`
`
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`
`
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`
`
`
`
`
`UNIFIED PATENTS INC.,
`Petitioner
`
`v.
`
`INTELLECTUAL VENTURES II LLC
`Patent Owner
`____________________
`
`IPR2016-01404
`Patent 6,968,459
`____________________
`
`
`PATENT OWNER INTELLECTUAL VENTURES II LLC’S
`RESPONSE TO PETITION
`
`
`
`
`
`Mail Stop PATENT BOARD
`Patent Trial and Appeal Board
`U.S. Patent & Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`I.
`
`II.
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`TABLE OF CONTENTS
`
`Introduction. ..................................................................................................... 1
`
`The ’459 patent solved the important problem of authorized users copying
`sensitive data to unsecured removable storage devices. .................................. 2
`
`III. Claim construction. .......................................................................................... 6
`
`A. Device-specific security information. ................................................... 7
`
`IV. Ground 1: Bensimon does not anticipate claims 1, 13, 14, 33, 39, 46, and 48.
` .......................................................................................................................11
`
`A. Overview of Bensimon. .......................................................................11
`
`B.
`
`Bensimon does not anticipate independent claims 1, 33, 39. .............13
`
`1.
`
`2.
`
`3.
`
`Petitioner does not establish that Bensimon discloses “device
`specific security information.” ..................................................14
`
`Petitioner did not establish that Bensimon discloses the
`“restricted-access mode” step. ..................................................18
`
`Petitioner did not establish that Bensimon discloses “the
`computer… prevents write access to the storage device” as
`recited in claims 1 and 33. ........................................................29
`
`C.
`
`Petitioner did not establish that Bensimon anticipates independent
`claims 13 and 14. .................................................................................33
`
`V. Ground 2: The combination of Bensimon and Takahashi does not render
`obvious claims 2 and 34. ...............................................................................36
`
`VI. Conclusion. ....................................................................................................38
`
`
`
`- i -
`
`
`
`
`
`
`
`
`
`
`
`Table of Authorities
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`Cases
`
`Eli Lilly and Co. v. Zenith Goldline Pharmaceuticals, Inc.,
`471 F. 3d 1369 (Fed. Cir. 2003) .............................................................................. 20
`
`
`
`
`
`
`
`- ii -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`
`
`Exhibit List
`
`
`Description
`
`Microsoft Dictionary
`Schneier, B., Applied Cryptography, 2d. Ed., Wiley, 1996
`Franzon Deposition Transcript (May 4, 2017)
`Declaration of David M. Goldschlag, Ph.D.
`Curriculum Vitae of Dr. Goldschlag
`Definition of “specific”, Merriam Webster’s Collegiate Dictionary,
`Eleventh Edition (2008)
`
`Exhibit #
`2001
`2002
`2003
`2004
`2005
`2006
`
`- iii -
`
`
`
`
`
`
`
`I.
`
`Introduction.
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`The Petition in this case is nothing more than an attempt to contort the
`
`Bensimon reference to read on the claims of U.S. Patent No. 6,968,459 (the ’459
`
`patent). It is rife with errors, and Petitioner’s own expert admits that, if it is taken
`
`literally, the Petition cannot prove anticipation of the ’459 claims.1 Simply put, the
`
`Petition stretches the law of anticipation too far, and the Board should find all
`
`remaining challenged claims patentable.
`
` The ’459 patent addressed an important technological issue: preventing an
`
`authorized user from copying secure information to an unsecured removable
`
`device. The ’459 claims reflect this innovation, requiring that the computer
`
`prevents writing to devices that do not have security information. Petitioner’s cited
`
`references do not address that issue, and instead focus on securing removable
`
`devices against unauthorized users. When those devices are not secured, the cited
`
`references freely permit both reading and writing operations, unlike the challenged
`
`claims.
`
`The Board should reject Petitioner’s application of Bensimon to the claims
`
`under Ground 1 for four reasons. First, Petitioner relies on an improper and
`
`convoluted reading of the claims. Second, Petitioner has not shown that
`
`
`1 See Franzon Dep., 74:5–22; 73:5–22.
`
`
`
`- 1 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`Bensimon’s read-write password, either alone, or in combination with the
`
`password flag is “device-specific information.” Third, even under Petitioner’s
`
`convoluted reading of the claims, Petitioner’s argument relies on an embodiment
`
`that Bensimon does not explicitly or inherently disclose. Finally, Petitioner simply
`
`fails to address the requirement of the claims that the “computer” prevents access
`
`during the restricted-access mode, not the storage device. And Ground 2 fails for
`
`the same reasons as Ground 1 because it is limited to addressing dependent claims
`
`2 and 34.
`
`Because the Petition falls short of making the proper showing of anticipation
`
`or obviousness, the Board should affirm patentability of claims 1, 13, 14, 33, 39,
`
`46, and 48 of the ’459 patent over Bensimon and claims 2 and 34 over the
`
`combination of Bensimon and Takahashi.
