Paper 34
`Trials@uspto.gov
`Entered: October 18, 2016
`
`571-272-7822
`UNITED STATES PATENT AND TRADEMARK OFFICE
`_______________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`_______________
`
`APPLE INC.,
`Petitioner,
`
`v.
`
`VIRNETX INC.,
`Patent Owner.
`_______________
`
`Case IPR2015-01009
`Patent 8,843,643 B2
`_______________
`
`
`
`Before KARL D. EASTHOM, ROBERT J. WEINSCHENK, and
`BETH Z. SHAW, Administrative Patent Judges.
`
`WEINSCHENK, Administrative Patent Judge.
`
`FINAL WRITTEN DECISION
`35 U.S.C. § 318(a) and 37 C.F.R. § 42.73
`
`
`
`
`
`
`
`Trials@uspto.gov
`Entered: October 18, 2016
`
`571-272-7822
`UNITED STATES PATENT AND TRADEMARK OFFICE
`_______________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`_______________
`
`APPLE INC.,
`Petitioner,
`
`v.
`
`VIRNETX INC.,
`Patent Owner.
`_______________
`
`Case IPR2015-01009
`Patent 8,843,643 B2
`_______________
`
`
`
`Before KARL D. EASTHOM, ROBERT J. WEINSCHENK, and
`BETH Z. SHAW, Administrative Patent Judges.
`
`WEINSCHENK, Administrative Patent Judge.
`
`FINAL WRITTEN DECISION
`35 U.S.C. § 318(a) and 37 C.F.R. § 42.73
`
`
`
`
`
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`
`INTRODUCTION
`I.
`Apple Inc. (“Petitioner”) filed a Petition (Paper 1, “Pet.”) requesting
`an inter partes review of claims 1–9, 12–24, and 27–32 of U.S. Patent No.
`8,843,643 B2 (Ex. 1001, “the ’643 patent”). VirnetX Inc. (“Patent Owner”)
`filed a Preliminary Response (Paper 6, “Prelim. Resp.”) to the Petition. On
`October 29, 2015, we instituted an inter partes review of claims 1–9, 12–24,
`and 27–32 (“the challenged claims”) of the ’643 patent on the following
`grounds:
`Claim(s)
`1–9, 12, 14,
`17–24, 27,
`and 29
`1, 13, 15–17,
`28, and 30–
`32
`
`Applied Reference(s)
`Statutory Basis
`35 U.S.C. § 102(a) Microsoft Windows 2000
`Professional Resource Kit (2000)
`(Ex. 1005, “Windows Resource Kit”)
`35 U.S.C. § 103(a) Windows Resource Kit; Microsoft
`Internet Explorer 5 Resource Kit
`(1999) (Ex. 1006, “IE5 Resource
`Kit”); and Elgamal et al., U.S. Patent
`No. 5,657,390 (issued Aug. 12, 1997)
`(Ex. 1007, “Elgamal”)
`
`Paper 9 (“Dec. on Inst.”), 9.
`After institution, Patent Owner filed a Response (Paper 15, “PO
`Resp.”) to the Petition, and Petitioner filed a Reply (Paper 23, “Pet. Reply”)
`to the Response. An oral hearing was held on July 19, 2016, and a transcript
`of the hearing is included in the record. Paper 32 (“Tr.”).
`We issue this Final Written Decision pursuant to 35 U.S.C. § 318(a)
`and 37 C.F.R. § 42.73. For the reasons set forth below, Petitioner has shown
`by a preponderance of the evidence that claims 1–9, 14, 17–24, and 29 of the
`’643 patent are unpatentable, but Petitioner has not shown by a
`preponderance of the evidence that claims 12, 13, 15, 16, 27, 28, and 30–32
`of the ’643 patent are unpatentable.
`
`2
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`
`Related Proceedings
`A.
`The parties indicate that the Petition in this case is related to the
`petition for inter partes review in IPR2015-01010, which also involves the
`’643 patent. Pet. 2; Paper 5, 2. Patent Owner indicates that certain patents
`related to the ’643 patent are at issue in various inter partes reviews,
`reexaminations, and district court cases. Paper 5, 2–12.
