T 1159/13 (Partitioned data libary II/HEWLETT PACKARD) 17-04-2019
System and method for managing access to multiple devices in a partitioned data library
Amendments - discretion to admit requests not admitted by the examining division (yes)
Inventive step - all requests (no)
Claims - clarity
Claims - third auxiliary request (no)
I. The applicant (appellant) appealed against the decision of the examining division refusing European patent application No. 02258773.7.
II. The examining division had decided that claims 1 and 8 of the main request were not clear and that the subject-matter of claims 1 to 10 of the main request lacked inventive step in view of the following documents:
D2:|EP 1 158 386 A, 28 November 2001; and|
D3:|EP 1 156 408 A, 21 November 2001.|
According to the decision's "Facts and Submissions" section, the examining division had exercised its discretion under Rule 137(3) EPC not to admit into the proceedings the first, second and third auxiliary requests.
III. In its statement of grounds of appeal, the appellant amended its main request and first to third auxiliary requests.
IV. In a communication accompanying the summons to oral proceedings, the board introduced the following document:
D5:|WO 99/34297, 8 July 1999.|
The board expressed, inter alia, the preliminary view that the subject-matter of claim 1 of the main request and each of the first to third auxiliary requests lacked inventive step in view of a combination of documents D3 and D5. It also raised a number of objections under Articles 84 and 123(2) EPC.
V. In a letter dated 28 January 2019, the appellant informed the board that it would not attend the oral proceedings.
VI. Oral proceedings were held on 17 April 2019 in the appellant's absence. At the end of the oral proceedings, the chair announced the board's decision.
VII. The appellant requested that the decision under appeal be set aside and that a patent be granted on the basis of the claims of the main request or, in the alternative, of one of the first to third auxiliary requests.
VIII. Claim 1 of the main request reads as follows:
"A partitioned data library system (200) with managed user access to device resources assigned to the partitions, said system characterised by:
a plurality of partitions (215-217) comprising at least one data transfer element (201-204) and at least one data storage element slot (205);
a library controller (213) comprising a virtual controller for each partition, each said virtual controller directing movement of data storage media to and from said slots assigned to a same partition and to and from said data transfer elements assigned to said same partition; and
at least one bridge (210,211) via which each user (101,102) of said data library system can connect to device resources in the form of the said data transfer elements and virtual controllers that are assigned to said partitions the user is allowed to access, wherein the or each said bridge is configured to present the device resources connected thereto that a user is allowed to access as logical components beginning at a same designation for each user regardless of which of the device resources connected to the bridge the user is allowed to access."
IX. Claim 1 of the first auxiliary request differs from claim 1 of the main request in that "managed user access" has been replaced with "managed host access" and in that the last paragraph of the claim has been replaced with:
"at least one bridge (210, 211) via which each host connected with said data library system can connect to device resources in the form of the said data transfer elements and virtual controllers that are assigned to said partitions the host is allowed to access, wherein the or each said bridge is configured to present the device resources connected thereto that a host is allowed to access as logical components beginning at a same designation for each host regardless of which of the device resources connected to the bridge the user is allowed to access."
X. Claim 1 of the second auxiliary request differs from claim 1 of the first auxiliary request in that "beginning at a same designation" has been replaced with "beginning at zero (LUN0)".
XI. Claim 1 of the third auxiliary request differs from claim 1 of the first auxiliary request in that the following text has been added at the end of the claim:
wherein at least one of said partitions (215-217) is secured and access to a particular one of said at least one secured partitions is restricted to said hosts having a unique host device identifier listed in a list of unique host device identifiers for access to said particular partition, said list of unique host device identifiers being maintained on said at least one bridge (210, 211)."