`
`II. The ’459 patent solved the important problem of authorized users
`copying sensitive data to unsecured removable storage devices.
`
`In 1999, engineers at Imation Corporation recognized that “[o]ne of the
`
`greatest challenges” in creating a secure computing environment is “preventing the
`
`authorized user from using sensitive data in an unauthorized manner.” (’459 patent,
`
`1:13–23.) For example, prior to the ’459 patent, after a user successfully entered a
`
`password, the user was able to access and handle information without technology-
`
`imposed limitations. The lack of access control meant that an authorized user could
`
`
`
`- 2 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`“simply copy[] the sensitive data to a removable storage device such as floppy
`
`diskette.” (Exhibit 1001, ’459 patent, 1:23–26.)
`
`To address this critical security flaw, the inventors of the ’459 patent
`
`developed a computing environment using secure storage devices where, for
`
`example, “a computer automatically operates in a secure ‘full-access’ data storage
`
`mode when the computer detects the presence of a secure removable storage
`
`device.” (’459 patent, 1:36–40.) Conversely, “[i]f the computer senses a non-
`
`secure removable storage device then the computer automatically operates in a
`
`‘restricted-access’ mode.” (’459 patent, 1:40–43.) Figure 1, reproduced below,
`
`illustrates an embodiment of such a computing environment.
`
`
`
`
`
`- 3 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`
`
`In secure full-access mode, the system “uses a cryptographic key to encrypt
`
`and decrypt the data stream between the computer and the removable storage
`
`device.” (’459 patent, 1:44–47.) The key can be generated by a combination of
`
`various types of information such as “(1) device-specific information derived of
`
`the removable storage device, (2) manufacturing information that has been etched
`
`onto the storage device, (3) drive-specific information…, and (4) user-specific
`
`information such as a password.” (’459 patent, 1:47–55.) Figure 2, reproduced
`
`below, illustrates an exemplary method requiring each of the four types of
`
`
`
`- 4 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`information identified in the Figure (204, 206, 208, 210) for a storage device to be
`
`deemed secure and have “full access.”
`
`
`
`The patent contemplates two situations: where the storage device is secure
`
`and where the storage device is unsecured. Where the storage device is secure, the
`
`computing environment uses the “secure storage device as a secure ‘access card’”
`
`to gain access to sensitive data of the organization. (’459 patent, 1:56–58.) For
`
`example, the computer allows the user to access sensitive information from other
`
`sources after plugging in a secure storage device. (See ’459 patent, 1:58–62.)
`
`Sensitive information written to the secure storage device can be encrypted. (See
`
`
`
`- 5 -
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`’459 patent, 1:44–47.) Conversely, if the storage device is unsecured, the computer
`
`
`
`operates such that the device cannot be written to, which prevents removing
`
`sensitive information from the computer when using an unsecured device. (See
`
`’459 patent, 1:63–66.)
`
`III. Claim construction.
`Petitioner proposed constructions for six terms— “device-specific security
`
`information,” “[device/user]-specific information,” “security information,” “status
`
`change… for the storage device,” “storage manager,” and “drive.” (See Petition,
`
`pp. 11–18.) The Board declined to construe any of these terms, finding that
`
`“construction of the terms proposed by Petitioner is not necessary to our analysis
`
`on whether to institute a trial.”
`
`Patent Owner agrees that construction of “[device/user]-specific
`
`information,” “security information,” “status change… for the storage device,”
`
`“storage manager,” and “drive” is not necessary to resolve the controversy in this
`
`proceeding. However, the construction of “device-specific security information” is
`
`necessary, as Patent Owner details in its arguments that follow.
`
`
`
`
`
`
`
`- 6 -
`
`
`
`
`
`
`
`A. Device-specific security information.
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`Petitioner
`
`Patent Owner
`
`information that is specific to the
`storage device and used to secure access
`to the storage device.
`
`information that is unique to the
`storage device and used to secure
`access to the storage device.
`
`
`
`The Board should adopt Patent Owner’s construction for this term,
`
`“information that is unique to a device that is used to secure access to the storage
`
`device,” because Patent Owner’s construction is consistent with the claims and
`
`specification. The Board should reject Petitioner’s construction because it is
`
`circular, adding no further insight or meaning to the term.
`
`Both parties agree that device-specific security information is used to secure
`
`access to a device and is specific to the device. (Petition, p. 11.) However, the
`
`parties dispute the meaning of “specific.” Petitioner provides no explicit meaning
`
`of this term in its construction. Instead, Petitioner’s position on the meaning of
`
`“specific” in the term “device-specific” fluctuates based on the situation. For
`
`example, Petitioner repeatedly appears to equate the terms “specific” and “unique.”