`The ’643 Patent
`B.
`The ’643 patent relates to, inter alia, establishing a secure
`communication link between a computer and a server without a user of the
`computer having to enter any identification information, passwords, or
`encryption keys. Ex. 1001, col. 48, l. 66–col. 49, l. 1, col. 50, ll. 9–16. For
`example, a user of a computer may connect to a non-secure server by
`entering a domain name for the non-secure server in a Web browser. Id. at
`col. 49, ll. 21–32. The user then can enable a secure communication mode
`simply by clicking a “go secure” hyperlink in the Web browser. Id. at col.
`50, ll. 9–12. The ’643 patent explains that a software module on the
`computer automatically replaces the domain name for the non-secure server
`with a secure domain name. Id. at col. 50, ll. 22–25. The software module
`then sends a query using the secure domain name to a secure domain name
`service (“SDNS”). Id. at col. 50, ll. 49–53. In response to the query, the
`SDNS returns an address for a secure server. Id. at col. 51, ll. 39–42. The
`computer then accesses the secure server through a virtual private network
`(“VPN”) communication link. Id. at col. 51, ll. 57–59.
`Illustrative Claim
`C.
`Claims 1 and 17 are independent. Claim 1 is reproduced below.
`
`
`
`3
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`
`1. A method for establishing an encrypted communication
`link between a first device and a second device over a
`communication network, the method comprising:
`enabling, at the first device, a secure communication mode
`without a user entering any cryptographic information for
`establishing the secure communication mode; and
`establishing, based on a determination that the secure
`communication mode has been enabled,
`the encrypted
`communication link between the first device and the second
`device over the communication network, the establishing
`including:
`constructing a domain name based on an identifier
`associated with the second device;
`sending a query using the domain name;
`receiving, in response to the query, at least one network
`address associated with the domain name; and
`initiating establishment of the encrypted communication
`link between the first device and the second device over the
`communication network using the at least one network address
`and encrypted communication link resources received from a
`server that is separate from the first device.
`Ex. 1001, col. 55, ll. 46–67.
`
`II. ANALYSIS
`A. Claim Construction
`The claims of an unexpired patent are interpreted using the broadest
`reasonable interpretation in light of the specification of the patent in which
`they appear. 37 C.F.R. § 42.100(b); Cuozzo Speed Techs., LLC v. Lee, 136
`S. Ct. 2131, 2144–45 (2016). The parties propose construing several claim
`terms in the ’643 patent. Pet. 8–14; PO Resp. 4–22. For the reasons
`discussed below, we determine that no claim terms require express
`construction to resolve the parties’ disputes regarding the asserted grounds
`
`4
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`of unpatentability in this case. See infra Sections II.B–II.C; Vivid Techs.,
`Inc. v. Am. Sci. & Eng’g, Inc., 200 F.3d 795, 803 (Fed. Cir. 1999) (“[O]nly
`those terms need be construed that are in controversy, and only to the extent
`necessary to resolve the controversy.”).
`Anticipation of Claims 1–9, 12, 14, 17–24, 27, and 29 by
`B.
`Windows Resource Kit
`Petitioner argues that claims 1–9, 12, 14, 17–24, 27, and 29 are
`anticipated by Windows Resource Kit. Pet. 3. A claim is anticipated if each
`limitation of the claim is disclosed in a single prior art reference arranged as
`in the claim. Net MoneyIN, Inc. v. VeriSign, Inc., 545 F.3d 1359, 1369 (Fed.
`Cir. 2008). We have considered the parties’ arguments and supporting
`evidence. We determine that Petitioner has shown by a preponderance of
`the evidence that claims 1–9, 14, 17–24, and 29 are anticipated by Windows
`Resource Kit, but Petitioner has not shown by a preponderance of the
`evidence that claims 12 and 27 are anticipated by Windows Resource Kit.
`Overview of Windows Resource Kit
`1.
