`__________________________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`__________________________________
`
`SPECTRUM BRANDS, INC.
`Petitioner
`
`v.
`
`ASSA ABLOY AB
`Patent Owner.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Case No. TBD
`U.S. Patent No. 7,706,778
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`DECLARATION OF PROFESSOR MATTHEW GREEN, PH.D.
`
`
`
`
`
`
`
`SPECTRUM EX. 1004
`Spectrum Brands v. Assa Abloy
`US Patent No. 7,706,778
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`I, Professor Matthew Green, Ph.D., declare and state as follows:
`
`I. BACKGROUND AND QUALIFICATIONS
`
`1.
`
`I have been retained by Petitioner Spectrum Brands, Inc. to provide
`
`expert opinions in connection with this IPR proceeding. I have been asked by
`
`counsel to review relevant materials and render my expert opinion in connection
`
`with technical matters related to the petition for inter partes review of U.S. Patent
`
`7,706,778 (“’778 Patent”).
`
`2.
`
`I have been asked to provide my opinions regarding the validity of
`
`Claims 1, 4, 6, 8, 10-14, 16-18, 22-25, 28-31, 33 and 34 of the ’778 Patent. I have
`
`used my education and my years of experience working in the field of security
`
`systems, and my understanding of the knowledge, creativity, and experience of a
`
`person of ordinary skill in the art in forming the opinions expressed in this
`
`declaration.
`
`3.
`
`Attached as Appendix A to this declaration is my current curriculum
`
`vitae, which includes a listing of my publications, patents, research support, and
`
`prior testimony as an expert. The following paragraphs briefly summarize my
`
`relevant expertise.
`
`4.
`
`I hold a Ph.D. in Computer Science from Johns Hopkins University, a
`
`Master of Science degree in Computer Science from Johns Hopkins University,
`
`and a Bachelor of Arts in Computer Science from Oberlin College. I conducted my
`
`-1-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`Ph.D. thesis work on new cryptographic techniques for providing access control in
`
`secure databases, while simultaneously maintaining privacy of data accesses. I
`
`have authored numerous research papers
`
`in peer-reviewed
`
`journals and
`
`conferences, including papers in conferences and journals of the Institute of
`
`Electrical and Electronics Engineers (IEEE) and the Association for Computing
`
`Machinery (ACM).
`
`5.
`
`I am presently Assistant Research Professor at Johns Hopkins
`
`University in Baltimore, Maryland. As a Professor, I research novel techniques in
`
`the area of computer security and applied cryptography. This research includes
`
`investigation of computerized access control systems. I have published numerous
`
`papers related to access control systems and their underlying technology, including
`
`encryption protocols and cryptography.
`
`6.
`
`I have conducted research projects involving various physical and
`
`electronic security systems. In one project I undertook at Johns Hopkins
`
`University, I investigated an access control system that was used to secure millions
`
`of vehicles against automotive theft. In the course of that investigation, my co-
`
`investigators and I uncovered serious vulnerabilities that led to national press
`
`coverage by the NEW YORK TIMES, WASHINGTON POST, and other media outlets,
`
`and resulted in subsequent system re-designs by the manufacturer. In other
`
`academic research projects, I investigated electronic security access control
`
`-2-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`systems. These included toll collection systems; electronic payment systems;
`
`cryptographic Hardware Security Modules (HSMs) used by the banking industry
`
`and others; systems designed to protect electronic audiovisual content against
`
`unauthorized access; and systems designed to secure communications transmitted
`
`over the Internet. In the last three years, I have conducted research funded by the
`
`Defense Advanced Research Projects Agency (DARPA)
`
`to further our
`
`understanding of secure computing on encrypted data, and I have conducted
`
`research in collaboration with Google to develop portable secure access control
`
`modules for use in Android devices such as mobile phones.
`
`7.
`
`Prior to my current position at Johns Hopkins University, I worked in
`
`industry for a number of years as a software developer and technology consultant.
`
`As a software developer and technology consultant, I gained expertise in several
`
`fields, including access control systems and technologies.
`
`8.
