Obviousness

Obviousness Analysis of US Patent 8,356,336 under 35 U.S.C. § 103

This analysis assesses the obviousness of US Patent 8,356,336, focusing on its independent claims (Claims 1, 9, and 16) and key dependent claims, in light of the identified prior art. The primary prior art reference considered is US Patent Application Publication US20040073941A1 to Ludvig (hereinafter "Ludvig"), which has a priority date of September 30, 2002, predating the March 10, 2004 priority date of US8356336.

Combination of Prior Art References and Motivation

The "System and method for double-capture/double-redirect to a different location" described in US8356336 focuses on enhancing network access control for anonymous users within a "walled garden" environment. A person having ordinary skill in the art (PHOSITA) at the time of the invention would have been motivated to improve the user experience for unauthenticated users in shared network environments while maintaining security and controlled access.

The core concepts of network access control, authentication, and "walled gardens" were well-known in the art. US8356336 itself explicitly references prior art for these concepts, such as US Patent Application Ser. No. 10/683,317 for "Access Controlled Network Sharing technology" and U.S. Provisional Application No. 60/551,702 for the "walled garden" concept. However, Ludvig (US20040073941A1) provides a more comprehensive disclosure that directly addresses the key elements of US8356336's claims.

The motivation to combine Ludvig's teachings with general knowledge of web technologies and user experience best practices would lead a PHOSITA to the claimed invention.

Obviousness of Independent Claims 1, 9, and 16

Independent Claims 1, 9, and 16 of US8356336 describe a method, a computer program product, and an apparatus, respectively, for automatically redirecting network traffic for anonymous users. The core functionality common to these claims involves:

1. A network access controller in a shared network with a "set of network destinations" (walled garden).
2. Intercepting an anonymous user's request for a network resource.
3. Determining if the resource is in the walled garden.
4. Directing the user to the resource if it's in the walled garden.
5. Redirecting the user to a "pre-authentication capture destination" if the resource is not in the walled garden.
6. Crucially, from this "pre-authentication capture destination," the anonymous user is "free to visit any of the set of network destinations... without authentication."

Ludvig (US20040073941A1) teaches the following, which directly addresses these elements:

• Network Access Controller in a Shared Network with a Walled Garden: Ludvig discloses a "network gateway" that facilitates access to "network sites" and implements a "dynamically created walled garden program" for "unauthorized users." This gateway acts as a network access controller in a shared network with a defined set of network destinations. [cite: US20040073941A1]
• Intercepting a Request from an Anonymous User: Ludvig's "network gateway" intercepts client requests and "determines if the user is authorized for full Internet access." An "unauthorized" user, in this context, is synonymous with an anonymous or unauthenticated user. [cite: US20040073941A1]
• Determining if the Network Resource is in the Walled Garden: Ludvig's gateway, upon identifying an unauthorized user, "determines if the requested site is part of a dynamically created walled garden program." [cite: US20040073941A1]
• Directing to the Resource if in the Walled Garden: If the requested site "is part of the walled garden program, the user is provided with access to the site" by Ludvig's system. [cite: US20040073941A1]
• Redirecting to a Pre-Authentication Capture Destination if Not in the Walled Garden: Ludvig states that "If the user is not authorized and the requested site is not part of the walled garden, the gateway can redirect the user to a default walled garden page." This "default walled garden page" functions as the "pre-authentication capture destination." [cite: US20040073941A1]
• Freedom to Visit Walled Garden from Capture Destination Without Authentication: A PHOSITA, in implementing Ludvig's "default walled garden page" as an entry point for unauthorized users, would be motivated to allow these users to freely navigate within the established "walled garden program" without further authentication. The inherent purpose of a "walled garden," as described by Ludvig, is to provide a curated set of accessible content for unauthenticated users. Restricting navigation within this designated safe space after an initial redirection would contradict the fundamental aim of providing controlled, yet useful, access. Therefore, ensuring the user is "free to visit any of the set of network destinations... without authentication" after redirection to the "default walled garden page" is an obvious design choice to enhance user experience and fulfill the core functionality of a walled garden.

Since Ludvig describes all the elements of Claim 1, and the motivation to provide free access within the walled garden from the default page is inherent to the concept of a walled garden itself, Claim 1 is rendered obvious by Ludvig. Consequently, Claims 9 and 16, which are simply method claims presented as a computer program product and an apparatus respectively, would also be obvious to a PHOSITA implementing Ludvig's system. Ludvig's system, being a network gateway, would necessarily comprise a processor and a computer-readable storage medium storing instructions. [cite: US20040073941A1]

Obviousness of Dependent Claims

• Claim 4 (and equivalents in Claims 11, 17): This claim adds redirecting the browser back to the pre-authentication capture destination if the anonymous user attempts to access any network resource not in the walled garden. Ludvig describes the "dynamic walled garden program" and states that if an unauthorized user attempts to access a site outside of it, they are redirected to the "default walled garden page." [cite: US20040073941A1] It would be an obvious and inherent security measure for a PHOSITA to re-apply this redirection every time an unauthorized user attempts to leave the walled garden, thereby maintaining the controlled access environment taught by Ludvig.
• Claims 5 and 7 (and equivalents in Claims 12, 14, 15, 19, 20): These claims introduce the concept of an "authentication token" within a second request to an external resource, which, when detected, redirects the user to an authentication page. Ludvig teaches that the "gateway can provide the user with the ability to register with or log in to a network service provider." [cite: US20040073941A1] A PHOSITA would be motivated to implement this authentication functionality efficiently. It was well-known in web development (as evidenced by general knowledge of HTTP standards like RFC-2616 and RFC-1738, which define URL query parameters) that parameters or "tokens" could be included in URLs to convey specific user intent or state information to a server or an intercepting network device. Therefore, using a unique token in a URL to signal a desire to authenticate, thereby triggering a redirect to a dedicated authentication page by the network access controller (Ludvig's gateway), rather than simply redirecting back to the default walled garden page, would be an obvious engineering solution for providing flexible and managed authentication access without requiring every walled garden page to explicitly know the authentication URL.

In conclusion, the system and method for double-capture/double-redirect to a different location as claimed in US8356336 would have been obvious to a person having ordinary skill in the art in light of Ludvig (US20040073941A1) and general knowledge of web technologies at the time of the invention.