 (Cisco Technology, Inc.) describe systems for adaptive routing and packet prioritization, which inherently involve some form of packet classification or filtering. US7031267B2 (802 Systems Llc) explicitly discusses PLD-based packet filtering methods with configuration data updates of filtering rules.
• Content-Addressable Memories (CAMs/TCAMs): Several patents, such as US6717946B1 (Cisco Technology Inc.) and US6792502B1 (Freescale Semiconductor, Inc.), address the use of associative memories (including CAMs) for efficient matching operations, which are highly relevant to high-speed packet classification and lookup.
• Network Address Translation (NAT) and Load Balancing: The background of US7760733B1 itself mentions that NAT devices and load balancers can be efficiently implemented through filtering rules. Prior art related to these functionalities would also be relevant.

Differences Between the Prior Art and the Claims

The independent claims (1, 9, 12, and 18) of US7760733B1 generally describe a method and apparatus where network interface circuitry performs both protocol offloading and explicit packet filtering, with a priority mechanism that favors offloaded protocol processing. The key distinctions appear to be:

• Explicit Prioritization of Offloaded Connections over General Filtering: The patent emphasizes that the lookup circuitry is "configured to automatically provide the indication of the highest priority action, associated with the received data, based not only on whether the portion of the received data presented to the lookup circuitry matches data associated with an indication of an action but also based on an order of the indications of the plurality of actions relative to each other in the lookup circuitry, the indications of protocol processing for connections that have been offloaded being located to indicate, when applicable to particular received data, a higher priority than the filtering actions" (Claim 1).
• Filtering for Non-Offloaded Connections: Claim 9 specifically highlights determining a filtering rule "if the data is not data of a connection that is offloaded from the host." This implies a comprehensive filtering capability beyond just connection-specific processing.
• TCAM Organization for Priority: The detailed description (FIG. 3) explains that the TCAM entries are organized into "active connection," "server," and "filter" regions, with the lowest index values assigned to active connections to ensure priority.

Obviousness Combinations and Motivations

A PHOSITA, at the time of the invention, would have been motivated to combine existing technologies to achieve the functionalities described in US7760733B1, primarily due to known problems in network performance and security. The problem of host CPU overhead due to packet processing and the need for efficient network-level filtering were well-recognized.

Combination 1: TCP/IP Offload Engine (e.g., US6226680B1) + Packet Filtering (e.g., US7031267B2) + CAM/TCAM (e.g., US6717946B1)

• References:

  • US6226680B1 (Intelligent network interface system method for protocol processing): This patent teaches an intelligent NIC capable of offloading protocol processing, such as TCP/IP, from the host. It inherently involves matching incoming packets to offloaded connections.
  • US7031267B2 (PLD-based packet filtering methods with PLD configuration data update of filtering rules): This reference discloses packet filtering methods and dynamic updates of filtering rules.
  • US6717946B1 (Methods and apparatus for mapping ranges of values into unique values of particular use for range matching operations using an associative memory): This patent describes the use of associative memories (like CAMs) for efficient range matching, which is highly suitable for packet classification and filtering.

• Motivation for Combination: A PHOSITA would recognize the benefits of integrating packet filtering directly into an intelligent NIC already performing protocol offload.

  • Efficiency: Offloading protocol processing was motivated by reducing host CPU load. Extending this offload to general packet filtering (even for non-offloaded connections) would further reduce host overhead, as the NIC is already inspecting packet headers. This is explicitly stated in US7760733B1 as an advantage: "since the packets headers are already being evaluated to determine if the packets are of offloaded connections, little (if any) additional processing is required in the intelligent interface circuitry to match the packets with filtering actions."
  • Performance: Using a CAM or TCAM (as taught by US6717946B1) within the NIC's processing pipeline (as shown in FIG. 1 and FIG. 2 of US7760733B1) for both connection matching and filtering would offer high-speed, parallel lookups, improving overall throughput. This capability is inherent in TCAMs, which can match multiple rules in parallel and provide results in a pipelined fashion.
  • Security: Implementing a firewall directly on the NIC, as suggested by US7760733B1, would provide an early and efficient defense against network attacks (e.g., DoS attacks) before packets even reach the host's main network stack. US7031267B2 already teaches dynamically updated filtering rules, which are crucial for adaptive security measures.
  • Known Functionality: The idea of "filtering" packets in the context of offloaded connections (even implicitly) was already present in offload engines (US6226680B1 states they "filter" packets by associating them with connections). A PHOSITA would find it obvious to make this filtering explicit and configurable for other traffic, especially given the availability of dedicated filtering techniques (US7031267B2) and high-performance lookup mechanisms (US6717946B1).

Combination 2: TCP/IP Offload Engine with Connection State (e.g., US20030204631A1) + Priority Mechanisms in Network Devices (e.g., US7583596B1)

• References:

  • US20030204631A1 (Method to synchronize and upload an offloaded network stack connection with a network stack): This patent describes a method for offloading network stack connections and maintaining connection state, which is central to the "protocol processing of received data for connections... for which the protocol processing has been offloaded."
  • US7583596B1 (Priority scheduling using per-priority memory structures): This patent teaches priority scheduling in network devices using memory structures, indicating that prioritization is a known concept in network traffic management.

• Motivation for Combination: Given that intelligent NICs were already managing connection states for offloaded protocols (US20030204631A1), and that various forms of prioritization were common in network devices (US7583596B1), a PHOSITA would be motivated to explicitly prioritize offloaded connection processing over general packet filtering.

  • Logical Extension: Offloaded connections are critical for high-performance applications, and ensuring their packets are processed with the highest priority is a natural design choice. If a packet belongs to an offloaded connection, it should logically take precedence over a general filtering rule.
  • Optimizing Resource Usage: By prioritizing offloaded connections, the NIC can efficiently dedicate resources to these critical flows, while still providing a fallback filtering mechanism for all other traffic. The TCAM's inherent ability to return the "first matching entry" (lowest index value) (as described in US7760733B1) would provide a straightforward hardware mechanism to implement such a priority scheme, especially if entries for offloaded connections are physically placed at lower indices.

Predictable Results: The combination of these known elements would yield predictable results: improved network performance by reducing host overhead, enhanced security through early packet filtering, and efficient resource allocation by prioritizing critical offloaded connections. These are all well-understood objectives in network system design. The specific implementation using a TCAM with ordered regions to achieve this prioritization (as described in US7760733B1) would be considered a predictable engineering choice for a PHOSITA looking to optimize performance in a hardware-accelerated network device.