`
`From 1999-2003 I held the position of Senior Technical Staff Member
`
`at AT&T Laboratories in Florham Park, NJ, where my responsibilities included
`
`developing software for secure delivery of digital content. This work involved
`
`developing computerized access control systems responsible for securing music
`
`and video content, limiting access to said content only to authorized users under a
`
`specific set of policy conditions.
`
`-3-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`9.
`
`Subsequently, I worked for a number of years as a consultant for firms
`
`to provide my experience and expertise in digital access control technology.
`
`Specifically, from 2005-2011, I served as Principal Analyst and CTO of
`
`Independent Security Evaluators, a custom security evaluation and design
`
`consultancy. In that position, I worked with several clients to develop electronic
`
`access control technology for physical systems such as physical locks, remote
`
`vehicle starters, and for electronic systems such as electronic book readers and
`
`video players. During this time I analyzed access control mechanisms used in
`
`payment terminals deployed by the largest credit card payment processor in United
`
`States. I also designed and analyzed software protection systems intended to thwart
`
`the reverse-engineering of software.
`
`10. Based on my experience, I am an expert in the field of electronic
`
`access control and security systems.
`
`11.
`
`I have used my education and my years of experience working in the
`
`field of computer security and system architecture design, and my understanding of
`
`the knowledge, creativity, and experience of a person of ordinary skill in the art in
`
`forming the opinions expressed in this declaration.
`
`12.
`
`I am being compensated for my time in connection this proceeding at
`
`my customary rate of $425 per hour. My compensation is not dependent on the
`
`outcome of this proceeding. I have no personal or financial stake or interest in the
`
`-4-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`outcome of this proceeding. I am not an employee, consultant, or contractor of the
`
`Petitioner or Patent Owner.
`
`13. Between now and such time that I may be asked to testify, I expect to
`
`continue my review, evaluation, and analysis of evidence presented before and/or
`
`at the hearing. I expect to review the declarations and other evidence submitted by
`
`Patent Owner’s experts. I reserve the right to amend or supplement this
`
`declaration, as appropriate, after considering the opinions set forth by Patent
`
`Owner’s experts. In the event that additional relevant information becomes
`
`available to me, I also reserve the right to review and consider that information in
`
`further developing or refining my opinions.
`
`II. INFORMATION AND MATERIALS CONSIDERED
`
`14.
`
`In order to render my opinions in this matter, I have reviewed the
`
`specification and claims of the ’778 Patent (Ex. 1001). I have been informed that
`
`the ’778 Patent was filed on April 3, 2006 and issued on April 27, 2010. I also
`
`understand that the ’778 Patent claims priority to a provisional application filed on
`
`April 5, 2005, a copy of which I have reviewed.
`
`15.
`
`I have also reviewed the following materials:
`
`a. U.S. Patent Application Publication
`
`2002/0180582A1
`
`(“Nielsen”), Ex. 1002.
`
`-5-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`b. U.S. Patent Application Publication
`
`2002/0031228A1
`
`(“Karkas”), Ex. 1003.
`
`c. U.S. Patent Application Publication 2002/0057188 by Schuster,
`
`et al.
`
`d. U.S. Patent 6,975,202 to Rodriguez, et al.
`
`e. U.S. Patent 7,205,882 to Libin.
`
`f. U.S. Patent 7,624,280 to Oskari.
`
`g. Miller, “CoreStreet secures deal with No. 1 lock-maker,”
`
`Boston Business Journal, September 15, 2003.
`
`h. “Open Security Exchange Best Practices: Guidelines for
`
`Selection and Issuance of Identification Tokens for Logical and
`
`Physical Systems,” IEEE-ISTO Open Security Exchange
`
`Technical Committee, February 24, 2004.
`
`i. Hämäläinen, et al., “Applying Wireless Technology to an
`
`Access Control System,” Acta Universitatis Lappeenrantaensis,
`
`August 7, 2003.
`
`j. File History of U.S. Patent No. 7,706,778.
`
`k. Joint Claim Construction Submission from HID Global
`
`Corporation et al. v. Kwikset Corporation et al., No. 14-cv-
`
`00947-CJC-DFM (C.D. Cal.), Ex. 1006.