`Windows Resource Kit is a guide for installing, configuring, and
`supporting Windows 2000. Ex. 1005, xxxiii. Windows Resource Kit
`describes, inter alia, configuring a computer with Windows 2000 to
`communicate with other computers on a network. Id. at 948. For example,
`Windows Resource Kit explains that a user can select a security policy on a
`Windows 2000 computer to ensure that communications with other
`computers are secure. Id. at 1021–1025. Windows Resource Kit also
`describes the Domain Name System (“DNS”) that a Windows 2000
`computer uses to communicate with other computers on a network. Id. at
`964. Specifically, Windows Resource Kit explains that a Windows 2000
`computer sends a query containing a domain name associated with another
`
`5
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`computer to a DNS. Id. The DNS then responds to the query with an
`Internet Protocol (“IP”) address. Id. at 964, 986. The Windows 2000
`computer uses that IP address to locate the other computer on the network.
`Id. at 1006. Based on the security policy selected on the Windows 2000
`computer, the two computers may establish an encrypted communication
`link. Id. at 1021–1022.
`Claim 1
`2.
`Claim 1 recites “enabling, at the first device, a secure communication
`mode without a user entering any cryptographic information for establishing
`the secure communication mode.” Ex. 1001, col. 55, ll. 49–51. Windows
`Resource Kit discloses enabling a secure communication mode on a
`computer by selecting one of several default IP security policies using an IP
`security dialog box and without entering any other information. Pet. 20–21;
`Ex. 1003 ¶¶ 188–189; Ex. 1005, 1024–1025. The “Secure Server” (or
`“High”) policy, for example, requires that “all outgoing communications are
`secured” and that “[a]ll unsecured incoming communications are rejected.”
`Pet. 21; Ex. 1003 ¶¶ 189–190; Ex. 1005, 1025.
`Patent Owner argues that Windows Resource Kit does not disclose
`enabling a secure communication mode without a user entering any
`cryptographic information. PO Resp. 22–24. Specifically, Patent Owner
`argues that Windows Resource Kit requires the user to select a security
`policy, and, thus, requires the user to identify a specific encryption function.
`Id. at 23–24 (citing Ex. 2015 ¶¶ 38–39). Patent Owner’s argument is not
`persuasive. Neither Patent Owner nor Patent Owner’s declarant, Dr. Fabian
`Monrose, explains specifically how selecting one of the default IP security
`policies in Windows Resource Kit identifies a specific encryption function.
`
`6
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`PO Resp. 22–24; Ex. 2015 ¶¶ 38–39; Ex. 1046, 74:14–75:22. Further,
`contrary to Patent Owner’s argument, Windows Resource Kit discloses that
`selecting one of the default IP security policies simply indicates whether a
`communication is secure, not a specific encryption function. Ex. 1003
`¶¶ 189–190; Ex. 1005, 1024–1025. This disclosure in Windows Resource
`Kit is consistent with the written description in the ’643 patent, which
`explains that clicking a “go secure” hyperlink indicates whether a
`communication is secure, but not a specific encryption function. Ex. 1001,
`col. 50, ll. 9–19.
`Claim 1 recites “establishing, based on a determination that the secure
`communication mode has been enabled, the encrypted communication link
`between the first device and the second device over the communication
`network.” Ex. 1001, col. 55, ll. 52–55. Windows Resource Kit discloses the
`procedure for establishing an IP security session between a first computer
`(Computer A) and a second computer (Computer B). Pet. 22–23; Ex. 1003
`¶¶ 195–198; Ex. 1005, 1021–1022, Fig. 22.19. Specifically, Windows
`Resource Kit states the following:
`2. IPSec checks IP Security Group Policy settings on Computer
`A to determine the computer’s active IP Security policy. The
`default policies allow a computer to demand secure
`communication,
`to request secure communication but
`proceed unsecurely if necessary, or to never request IP
`security.
`3. Computer A begins security negotiations with Computer B.
`The two computers exchange public keys and establish a
`shared, secret key that is created independently at both ends
`without being transmitted across the network.
`
`Ex. 1005, 1021–1022. In other words, Windows Resource Kit discloses that
`the first computer determines which IP security policy was selected by the
`
`7
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`user, and, based on that determination, begins negotiations with the second
`computer to establish an encrypted communication link. Ex. 1003 ¶¶ 185–
`186, 197–198; Ex. 1005, 1021–1022, Fig. 22.19.