XII. The appellant's arguments, where relevant to the decision, are discussed in detail below.
1. The appeal complies with the provisions referred to in Rule 101 EPC and is therefore admissible.
2. The invention
2.1 The application relates to providing managed host access to small computer system interface (SCSI) devices of a partitioned data library that is connected to a fibre-channel (FC) network via an FC-to-SCSI bridge in a secure, yet operating-system-friendly, manner (page 5, lines 9 to 12). It proposes presenting different subsets of SCSI library devices to different initiating hosts on the basis of the initiating host's FC world wide name (WWN) (page 5, lines 12 to 15).
2.2 For some host operating systems or storage applications, problems may arise when the storage devices behind the FC-to-SCSI bridge that are visible to the host have logical unit number (LUN) designations that do not start at LUN0. This is because the operating system or the application may ignore devices at a SCSI-ID during boot-up if for that SCSI-ID no device at LUN0 is detected (page 5, lines 17 to 21). This problem is overcome by "presenting devices that start at LUN-0 regardless of the host accessing the FC-to-SCSI bridge" (page 5, lines 17 to 24).
3. The invention as defined by claim 1
3.1 Claim 1 is directed to a partitioned data library system "with managed user access to device resources assigned to the partitions". It is undisputed that, in the context of the present application, the term "user" has to be understood as "host", i.e. a computer accessing the data library via a storage area network (see page 4, second paragraph, of the statement of grounds of appeal).
3.2 The data library system comprises a number of partitions, each partition containing at least one data transfer element and at least one data storage element slot. It also comprises a library controller and at least one bridge.
3.3 The library controller includes a "virtual controller" for each partition. Each virtual controller directs movement of data storage media between the slots and the data transfer elements assigned to its partition.
3.4 The bridge connects hosts to the data library system. It is configured to "present" the data transfer elements and virtual controllers to which the bridge is connected and which belong to partitions that the host is permitted to access "as logical components beginning at a same designation for each user regardless of which of the device resources connected to the bridge the user is allowed to access". According to the appellant, the "regardless" clause is intended to express that a host may not have access to all of the device resources connected to a bridge (see page 5, section 3.1, of the statement of grounds of appeal).
The board therefore understands the "at least one bridge" feature of claim 1 as meaning that the bridge (i) allows each host to access only the data transfer elements and virtual controllers in partitions for which the host has access permission, and (ii) makes those resources visible to the host at LUN designations starting from a predetermined LUN designation (which could be LUN0).
4. Inventive step
4.1 Document D3 discloses a data library system, which is schematically shown in Figures 1 to 3. The system comprises a server machine 12 communicating through a SCSI bus with data library 14. The data library includes a library unit 16 (paragraph ), which has a recording medium storage section 30 and a recording medium reproduction section 32 (paragraph ). The recording medium storage section 30 contains 600 storage element slots ("pallets") 34 and is divided into three storage stations 300, 301 and 302, respectively containing 300 slots for CD-ROMs, 150 slots for DVD-RAMs and 150 slots for DVD-ROMs (paragraph ). The recording medium section 32 is divided into three reproduction stations 320, 321 and 322 corresponding to the three types of recording media (CD-ROMs, DVD-RAMs and DVD-ROMs), each station including one or more data transfer elements ("drives") (paragraph ). The library unit further includes a media transport element ("recording medium transfer section") for the transfer of recording media between slots (paragraph ).
4.2 The three reproduction stations 320, 321 and 322 with their respective storage stations 300, 301 and 302 form partitions or "virtual units" 360, 361 and 362 (paragraph ). The library unit 16 includes a library controller 40, which is logically divided into three controls 400, 401 and 402 with logical unit numbers LUN0, LUN1 and LUN2 corresponding to the partitions 360, 361 and 362 (paragraph ).
4.3 The library controller directs movement of CD-ROMs between slots of storage station 300 and data transfer elements of reproduction station 320 (paragraphs  and ). Likewise, it directs movement of DVD-RAMs and DVD-ROMs between slots of storage stations 301 and 302 and data transfer elements of respective reproduction stations 321 and 322 (paragraph ).