`
`-6-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`16. The above references are in addition to any other materials referenced
`
`directly or indirectly in this declaration. I expect to review additional materials that
`
`are provided by the parties as this proceeding progresses.
`
`III. SUMMARY OF OPINIONS
`
`17.
`
`It is my opinion that Claims 1, 4, 6, 8, 10-14, 16-18, 22-25, 28-31, 33
`
`and 34 of the ’778 Patent are invalid as obvious over Nielsen (Ex. 1002) in view of
`
`Karkas (Ex. 1003).
`
`18.
`
`It is also my opinion that Claims 1, 4, 6, 8, 10-14, 16-18, 22-25, 28-
`
`31, 33 and 34 of the ’778 Patent are invalid as obvious over Nielsen (Ex. 1002) in
`
`view of the knowledge of a person of ordinary skill in the art.
`
`IV. BACKGROUND
`
`A. The ’778 Patent
`
`19. The ’778 Patent describes a secure access system that uses mobile
`
`devices to communicate with readers that control access to protected assets. The
`
`’778 Patent describes storing access control credential data on the mobile devices.
`
`Ex. 1001, Abstract. The mobile devices can communicate with readers, which
`
`make a determination as to whether the credential data on a given mobile device
`
`permits access to an asset, such as a locked room. Id., Col. 3:26-33. These mobile
`
`devices may be portable computers and cellular phones. Id., Col. 6:47-51.
`
`-7-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`20. The ’778 Patent describes a central controller that communicates with
`
`mobile devices via a communication network. Id., Col. 3:17-20, 35-42. This
`
`communication includes updates that may enable, disable, or modify a credential.
`
`Id. The central controller may transmit credential updates to both the mobile device
`
`and to the readers. This allows the reader to correctly determine whether the
`
`mobile device is valid when it is presented to the reader. Id., Col. 3:54-59. A reader
`
`may also store a log of access attempts and other forms of activity, which it may
`
`transmit to the controller. Id., Col. 11:30-33.
`
`21. The ’778 Patent teaches that “mobile devices may require a periodic
`
`enablement of their credentials in order to maintain their validity.” Id., Col. 3:60-
`
`62. If a mobile device does not receive an enablement message, its credential
`
`information may be “erased, expire, or the mobile device may not be allowed to
`
`transmit its credential information.” Id., Col. 3:64-66.
`
`22. The ’778 Patent uses the term “self-authenticating data”. See id., Col.
`
`8:21-25. This term is described in the ’778 Patent specification as data that “can
`
`assist the mobile device in determining if it is eligible to gain access to a particular
`
`asset.” Id. The ’778 Patent teaches that “times of allowed access to each asset”,
`
`i.e., expiration times, are one example of self-authenticating data. Id. This data
`
`“can assist the mobile device in determining if it is eligible to gain access to a
`
`particular asset.” Id. The ’778 Patent also uses the term “smart mobile device”,
`
`-8-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`which according to the patent specification, refers to a mobile device that makes a
`
`determination about its own access rights. Id. Col. 8:29-31.
`
`23. The independent claims of the ’778 Patent describe techniques for
`
`updating the credential data stored on smart mobile devices. In the subsequent
`
`dependent claims, the ’778 Patent adds a series of limitations. These limitations
`
`generally describe the format and contents of credential data, the techniques used
`
`to communicate updated to the device, and what the mobile device does in
`
`response to the updates. Additionally, these dependent claims describe the mobile
`
`device’s interaction with readers.
`
`B. Claim Construction
`
`24.
`
`I understand that the owner of the ’778 Patent has proposed
`
`constructions for certain claim terms in a pending District Court case where it is
`
`asserting infringement of the ’778 Patent. For the term “credential,” I understand
`
`that the proposed construction is “data, set of data, encryption scheme, key,
`
`transmission protocol, and/or the like, used by a particular mobile device to verify
`
`its authenticity with a reader/interrogator.” Ex. 1006 at A-8. For the term “self-
`
`authenticating data,” I understand that the proposed construction is “data that can
`
`assist the mobile device in determining if it is eligible to gain access to a particular
`
`asset.” Id. at A-16. And for the term “smart mobile device,” I understand that the
`
`proposed construction is “a mobile device that determines its own access rights and
`
`-9-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`permissions.” Id. at A-19. I have accepted and applied these constructions for the
`
`purposes of providing my opinions in this declaration.