`Patent Owner argues that Windows Resource Kit does not disclose
`establishing an encrypted communication link based on a determination that
`the secure communication mode has been enabled because selecting an IP
`security policy in Windows Resource Kit does not trigger the establishment
`of an encrypted communication link between two computers. PO Resp. 25–
`28 (citing Ex. 2015 ¶¶ 42–46). Patent Owner’s argument is not persuasive.
`Claim 1 recites that establishing the encrypted communication link is “based
`on” a determination that the secure communication mode has been enabled.
`Ex. 1001, col. 55, ll. 52–55. In contrast, claim 16, which depends from
`claim 1, recites that establishing the encrypted communication link is
`“trigger[ed]” by enablement of the secure communication mode. Id. at col.
`57, ll. 9–11. The use of different terms in claims 1 and 16 indicates that the
`phrase “based on” in claim 1 is not limited to the “trigger[ing]” recited in
`claim 16. See Liebel-Flarsheim Co. v. Medrad, Inc., 358 F.3d 898, 910
`(Fed. Cir. 2004).
`The specification of the ’643 patent also indicates that the phrase
`“based on” in claim 1 does not require triggering the establishment of an
`encrypted communication link. Although, as Patent Owner points out, the
`’643 patent describes an embodiment in which clicking a “go secure”
`hyperlink triggers the establishment of an encrypted communication link
`(PO Resp. 27–28 (citing Ex. 1001, col. 49, ll. 44–46, col. 50, ll. 9–22, Fig.
`34)), the ’643 patent is not limited to that embodiment. For example, the
`’643 patent also explains that “the user can optionally specify that all
`
`8
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`communication links established over computer network 3302 are secure
`communication links” and, thus, “anytime that a communication link is
`established, the link is a VPN link.” Ex. 1001, col. 52, ll. 10–14. In other
`words, a user can enable a secure communication mode once for all future
`communication links so that “the user need not ‘click’ on the secure option
`each time secure communication is to be effected.” Id. at col. 52, ll. 16–19.
`As such, in this embodiment in the ’643 patent, the establishment of an
`encrypted communication link is based on, but not triggered by, a
`determination that the secure communication mode has been enabled.
`Claim 1 recites that establishing the encrypted communication link
`includes “constructing a domain name based on an identifier associated with
`the second device.” Ex. 1001, col. 55, ll. 55–58. Windows Resource Kit
`discloses constructing a domain name by appending a DNS suffix to a DNS
`host name. Pet. 24–27; Ex. 1003 ¶¶ 162–163; Ex. 1005, 967–968, 972, 976.
`For example, Windows Resource Kit discloses that the DNS suffix
`“dom1.acquired01-int.com” is appended to the DNS host name “client1” to
`construct the domain name “client1.dom1.acquired01-int.com.” Pet. 25; Ex.
`1003 ¶ 165; Ex. 1005, 976. The DNS host name “client1” is a name used to
`identify the second computer. Ex. 1003 ¶ 165; Ex. 1005, 968 (“The DNS
`host name is taken from the computer name assigned to it during Windows
`2000 Professional installation.”). Patent Owner does not dispute that
`Windows Resource Kit discloses the above limitation of claim 1.
`Claim 1 recites that establishing the encrypted communication link
`includes “sending a query using the domain name.” Ex. 1001, col. 55, l. 59.
`Windows Resource Kit discloses that the first computer sends a query
`containing the domain name to a DNS. Pet. 27; Ex. 1003 ¶¶ 161, 165; Ex.
`
`9
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`1005, 964, 976. Patent Owner does not dispute that Windows Resource Kit
`discloses the above limitation of claim 1.
`Claim 1 recites that establishing the encrypted communication link
`includes “receiving, in response to the query, at least one network address
`associated with the domain name.” Ex. 1001, col. 55, ll. 60–61. Windows
`Resource Kit discloses that, in response to the query, the first computer
`receives one or more IP addresses associated with the domain name from the
`DNS. Pet. 28; Ex. 1003 ¶¶ 172, 174–175; Ex. 1005, 964 (“When a request
`for name-to-IP address resolution is made, the Windows 2000 resolver first
`submits the name query to DNS.”), 986. Patent Owner does not dispute that
`Windows Resource Kit discloses the above limitation of claim 1.
