T 1159/13 (Partitioned data libary II/HEWLETT PACKARD) 17-04-2019

1. The appeal complies with the provisions referred to in Rule 101 EPC and is therefore admissible.

2. The invention

2.1 The application relates to providing managed host access to small computer system interface (SCSI) devices of a partitioned data library that is connected to a fibre-channel (FC) network via an FC-to-SCSI bridge in a secure, yet operating-system-friendly, manner (page 5, lines 9 to 12). It proposes presenting different subsets of SCSI library devices to different initiating hosts on the basis of the initiating host's FC world wide name (WWN) (page 5, lines 12 to 15).

2.2 For some host operating systems or storage applications, problems may arise when the storage devices behind the FC-to-SCSI bridge that are visible to the host have logical unit number (LUN) designations that do not start at LUN0. This is because the operating system or the application may ignore devices at a SCSI-ID during boot-up if for that SCSI-ID no device at LUN0 is detected (page 5, lines 17 to 21). This problem is overcome by "presenting devices that start at LUN-0 regardless of the host accessing the FC-to-SCSI bridge" (page 5, lines 17 to 24).

Main request

3. The invention as defined by claim 1

3.1 Claim 1 is directed to a partitioned data library system "with managed user access to device resources assigned to the partitions". It is undisputed that, in the context of the present application, the term "user" has to be understood as "host", i.e. a computer accessing the data library via a storage area network (see page 4, second paragraph, of the statement of grounds of appeal).

3.2 The data library system comprises a number of partitions, each partition containing at least one data transfer element and at least one data storage element slot. It also comprises a library controller and at least one bridge.

3.3 The library controller includes a "virtual controller" for each partition. Each virtual controller directs movement of data storage media between the slots and the data transfer elements assigned to its partition.

3.4 The bridge connects hosts to the data library system. It is configured to "present" the data transfer elements and virtual controllers to which the bridge is connected and which belong to partitions that the host is permitted to access "as logical components beginning at a same designation for each user regardless of which of the device resources connected to the bridge the user is allowed to access". According to the appellant, the "regardless" clause is intended to express that a host may not have access to all of the device resources connected to a bridge (see page 5, section 3.1, of the statement of grounds of appeal).

The board therefore understands the "at least one bridge" feature of claim 1 as meaning that the bridge (i) allows each host to access only the data transfer elements and virtual controllers in partitions for which the host has access permission, and (ii) makes those resources visible to the host at LUN designations starting from a predetermined LUN designation (which could be LUN0).

4. Inventive step

4.1 Document D3 discloses a data library system, which is schematically shown in Figures 1 to 3. The system comprises a server machine 12 communicating through a SCSI bus with data library 14. The data library includes a library unit 16 (paragraph [0009]), which has a recording medium storage section 30 and a recording medium reproduction section 32 (paragraph [0011]). The recording medium storage section 30 contains 600 storage element slots ("pallets") 34 and is divided into three storage stations 300, 301 and 302, respectively containing 300 slots for CD-ROMs, 150 slots for DVD-RAMs and 150 slots for DVD-ROMs (paragraph [0012]). The recording medium section 32 is divided into three reproduction stations 320, 321 and 322 corresponding to the three types of recording media (CD-ROMs, DVD-RAMs and DVD-ROMs), each station including one or more data transfer elements ("drives") (paragraph [0013]). The library unit further includes a media transport element ("recording medium transfer section") for the transfer of recording media between slots (paragraph [0010]).

4.2 The three reproduction stations 320, 321 and 322 with their respective storage stations 300, 301 and 302 form partitions or "virtual units" 360, 361 and 362 (paragraph [0014]). The library unit 16 includes a library controller 40, which is logically divided into three controls 400, 401 and 402 with logical unit numbers LUN0, LUN1 and LUN2 corresponding to the partitions 360, 361 and 362 (paragraph [0016]).

4.3 The library controller directs movement of CD-ROMs between slots of storage station 300 and data transfer elements of reproduction station 320 (paragraphs [0019] and [0020]). Likewise, it directs movement of DVD-RAMs and DVD-ROMs between slots of storage stations 301 and 302 and data transfer elements of respective reproduction stations 321 and 322 (paragraph [0020]).