`
`25.
`
` I also understand that the proper standard for claim construction in
`
`this IPR proceeding is the “broadest reasonable interpretation in light of the
`
`specification to one having ordinary skill in the art.” In my opinion, the
`
`constructions above are consistent with the broadest reasonable interpretation of
`
`the corresponding terms in light of the specification of the ’778 Patent to one
`
`having ordinary skill in the art when the ’778 Patent was filed.
`
`26. While the terms “self-authenticating data” and “smart mobile device”
`
`each require a mobile device to determine its own access rights, neither term
`
`excludes the possibility that the mobile device’s access rights are also validated,
`
`e.g., by a reader. Even with a smart mobile device and self-authenticating data, the
`
`’778 Patent teaches that “reader 108 is associated with one or more assets and the
`
`reader 108 is the gatekeeper of those assets.” Ex. 1001 at Col. 8:32-33. A person
`
`of ordinary skill would understand that the reader could not be an effective
`
`gatekeeper if it did not perform its own validation of the mobile device’s access
`
`rights. Such a reader would be fundamentally vulnerable to fraudulent or
`
`unauthorized access attempts, as it would blindly trust any validation signal it
`
`received with no further examination. This would include signals generated by a
`
`modified mobile device, or even an entirely different device purporting to be an
`
`-10-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`authorized mobile device. A person of ordinary skill in the art would recognize the
`
`vulnerability that would result from such a design. Accordingly, the ’778 Patent
`
`leaves room for additional “confirmation of validation of the mobile device 112” in
`
`the specification. Id., Col. 8:48.
`
`27. Thus, it is my opinion that the broadest reasonable interpretation of
`
`“self-authenticating data” and “smart mobile device” does not preclude additional
`
`validation outside of the mobile device.
`
`C. Nielsen, U.S. Patent App. Pub. 2002/0180582 (Ex. 1002)
`
`28. Nielsen (Ex. 1002) describes an access control system
`
`that
`
`incorporates an electronic key device, a lock control unit, and a computer system.
`
`Ex. 1002 ¶ 1. Nielsen teaches that the electronic key device may be a mobile
`
`phone. Id. ¶¶ 38, 125. The computer system in Nielsen is described as an “access
`
`code management system” because it “generates and administers the access
`
`codes.” Id. ¶ 128. These components are shown, for example, in Fig. 2b of
`
`Nielsen, reproduced below.
`
`-11-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`
`
`29. Nielsen defines the user of an electronic key device as an access right
`
`grantee, and describes the rights that apply to a particular grantee as an access right
`
`definition. Id. ¶¶ 132, 162. Nielsen explains that the access code management
`
`system receives the definition and transforms it into an electronic access code. Id. ¶
`
`132. Next, the management system transmits the access code to lock control units
`
`at the locations the grantee is allowed to access. Id. ¶ 133. The management system
`
`also transmits the access codes to the grantee’s electronic key devices. Id. Fig. 3 of
`
`Nielsen depicts these steps.
`
`30. The access code management system may transmit access codes to the
`
`key devices over a standard mobile telephone network using short message service
`
`-12-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`(SMS) or higher-speed data channels such as global system for mobile
`
`communications (GSM) or code division multiple access (CDMA) transmissions.
`
`Id. ¶ 127. Both GSM and CDMA use radio frequency signals to transmit
`
`information.
`
`31. When accessing a location protected by a lock control unit, the user
`
`selects the access code for that location using a keypad on the mobile phone. Id. ¶¶
`
`153-154. The access code is transferred to the lock control unit wirelessly, for
`
`example by infrared or Bluetooth. Id. ¶¶ 156, 159. The lock control unit compares
`
`the received access code to the valid access codes stored in its memory. Id. ¶ 162.
`
`If the received access code is valid, the lock control unit opens the lock. Id. The
`
`user’s attempt to access the lock may be logged whether or not the lock is opened.