4.4 Although in Figure 1 of document D3 the data library 14 and the server machine are connected via a SCSI bus, paragraph  discloses that they may also be connected via a fibre-channel network, thus forming a storage area network. According to paragraph  of document D3, the data library may be connected to more than one server machine (or "hosts" of the storage area network).
4.5 The data library system of claim 1 therefore differs from the system disclosed in document D3 in that it comprises a bridge which (see point 3.4 above):
(a) allows each host to access only the data transfer elements and virtual controllers in partitions for which the host has access permission; and
(b) makes those resources visible to the host at LUN designations starting from a predetermined "same" LUN designation.
The board notes that these features give meaning to the claimed "managed user access to device resources assigned to the partitions", which is therefore not a separate difference.
4.6 In view of the description on page 5, lines 9 to 24, these differences are intended to solve the technical problem of controlling host access to partitions of the data library system, while avoiding incomplete detection of device resources by operating systems and storage applications (see points 2.1 and 2.2 above).
Although feature (b) is arguably formulated too broadly in that it should specify that the "same" designation is LUN0 (see point 2.2 above), for the purpose of assessing inventive step the board will accept this problem formulation.
4.7 The appellant argued that, since document D3 did not disclose restricted access to partitions, the above-mentioned problem did not arise and the teaching of document D3 pointed away from the claimed invention.
However, in the context of the problem-solution approach, once the problem has been formulated, the question to be answered is whether there is any teaching in the prior art as a whole that would have prompted the skilled person, faced with the objective technical problem, to modify or adapt the closest prior art to arrive at something falling within the terms of the claims (see Case Law of the Boards of Appeal, 8th edition, 2016, I.D.5). If the objective technical problem asks the skilled person to look for a way to control access to partitions, then it does not matter that document D3 itself fails to point in that direction.
In the present case, the board sees nothing in document D3 that would have prevented the skilled person from considering the problem posed, in particular because document D3 does contemplate allowing multiple server machines or hosts to access the data library (see point 4.4 above).
4.8 Starting from document D3 and faced with the problem posed, the skilled person would consider document D5, which deals with implementing access controls for storage space on SCSI storage devices (see abstract).
4.9 Document D5 discloses connecting hosts to storage devices 60, 62 and 64 by means of a fibre-channel interconnect 52 and a SCSI bus 54 bridged by a storage router 56 (see Figure 3 and page 9, lines 15 to 24). The storage router implements security controls and routing such that each host can access a host-specific subset of partitions on storage devices 60, 62 and 64 (page 9, line 25, to page 10, line 19).
In one embodiment, the storage router collapses the addresses on the SCSI bus to sequential FCP LUN values, thus presenting to an initiator (i.e. to a host initiating sessions with target SCSI devices) N+1 SCSI devices on the SCSI bus as FCP LUN values 0 to N (page 21, lines 17 to 25). This avoids the problem of incomplete discovery by initiator devices caused by legacy SCSI device drivers halting discovery on a target device at the first unoccupied LUN (page 21, lines 9 to 14).
To provide secure access in any desired configuration, the storage router can be configured to direct the same request for LUN0 by two different initiators to two different subsets of storage and to use tables to map, for each initiator, the storage access that is available and the partition that is being addressed by a particular request (page 22, lines 1 to 15).
4.10 Hence, document D5 proposes implementing access controls by providing, in the form of storage router 56, a bridge which allows a host to access the SCSI devices that it is allowed to access. Incomplete detection of target SCSI devices is avoided by presenting the devices at consecutive LUNs starting from LUN0. When applying this solution to the system disclosed in document D3, the skilled person would add a bridge implementing features (a) and (b) and therefore arrive at the subject-matter of claim 1 without the exercise of inventive skill.
4.11 Hence, the subject-matter of claim 1 of the main request lacks inventive step (Article 56 EPC).
First to third auxiliary requests
5. Admission into the appeal proceedings
5.1 The reasons for not admitting the first, second and third auxiliary requests under Rule 137(3) EPC are given only in the "Facts and submissions" section of the written decision and not in the "Reasons for the decision" section. This possibly reflects an erroneous assumption by the examining division that the non-admission of a request is not part of the appealable decision. Nevertheless, reasons were given.