4.4 Although in Figure 1 of document D3 the data library 14 and the server machine are connected via a SCSI bus, paragraph [0024] discloses that they may also be connected via a fibre-channel network, thus forming a storage area network. According to paragraph [0025] of document D3, the data library may be connected to more than one server machine (or "hosts" of the storage area network).

4.5 The data library system of claim 1 therefore differs from the system disclosed in document D3 in that it comprises a bridge which (see point 3.4 above):

(a) allows each host to access only the data transfer elements and virtual controllers in partitions for which the host has access permission; and

(b) makes those resources visible to the host at LUN designations starting from a predetermined "same" LUN designation.

The board notes that these features give meaning to the claimed "managed user access to device resources assigned to the partitions", which is therefore not a separate difference.

4.6 In view of the description on page 5, lines 9 to 24, these differences are intended to solve the technical problem of controlling host access to partitions of the data library system, while avoiding incomplete detection of device resources by operating systems and storage applications (see points 2.1 and 2.2 above).

Although feature (b) is arguably formulated too broadly in that it should specify that the "same" designation is LUN0 (see point 2.2 above), for the purpose of assessing inventive step the board will accept this problem formulation.

4.7 The appellant argued that, since document D3 did not disclose restricted access to partitions, the above-mentioned problem did not arise and the teaching of document D3 pointed away from the claimed invention.

However, in the context of the problem-solution approach, once the problem has been formulated, the question to be answered is whether there is any teaching in the prior art as a whole that would have prompted the skilled person, faced with the objective technical problem, to modify or adapt the closest prior art to arrive at something falling within the terms of the claims (see Case Law of the Boards of Appeal, 8th edition, 2016, I.D.5). If the objective technical problem asks the skilled person to look for a way to control access to partitions, then it does not matter that document D3 itself fails to point in that direction.

In the present case, the board sees nothing in document D3 that would have prevented the skilled person from considering the problem posed, in particular because document D3 does contemplate allowing multiple server machines or hosts to access the data library (see point 4.4 above).

4.8 Starting from document D3 and faced with the problem posed, the skilled person would consider document D5, which deals with implementing access controls for storage space on SCSI storage devices (see abstract).

4.9 Document D5 discloses connecting hosts to storage devices 60, 62 and 64 by means of a fibre-channel interconnect 52 and a SCSI bus 54 bridged by a storage router 56 (see Figure 3 and page 9, lines 15 to 24). The storage router implements security controls and routing such that each host can access a host-specific subset of partitions on storage devices 60, 62 and 64 (page 9, line 25, to page 10, line 19).

In one embodiment, the storage router collapses the addresses on the SCSI bus to sequential FCP LUN values, thus presenting to an initiator (i.e. to a host initiating sessions with target SCSI devices) N+1 SCSI devices on the SCSI bus as FCP LUN values 0 to N (page 21, lines 17 to 25). This avoids the problem of incomplete discovery by initiator devices caused by legacy SCSI device drivers halting discovery on a target device at the first unoccupied LUN (page 21, lines 9 to 14).

To provide secure access in any desired configuration, the storage router can be configured to direct the same request for LUN0 by two different initiators to two different subsets of storage and to use tables to map, for each initiator, the storage access that is available and the partition that is being addressed by a particular request (page 22, lines 1 to 15).

4.10 Hence, document D5 proposes implementing access controls by providing, in the form of storage router 56, a bridge which allows a host to access the SCSI devices that it is allowed to access. Incomplete detection of target SCSI devices is avoided by presenting the devices at consecutive LUNs starting from LUN0. When applying this solution to the system disclosed in document D3, the skilled person would add a bridge implementing features (a) and (b) and therefore arrive at the subject-matter of claim 1 without the exercise of inventive skill.