`
`Id. The log data may be saved at the lock control unit, at the electronic key device,
`
`or in a database at the access code management system. Id. ¶ 166.
`
`32. The access codes in Nielsen may include parameters that specify
`
`limits on how each access code may be used. These parameters are depicted in Fig.
`
`4, which is reproduced below. The parameters may include a lock control unit ID,
`
`which specifies the lock control unit or group of lock control units for which the
`
`access code is valid. Id. ¶ 146. The parameters may also include a key device ID
`
`that identifies which key devices are authorized to use the access code, a validity
`
`-13-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`period that specifies when the access code expires, and a field indicating the type
`
`of access rights supported by the access code. Id.
`
`
`
`33. Nielsen also teaches that access codes may be automatically
`
`transmitted to either the lock control unit or the electronic key device, or both, in
`
`order to periodically replace previous access codes. Id. ¶ 128. Alternatively,
`
`existing codes may be invalidated upon specific request by a user. Id. In either
`
`case, the purpose of this mechanism is to improve security of the system. Id. Codes
`
`may be invalidated if, for example, they are misused or lost. Id. ¶ 51. When this
`
`happens, the invalid codes are replaced with new codes. Id.
`
`D. Karkas, U.S. Patent App. Pub. 2002/0031228 (Ex. 1003)
`
`34.
`
`In addition to Nielsen, there are other prior art systems that used
`
`mobile phones as keys. One such system is described in Karkas (Ex. 1003). The
`
`Karkas system uses components such as mobile phones, computer systems, and
`
`-14-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`wireless locks to implement an access control system. These components
`
`correspond directly to the components in Nielsen and are used for the same
`
`purposes. Karkas is a useful supplement to Nielsen simply because it provides
`
`additional detail about several of the features it shares with Nielsen.
`
`35. Karkas describes “mobile stations”. A person of ordinary skill would
`
`understand these mobile stations to include mobile phones, based on Karkas’
`
`teachings regarding cellular telephone and Internet connectivity. Ex. 1003 ¶¶ 2, 31,
`
`45. These mobile stations correspond to the electronic key devices (e.g., mobile
`
`phones) of Nielsen. Karkas further explains that a mobile station may connect to a
`
`“Bluetooth device” that is “a lock or an access device.” Id. ¶¶ 24-25. The
`
`Bluetooth device in Karkas corresponds to the lock control unit in Nielsen. In some
`
`embodiments, instead of Bluetooth, Karkas teaches that this device may use
`
`different radio frequencies, infrared, or wireless LAN. Id. ¶ 46. This is consistent
`
`with the operation of the mobile device in Nielsen.
`
`36. Karkas explains that the Bluetooth device receives “key information”
`
`from the mobile station. This information corresponds to the access codes
`
`described in Nielsen. Id. ¶ 36. The Bluetooth device compares the key information
`
`received from the mobile station to key information stored on the device to
`
`determine whether the received key information is valid. Id. ¶ 37. The Bluetooth
`
`device will also check to confirm that any time limit included in the key has not
`
`-15-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`expired before granting access to the locked location (such as a hotel room). Id. ¶¶
`
`41, 49. A user may obtain more time beyond the initial time limit (for example, by
`
`requesting access to the hotel room for an extra day). Id. ¶¶ 48-49.
`
`37. Karkas recognizes the possibility that Bluetooth devices might be
`
`connected to a “central control element.” Id. ¶ 49. Such a “control element” would
`
`correspond directly to the access code management system in Nielsen. However,
`
`Karkas explains that such connections are not necessary if information about the
`
`key’s validity is provided as part of the key. Id. This information may identify, for
`
`example, a “validity time,” a “validity of a user,” or a “validity of use of the item
`
`being accessed.” Id. This information corresponds to the validity period, key
`
`device ID, and lock control unit ID, respectively, which are included in the access
`
`codes (i.e., keys) described in Nielsen. Ex. 1002 ¶ 146.