`Claim 1 recites that establishing the encrypted communication link
`includes “initiating establishment of the encrypted communication link
`between the first device and the second device over the communication
`network using the at least one network address and encrypted
`communication link resources received from a server that is separate from
`the first device.” Ex. 1001, col. 55, ll. 62–67. Windows Resource Kit
`discloses that to establish the encrypted communication link, the first
`computer sends a packet to the second computer that includes the IP address
`received from the DNS. Pet. 29; Ex. 1003 ¶¶ 195–196; Ex. 1005, 964, 1006
`(“When IP prepares to send a packet, it inserts the local (source) IP address
`and the destination address.”), 1021. Windows Resource Kit also discloses
`that to establish the encrypted communication link, the first computer uses a
`public encryption key received from the second computer. Pet. 29–30; Ex.
`1003 ¶¶ 198, 202; Ex. 1005, 1022 (“The two computers exchange public
`keys and establish a shared, secret key.”). Windows Resource Kit discloses
`
`10
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`that the second computer can be a server. Ex. 1005, 1025 (“Secure Server
`(Require Security)”).
`Patent Owner argues that the first computer in Windows Resource Kit
`“could come pre-configured with the IP address” of the second computer,
`and, thus, the IP address would not be received from a server separate from
`the first computer. PO Resp. 29–30 (citing Ex. 2015 ¶¶ 48–49). Patent
`Owner’s argument is not persuasive. Patent Owner does not direct us to any
`specific portion of Windows Resource Kit that discloses a computer coming
`pre-configured with the IP address of another computer. PO Resp. 29–30.
`Further, as discussed above, Windows Resource Kit expressly discloses that
`the first computer receives the IP address of the second computer from a
`DNS that is separate from the first computer. Ex. 1003 ¶¶ 172, 174–175;
`Ex. 1005, 964 (“When a request for name-to-IP address resolution is made,
`the Windows 2000 resolver first submits the name query to DNS.”), 986.
`Patent Owner also argues that Petitioner improperly relies on the
`second computer in Windows Resource Kit as teaching both the server and
`the second device in claim 1. PO Resp. 30–32 (citing Ex. 2015 ¶¶ 50–52).
`Patent Owner contends that, according to the specification of the ’643
`patent, the server that provides the encrypted communication link resources
`must be separate from the first device and the second device. PO Resp. 31
`(citing Ex. 1001, col. 51, ll. 29–42, col. 51, ll. 57–62, Fig. 33).
`Patent Owner’s argument is not persuasive. Claim 1 recites a “first
`device,” a “second device,” and a “server” separately, which generally is an
`indication that those elements are distinct components. Ex. 1001, col. 55,
`ll. 62–67; see Becton, Dickinson & Co. v. Tyco Healthcare Group, LP, 616
`F.3d 1249, 1254 (Fed. Cir. 2010) (“Where a claim lists elements separately,
`
`11
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`‘the clear implication of the claim language’ is that those elements are
`‘distinct component[s]’ of the patented invention.”). However, the parties
`agree that the term “server,” when given its ordinary and customary
`meaning, can refer to software operative on a computer. Pet. Reply 11;
`Tr. 33:11–15. In other words, although the term “server” is recited
`separately in claim 1, the ordinary and customary meaning of the term
`“server” indicates that it can be part of a computer. Id. Further, claim 1
`specifies that the server is “separate from” the first device, but does not
`recite a similar requirement that the server is separate from the second
`device. Ex. 1001, col. 55, ll. 62–67. Thus, the claim language indicates that
`the server is separate from the first device, but not necessarily the second
`device. Id.; see Retractable Techs., Inc. v. Becton, Dickson & Co., 653 F. 3d
`1296, 1303 (Fed. Cir. 2011) (holding that the claim language indicates that
`the “needle holder” and “retainer member” need not be separate
`components).