4.11 Hence, the subject-matter of claim 1 of the main request lacks inventive step (Article 56 EPC).

First to third auxiliary requests

5. Admission into the appeal proceedings

5.1 The reasons for not admitting the first, second and third auxiliary requests under Rule 137(3) EPC are given only in the "Facts and submissions" section of the written decision and not in the "Reasons for the decision" section. This possibly reflects an erroneous assumption by the examining division that the non-admission of a request is not part of the appealable decision. Nevertheless, reasons were given.

5.2 The appellant argued that the examining division had incorrectly refused to admit the first, second and third auxiliary requests into the proceedings. The examining division had failed to take account of the guidance given in Guidelines for Examination, H-II, 2.3, which stated that the examiner should bear in mind the length of the proceedings to date and whether the applicant had already had sufficient opportunity to make amendments.

5.3 The examining division essentially argued that the first, second and third auxiliary requests did not overcome the inventive-step objection raised against the main request. That argument would have sufficed to conclude that the requests would not be allowable if they had been admitted, and it is independent of the length of the proceedings and of whether the appellant had already had sufficient opportunity for making amendments. This is therefore not a case where the examining division effectively cut short the appellant's attempts to claim allowable subject-matter. Since the applicability of Rule 137(3) EPC is not limited to late-filed amendments, the non-admission of the first, second and third auxiliary requests was not an abuse of discretion (see decision T 1816/11, reasons 2.5).

5.4 At the same time, since the examining division's reasons for non-admission of the first, second and third auxiliary requests are based exclusively on considerations relating directly to the compliance of the requests with a provision of substantive patent law, in the present case the board is in no way bound by the non-admission of these requests (see decisions T 1816/11, reasons 2.6; T 2343/13, reasons 7.7). Otherwise, the appellant would be deprived of a full judicial review of the examining division's assessment of substantive aspects of the case. The board therefore admits the (amended) first, second and third auxiliary requests into the appeal proceedings under Article 12(4) RPBA.

First auxiliary request

6. Claim 1 of the first auxiliary request differs from claim 1 of the main request essentially in that the term "user" has been replaced with "host". Since this does not change the board's interpretation of claim 1 (see point 3.1 above), the amendment does not overcome the objection of lack of inventive step (Article 56 EPC).

Second auxiliary request

7. Claim 1 of the second auxiliary request adds to claim 1 of the first auxiliary request that device resources are presented as logical components "beginning at zero (LUN0)". Since this feature is part of the solution proposed in document D5 (see point 4.9 above), the subject-matter of claim 1 of the second auxiliary request also lacks inventive step (Article 56 EPC).

Third auxiliary request

8. Clarity

8.1 Claim 1 of the third auxiliary request adds to claim 1 of the first auxiliary request that at least one partition is "secured" and that access to "a particular one of said at least one secured partitions is restricted to said hosts having a unique host device identifier listed in a list of unique host device identifiers for access to said particular partition, said list of unique host device identifiers being maintained on said at least one bridge".

8.2 This amendment creates a lack of clarity in claim 1 because it is unclear what is meant by a "secured partition" (Article 84 EPC). This is because it follows from the words "a particular one" that a partition being "secured" is not the same as access to the partition being restricted on the basis of a white list of unique host device identifiers. And claim 1 does not state in what other way partitions are "secured".

9. Inventive step

9.1 In its communication, the board pointed out that the present application, on page 3, first paragraph, acknowledged that fibre-channel disk array firmware existing at the application's priority date could be configured to process a SCSI command attempting to access a (RAID) FC-LUN only if the WWN of the originating host was present in a list of authorised WWNs (see also paragraph [0005] of the priority application). The appellant did not dispute this.

9.2 Hence, at the priority date, restricting access to device resources at a particular FC-LUN to hosts having a unique host device identifier (such as a WWN) listed in a list of unique host device identifiers was known. In the case of hosts accessing the FC-LUN via a bridge, it would have been obvious to let the bridge maintain the list and enforce this access-control measure.

9.3 The subject-matter of claim 1 of the third auxiliary request therefore lacks inventive step (Article 56 EPC).

Conclusion

10. Since none of the requests on file is allowable, the appeal is to be dismissed.