`
`38. Karkas explains how a mobile station can use the validity information
`
`that is part of a key to make determinations regarding its own access rights. For
`
`example, if a key has a time limit, the mobile station determines whether the key is
`
`expired and if so deletes the key automatically. Ex. 1003 ¶ 53. Additionally, the
`
`key may specify a “personal identity number (PIN)” that identifies an authorized
`
`user. Id. ¶ 52. If a person tries to use the key, the mobile station will prompt the
`
`person to enter their PIN. Id. The mobile device will not send the key to the
`
`Bluetooth device unless the PIN is correct. Id.
`
`-16-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`39. A key may also include an “identification tag” that identifies a
`
`Bluetooth device for which the key is valid. Id. ¶ 39. This tag corresponds to the
`
`lock control unit ID described in Nielsen. The mobile station may use this identity
`
`tag to select the proper key when it encounters a particular Bluetooth device. Id.
`
`Thus, the mobile device relies on the identity tag to ensure that it sends only valid
`
`keys. This automatic key selection also prevents the need for a user to manually
`
`choose the appropriate key from a list on the mobile device.
`
`E.
`
`Legal Standards for Obviousness
`
`40.
`
`I am informed that a claim of an issued patent can be found to be
`
`invalid if the claim would have been obvious in view of the prior art. I understand
`
`that this determination is made from the perspective of a person having ordinary
`
`skill in the art who is presumed to be aware of all prior art.
`
`41.
`
`I am informed that Section 103 of Title 35 of the United States Code
`
`governs the determination of obviousness. According to 35 U.S.C. § 103(a):
`
`A patent may not be obtained though the invention is not identically
`
`disclosed or described as set forth in section 102 of this title, if the
`
`differences between the subject matter sought to be patented and the
`
`prior art are such that the subject matter as a whole would have been
`
`obvious at the time the invention was made to a person having
`
`ordinary skill in the art to which the subject matter pertains.
`
`-17-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`42.
`
`I further understand that the determination of obviousness is based on
`
`four factors, sometimes referred to as the Graham factors. They are: (a) the scope
`
`and content of the prior art, (b) the differences between the prior art and the
`
`claimed invention, (c) the level of ordinary skill in the pertinent art, and (d) any
`
`evidence of “objective indicia of nonobviousness.” Those objective indicia include
`
`considerations such as whether a product covered by the claims is commercially
`
`successful and whether there was a long-felt-but-unmet need in the field for the
`
`claimed invention, among other things.
`
`43.
`
`I further understand that courts often consider a reason that would
`
`have prompted a person of ordinary skill in the art to combine the elements in the
`
`references in the way the claimed new invention does.
`
`F.
`
`Level of Ordinary Skill in the Art
`
`44.
`
`I am informed that for purposes of assessing the obviousness of a
`
`claimed invention, the level of skill possessed by the hypothetical person of
`
`ordinary skill in the art is informed by several factors. These factors include the
`
`type of problems encountered in the relevant art, the prior art solutions to those
`
`problems, the rapidity with which innovations are made in the relevant art, the
`
`sophistication of the relevant technology, and the educational level of active
`
`workers in the field.
`
`-18-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`45. The relevant field for the ’778 Patent includes electronic access
`
`control systems. I consider myself to be an expert in the relevant field.
`
`46.
`
`In my opinion, a person having ordinary skill in the art at the relevant
`
`time period, which I understand to be around the time of the filing date of
`
`Provisional Application No. 60/668,828 on April 5, 2005, would have at least a
`
`bachelor’s degree in computer science, computer engineering, or electrical
`
`engineering combined with at least one year of industry experience in security
`
`systems. This educational and industry background provides the necessary training
`
`and understanding of the system, including hardware and software, described in the
`
`’778 Patent. This level of skill is adequate for the ’778 Patent, given that neither
`
`the ’778 Patent nor the relevant prior art relies on details of cryptography,
`
`advanced mathematics, or silicon design. Indeed, as a professor of Computer
`
`Science I would feel comfortable teaching many of these concepts to upper-level
`
`undergraduates in my own courses. Thus, based on my experience in the field of
`
`electronic access control systems, the person of ordinary skill would have the
`
`education and experience described above.