`Our reading of the claim language is consistent with the specification
`of the ’643 patent. One embodiment described in the ’643 patent includes
`computer 2601 (a first device), computer with unsecure target site 2611 and
`secure target site 2604 (a second device), and gatekeeper 2603 (a server) that
`provides encrypted communication link resources. Ex. 1001, col. 39, ll. 58–
`67, col. 40, ll. 10–14, Fig. 26. Another embodiment described in the ’643
`patent includes computer 3301 (a first device), computer with unsecure
`server 3304 and secure server 3320 (a second device), and gatekeeper 3314
`(a server) that provides encrypted communication link resources. Id. at col.
`49, ll. 10–13, col. 51, ll. 29–39, Fig. 33. In each of those embodiments, the
`server is separate from both the first and second devices. Id. at Figs. 26, 33.
`
`12
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`
`There is, however, another embodiment in the ’643 patent that
`includes computer 3604 (a first device), computer 3608 (a second device),
`and server proxy 3610 (a server) that provides encrypted communication
`link resources.1 Id. at col. 53, ll. 57–58, col. 54, ll. 40–43, col. 55, ll. 9–21,
`Fig. 36. In this embodiment, server proxy 3610, which provides encrypted
`communication link resources to computer 3604, is separate from computer
`3604 (the first device), but is part of computer 3608 (the second device). Id.
`at col. 55, ll. 9–23, Fig. 36. Thus, like the claim language, this embodiment
`in the specification indicates that the server is separate from the first device,
`but not necessarily the second device. Id.; see Powell v. Home Depot
`U.S.A., Inc., 663 F.3d 1221, 1231–32 (Fed. Cir. 2011) (holding that the
`specification discloses that the “cutting box” may also function as a “dust
`collection structure,” and, thus, the claim terms do not require separate
`components).
`At the oral hearing, Patent Owner argued that the ’643 patent indicates
`that the first device accesses the server before the encrypted communication
`link is established, but does not access the second device until after the
`encrypted communication link is established. Tr. 30:17–31:5 (citing Ex.
`1001, col. 51, ll. 31–32). Thus, according to Patent Owner, the server
`cannot be part of the second device. Tr. 30:17–31:5. Patent Owner’s
`argument is not persuasive. The ’643 patent indicates that the second device
`
`
`1 The embodiment in Figure 36 differs from those in Figures 26 and 33
`because it creates a virtual private connection, rather than a VPN. Ex. 1001,
`col. 53, l. 66–col. 54, l. 8. Nonetheless, like the gatekeepers in Figures 26
`and 33, the server proxy in Figure 36 provides field-hopping resources, such
`as those used for a VPN. Id. at col. 40, ll. 32–35, col. 51, ll. 57–64, col. 55,
`ll. 14–17.
`
`13
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`in Figure 33 may include unsecure server 3304 and secure server 3320. Ex.
`1001, col. 51, ll. 29–39, Fig. 33. Although the first device can only access
`secure server 3320 after the encrypted communication link is established (id.
`at col. 51, ll. 31–32), the first device can access unsecure server 3304 and
`any other unsecure portions of the second device before the encrypted
`communication link is established (id. at col. 49, ll. 28–30). Thus, contrary
`to Patent Owner’s argument, the first device can access the unsecure
`portions of the second device to obtain the encrypted communication link
`resources and then use those resources to establish an encrypted
`communication link with the secure server on the second device. See, e.g.,
`id. at col. 55, ll. 9–23, Fig. 36.
`For the reasons discussed above, we determine that Petitioner has
`shown by a preponderance of the evidence that claim 1 is anticipated by
`Windows Resource Kit.
`Claim 17
`3.
`Claim 17 recites limitations similar to those discussed above with
`respect to claim 1. Ex. 1001, col. 57, ll. 12–37; see supra Section II.B.2.
`Claim 17 further specifies that the first device comprises “a communications
`component that communicates over the communication network,” “a
`memory storing computer program instructions,” and “at least one processor
`that executes the instructions.” Ex. 1001, col. 57, ll. 15–18. Windows
`Resource Kit discloses a computer with a network adapter for
`communicating over a communication network (Pet. 31; Ex. 1003 ¶ 157; Ex.