5.2 The appellant argued that the examining division had incorrectly refused to admit the first, second and third auxiliary requests into the proceedings. The examining division had failed to take account of the guidance given in Guidelines for Examination, H-II, 2.3, which stated that the examiner should bear in mind the length of the proceedings to date and whether the applicant had already had sufficient opportunity to make amendments.
5.3 The examining division essentially argued that the first, second and third auxiliary requests did not overcome the inventive-step objection raised against the main request. That argument would have sufficed to conclude that the requests would not be allowable if they had been admitted, and it is independent of the length of the proceedings and of whether the appellant had already had sufficient opportunity for making amendments. This is therefore not a case where the examining division effectively cut short the appellant's attempts to claim allowable subject-matter. Since the applicability of Rule 137(3) EPC is not limited to late-filed amendments, the non-admission of the first, second and third auxiliary requests was not an abuse of discretion (see decision T 1816/11, reasons 2.5).
5.4 At the same time, since the examining division's reasons for non-admission of the first, second and third auxiliary requests are based exclusively on considerations relating directly to the compliance of the requests with a provision of substantive patent law, in the present case the board is in no way bound by the non-admission of these requests (see decisions T 1816/11, reasons 2.6; T 2343/13, reasons 7.7). Otherwise, the appellant would be deprived of a full judicial review of the examining division's assessment of substantive aspects of the case. The board therefore admits the (amended) first, second and third auxiliary requests into the appeal proceedings under Article 12(4) RPBA.
First auxiliary request
6. Claim 1 of the first auxiliary request differs from claim 1 of the main request essentially in that the term "user" has been replaced with "host". Since this does not change the board's interpretation of claim 1 (see point 3.1 above), the amendment does not overcome the objection of lack of inventive step (Article 56 EPC).
Second auxiliary request
7. Claim 1 of the second auxiliary request adds to claim 1 of the first auxiliary request that device resources are presented as logical components "beginning at zero (LUN0)". Since this feature is part of the solution proposed in document D5 (see point 4.9 above), the subject-matter of claim 1 of the second auxiliary request also lacks inventive step (Article 56 EPC).
Third auxiliary request
8.1 Claim 1 of the third auxiliary request adds to claim 1 of the first auxiliary request that at least one partition is "secured" and that access to "a particular one of said at least one secured partitions is restricted to said hosts having a unique host device identifier listed in a list of unique host device identifiers for access to said particular partition, said list of unique host device identifiers being maintained on said at least one bridge".
8.2 This amendment creates a lack of clarity in claim 1 because it is unclear what is meant by a "secured partition" (Article 84 EPC). This is because it follows from the words "a particular one" that a partition being "secured" is not the same as access to the partition being restricted on the basis of a white list of unique host device identifiers. And claim 1 does not state in what other way partitions are "secured".
9. Inventive step
9.1 In its communication, the board pointed out that the present application, on page 3, first paragraph, acknowledged that fibre-channel disk array firmware existing at the application's priority date could be configured to process a SCSI command attempting to access a (RAID) FC-LUN only if the WWN of the originating host was present in a list of authorised WWNs (see also paragraph  of the priority application). The appellant did not dispute this.
9.2 Hence, at the priority date, restricting access to device resources at a particular FC-LUN to hosts having a unique host device identifier (such as a WWN) listed in a list of unique host device identifiers was known. In the case of hosts accessing the FC-LUN via a bridge, it would have been obvious to let the bridge maintain the list and enforce this access-control measure.
9.3 The subject-matter of claim 1 of the third auxiliary request therefore lacks inventive step (Article 56 EPC).
10. Since none of the requests on file is allowable, the appeal is to be dismissed.
For these reasons it is decided that:
The appeal is dismissed.