`
`V. OBVIOUSNESS IN VIEW OF NIELSEN AND KARKAS
`
`47. Nielsen and Karkas render obvious Claims 1, 4, 6, 8, 10-14, 16-18,
`
`22-25, 28-31, 33 and 34 of the ’778 Patent for the reasons explained below.
`
`-19-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`A. Reasons to Combine Nielsen and Karkas
`
`48.
`
`It would have been obvious to combine Nielsen with Karkas. Both
`
`references were published in the same year, and each reference discloses a closely-
`
`related access control system. Both references describe mobile devices that receive
`
`keys over a cellular network and transmit those keys to locks using short-range
`
`wireless protocols such as Bluetooth and infrared communications. They both
`
`describe access keys with embedded validity information that identifies valid users,
`
`locks, and time periods. Because of the similarities of Nielsen and Karkas, a
`
`person of ordinary skill would have readily combined their teachings.
`
`49.
`
`In Nielsen, the embedded validity information includes passwords,
`
`lock control IDs, and validity periods. In Karkas, the equivalent elements are
`
`respectively PINs, unique identity tags for Bluetooth devices, and validity times. In
`
`each of the two references, the validity times/periods are used to identify the time
`
`period during which a given access key/code is valid, which enables features such
`
`as access keys that expire after a given time. In each reference, the validity time
`
`can be checked at the time a user requests access to a lock, preventing the user
`
`from using an expired access code.
`
`50. Because the systems described in Nielsen and Karkas are so similar,
`
`many features disclosed in Karkas are readily compatible with the Nielsen system.
`
`A person of ordinary skill would be motivated to incorporate these features into the
`
`-20-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`Nielsen system because they would make the system more convenient. For
`
`example, in certain embodiments described by Nielsen, a user must manually
`
`select the correct access code for a particular lock, as described above. A person of
`
`ordinary skill would recognize that manually selecting an access code is
`
`inconvenient, and would therefore be motivated to apply Karkas’ teachings on
`
`automatic code selection (using the “unique identity tag” from a Bluetooth device)
`
`to remove this inconvenience. Moreover, the Nielsen reference describes an
`
`“access code retrieval module 862” (see Nielsen, Fig. 8b excerpted below) that
`
`“retrieves selected access codes from the access code register and displays them on
`
`the display.” Ex. 1002 ¶ 177 (emphasis added). The Nielsen reference does not
`
`describe the detailed operation of the access code retrieval module, nor which
`
`access codes it would select from the access code register. Therefore a person of
`
`ordinary skill in the art would be motivated to seek out additional references, such
`
`as Karkas, to provide additional context for understanding this component. A
`
`skilled artisan would further recognize the need to select only the necessary and
`
`applicable access codes for the user, given the limited display size of the
`
`exemplary mobile devices described in Nielsen. Therefore it would be motivated
`
`and obvious to combine the Nielsen reference with the selection mechanism of
`
`Karkas.
`
`-21-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`
`
`
`51. As a second example, Nielsen teaches that an access right may include
`
`a “password,” but does not specify how this password is used. A person of
`
`ordinary skill would recognize that the password in Nielsen is analogous to the PIN
`
`in Karkas, which may be required for a user to access a key. Indeed, a skilled
`
`artisan would recognize that a PIN is merely one form of password. However,
`
`while Nielsen proposes that a password might be provided with each access code,
`
`the reference offers no further specific instructions on how the suggested password
`
`checks might be implemented within the access control system. A person of
`
`ordinary skill in the art would therefore be motivated to seek additional references,
`
`such as Karkas, to identify a specific mechanism for implementing the password
`
`-22-
`
`
`
`Spectrum Brands v. Assa Abloy AB
`IPR Petition – U.S. Patent No. 7,706,778
`
`verification checks implied by Nielsen. Accordingly, the skilled person would be
`
`motivated to apply Karkas’ teachings on PINs to the system of Nielsen.
`
`52. As a third example, Nielsen involves locks that communicate with a
`
`central computer. A person of ordinary skill would recognize that it would be more
`
`convenient in some circumstances for the operator of an access control system to
`
`avoid the hassle of connecting all of the locks in the system to such a computer, as
`
`this would require additional network communications equipment at each lock, and
`
`appropriate wiring or wireless transce