`1005, 84 (“detects your network adapter”), 107), a memory for storing
`computer program instructions (Pet. 31; Ex. 1003 ¶ 157; Ex. 1005, 107), and
`a processor for executing those instructions (Pet. 31; Ex. 1003 ¶ 157; Ex.
`
`14
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`1005, 107). Patent Owner does not dispute that Windows Resource Kit
`discloses the above limitations of claim 17.
`Therefore, we determine that Petitioner has shown by a preponderance
`of the evidence that claim 17 is anticipated by Windows Resource Kit.
`Claims 2, 4, and 18
`4.
`Claim 2 depends from claim 1, and recites “wherein enabling the
`secure communication mode includes receiving a command entered into the
`first device by the user, and the command specifies the secure
`communication mode.” Ex. 1001, col. 56, ll. 1–4. Windows Resource Kit
`discloses that a user can enable a secure communication mode on a
`computer by selecting one of several default IP security policies using an IP
`security dialog box on the computer. Pet. 32–33; Ex. 1003 ¶¶ 188–189;
`Ex. 1005, 1024–1025. Selecting the “Secure Server” (or “High”) policy, for
`example, specifies a secure communication mode because it requires that
`“all outgoing communications are secured” and that “[a]ll unsecured
`incoming communications are rejected.” Pet. 32–33; Ex. 1003 ¶¶ 189–190;
`Ex. 1005, 1025. Patent Owner does not dispute that Windows Resource Kit
`discloses the above limitations of claim 2.
`Claim 4 depends from claim 2, and recites “wherein receiving the
`command includes: displaying, at the first device, a user interface including
`a user interface element for enabling the secure communication mode; and
`receiving the command from the user via the user interface element.”
`Ex. 1001, col. 56, ll. 8–14. Windows Resource Kit discloses a computer that
`displays Windows 2000, which is a user interface (Pet. 33; Ex. 1005, 7
`(“Windows 2000 Professional has an improved user interface.”)), and
`displays an IP security dialog box, which is a user interface element (Pet. 33;
`
`15
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`Ex. 1005, 1025). Windows Resource Kit discloses that a user can enable a
`secure communication mode on the computer by selecting one of several
`default IP security policies using the IP security dialog box. Pet. 33–34; Ex.
`1003 ¶¶ 188–189; Ex. 1005, 1024–1025. Patent Owner does not dispute that
`Windows Resource Kit discloses the above limitations of claim 4.
`Claim 18 depends from claim 17, and recites limitations similar to
`those discussed above with respect to claims 2 and 4. Ex. 1001, col. 57,
`ll. 38–48. For the reasons discussed above with respect to claims 2 and 4,
`Windows Resource Kit discloses the limitations of claim 18. Patent Owner
`does not dispute that Windows Resource Kit discloses the limitations of
`claim 18.
`Therefore, we determine that Petitioner has shown by a preponderance
`of the evidence that claims 2, 4, and 18 are anticipated by Windows
`Resource Kit.
`Claims 3 and 19
`5.
`Claim 3 depends from claim 2, and recites “wherein the command
`defines a setup parameter associated with the secure communication mode.”
`Ex. 1001, col. 56, ll. 5–7. Claim 19 depends from claim 17, and recites
`similar limitations. Id. at col. 57, ll. 49–51. As discussed above, Windows
`Resource Kit discloses that a user can enable a secure communication mode
`on a computer by selecting one of several default IP security policies using
`an IP security dialog box. Pet. 36; Ex. 1003 ¶¶ 188–189; Ex. 1005, 1024–
`1025. The default IP security policies are setup parameters because they
`determine which communications are secure. Pet. 36; Ex. 1003 ¶¶ 189–190;
`Ex. 1005, 1024–1025. Patent Owner does not dispute that Windows
`Resource Kit discloses the above limitations of claims 3 and 19.
`
`16
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`
`Therefore, we determine that Petitioner has shown by a preponderance
`of the evidence that claims 3 and 19 are anticipated by Windows Resource
`Kit.
`
`Claims 5 and 20
`6.
`Claim 5 depends from claim 4, and recites “wherein the user interface
`comprises an application stored on the first device.” Ex. 1001, col. 56, ll.
`16–17. Claim 20 depends from claim 17, and recites similar limitations. Id.
`at col. 57, ll. 52–53. As discussed above, Windows Resource Kit discloses a
`computer that displays Windows 2000, which is a user interface. Pet. 37;
`Ex. 1005, 7. Windows Resource Kit further discloses that Windows 2000
`includes an Internet Explorer 5 application that is stored on the computer.
`Pet. 37; Ex. 1005, 11–12 (“With Internet Explorer 5 built in”). Patent
`Owner does not dispute that Windows Resource Kit discloses the above
`limitations of claims 5 and 20.
`Therefore, we determine that Petitioner has shown by a preponderance
`of the evidence that claims 5 and 20 are anticipated by Windows Resource
`Kit.
`
`Claims 6 and 21
`7.
`Claim 6 depends from claim 5, and recites “wherein the application
`comprises a web browser.” Ex. 1001, col. 56, ll. 18–19. Claim 21 depends
`from claim 20, and recites similar limitations. Id. at col. 57, ll. 54–55. As
`discussed above with respect to claims 4 and 5, Windows Resource Kit
`discloses a computer with Windows 2000, which is a user interface. Pet. 37;
`Ex. 1005, 7. Windows Resource Kit further discloses that Windows 2000
`includes an Internet Explorer 5 application, which is a web browser. Pet. 37;
`Ex. 1005, 11–12.
`
`17
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`
`Patent Owner argues that, because claim 6 depends indirectly from
`claim 4, claim 6 requires that the user interface recited in claim 4 comprise a
`web browser. PO Resp. 32–33 (citing Ex. 2015 ¶¶ 53–54). Patent Owner
`contends that Petitioner relies on the IP security dialog box in Windows
`Resource Kit as disclosing the user interface in claim 4, but does not show
`that the IP security dialog box includes a web browser. PO Resp. 33–34
`(citing Ex. 2015 ¶¶ 55–57).
`Patent Owner’s argument is not persuasive. Petitioner relies on
`Windows 2000, not the IP security dialog box, in Windows Resource Kit as
`disclosing the “user interface” recited in claims 4 and 18. Pet. 33
`(“Windows Resource Kit further discloses that the user interface in
`Windows 2000 provides multiple user interface elements, including the IP
`security dialog window.” (emphasis omitted)). Petitioner relies on the IP
`security dialog box as disclosing the “user interface element” recited in
`claims 4 and 18. Id. Claims 6 and 21 recite that the user interface
`comprises a web browser application. Ex. 1001, col. 56, ll. 16–19, col. 57,
`ll. 52–55. Thus, Petitioner must show that Windows 2000 (i.e., the user
`interface) comprises a web browser application, but does not have to show
`that the IP security dialog box (i.e., the user interface element) comprises a
`web browser application. Id. As discussed above, Windows Resource Kit
`discloses that Windows 2000 includes an Internet Explorer 5 application,
`which is a web browser. Pet. 37; Ex. 1005, 11–12.
`Therefore, we determine that Petitioner has shown by a preponderance
`of the evidence that claims 6 and 21 are anticipated by Windows Resource
`Kit.
`
`18
`
`
`
`IPR2015-01009
`Patent 8,843,643 B2
`
`
`Claims 7 and 22
`8.
`Claim 7 depends from claim 1, and recites “wherein sending the query
`using the domain name includes sending, to a secure domain name service
`(SDNS), a query for a network address associated with the domain name.”
`Ex. 1001, col. 56, ll. 20–23. Claim 22 depends from claim 17, and recites
`similar limitations. Id. at col. 57, ll. 56–59.
`Petitioner argues that a secure domain name service (“SDNS”) is “a
`service that provides a secure computer network address for a requested
`secure domain name.” Pet. 12. Petitioner further specifies that a secure
`domain name is “a name that corresponds to a secure computer network
`address.” Id. (emphasis omitted). Patent Owner argues that an SDNS is “a
`lookup service that recognizes that a query message is requesting a secure
`computer network address, i.e., a network address that requires authorization
`for access, and returns a secure computer network address for a requested
`secure domain name.” PO Resp. 13. Pat
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