`
`(See e.g., Petition, p. 23 (“‘unique’ or specific”); Petition, p. 12 (emphasizing that
`
`its construction properly includes the term “specific” because the specification
`
`describes a “unique identifier[s]’” and “unique format information”).) But during
`
`
`
`- 7 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`deposition, when pressed regarding flaws in his position regarding the Bensimon
`
`reference, Dr. Franzon contradicted the Petition, testifying that “the device specific
`
`security information does not need to be unique.” (Exhibit 2003, Franzon Dep.,
`
`14:5–8.)
`
`Patent Owner’s interpretation of “specific” as “unique” is consistent with the
`
`plain and ordinary meaning of the term and its usage in the specification. The word
`
`“specific” has a well understood meaning: “restricted to a particular individual,
`
`situation, relation, or effect.” (Exhibit 2006, Merriam-Webster, p. 1198.) When
`
`that definition is applied to the term “device-specific security information,” the
`
`plain meaning is that the “security information” must be “restricted to a particular”
`
`device, or in other words unique.
`
`The specification consistently and exclusively requires that the “device-
`
`specific security information” be unique to a device that is used to secure access to
`
`the storage device. The specification also only recites examples of unique device-
`
`security information. (See e.g., ’459 patent, 1:51–53, 3:66 to 4:1,4:9–12, 5:10–13,
`
`7:43–46.) And although, the ’459 patent makes references to both the words
`
`“unique” and “specific,” the ’459 patent repeatedly underscores that these terms
`
`are linked, and it is the fact that device information is unique that makes it device-
`
`specific. (See e.g., ’459 patent, 5:31–32 (“Because these calibration parameters are
`
`unique to each drive, they are well suited for generating a cryptographic key that
`
`
`
`- 8 -
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`is drive-specific.”); 4:14–17( “because [the device-specific security information] is
`
`
`
`a function of the physical characteristics of the actual storage medium within
`
`storage device 151, the format information is inherently unique to each storage
`
`device 151”) (emphasis added).)
`
`The claims of the ’459 patent are consistent with the requirement that
`
`device-specific security information must be unique. The claims recite a few
`
`examples of device-specific security information, all of which are unique, such as a
`
`drive serial number (claim 6) or the calibration parameters of a drive2 (claim 7).
`
`The claims never recite any examples of device-specific security information that
`
`is not unique.
`
`The requirement that “device-specific information” be unique is further
`
`underscored when one understands the role of device-specific information in the
`
`’459 patent’s system. A goal of the ’459 patent is to create “a highly secure
`
`computing system [] in which data can only be stored on the original storage
`
`device from the original storage drive by the authorized user.” (’459 patent, 6:1–
`
`4 (emphasis added).) This means, for example, that the encrypted data can only be
`
`decrypted from the device it was originally written to because its encryption key
`
`
`2 The specification of the ’459 patent explains that “calibration parameters
`
`are unique to each drive.” (’459 patent, 5:30–32.)
`
`
`
`- 9 -
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`used information unique to the device. (See, ’459 patent, 6:8–18; Goldschlag Decl.,
`
`
`
`¶28.) The role of the “device-specific security information” is central to ensuring
`
`that the original storage device is being used and allows the computer to
`
`authenticate the device (as opposed to authenticating the user as a password would
`
`enable). (Goldschlag Decl., ¶¶29-30.) If the data were copied onto a different
`
`storage device, the device-specific security information would be different for that
`
`device, and the system would not be able to generate the cryptographic key to
`
`decrypt the data. (See, ’459 patent, 6:4–15; Goldschlag Decl., ¶¶29-30.) The use of
`
`non-unique device-specific security information creates the situation that multiple
`
`storage devices could have the same device-specific security information.
`
`(Goldschlag Decl., ¶30.) In this situation, the system would not be able to ensure
`
`that the original storage device was being used, undermining the purpose for the
`
`system. (Goldschlag Decl., ¶30.)
`
`Thus, because Patent Owner’s construction is consistent with the claims and
`
`the specification, the proper construction for the term “device-specific security
`
`information” is “information that is unique to a device that is used to secure access
`
`to the storage device.”
`
`
`
`- 10 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`IV. Ground 1: Bensimon does not anticipate claims 1, 13, 14, 33, 39, 46, and
`48.
`A. Overview of Bensimon.
`Bensimon discloses a personal computer (PC) card that requires entry of a
`
`password to read from or write to the card. (See, Bensimon, 2:45–49.) Figure 3,
`
`reproduced below, illustrates a block diagram of the PC card.
`
`
`
`Storage media 102 contains the information stored on the PC card (see,
`
`Bensimon, 4:45–47) and may comprise a disk drive or IC memory such as “Flash
`
`EEPROM.” (Bensimon, 5:7–11.) Bensimon does not employ any encryption.
`
`Instead, it polices access by comparing a password entered by a user with a
`
`password stored on the PC card. (See, Bensimon, 5:63 to 6:6.) “The device 100
`
`compares this string with its recorded string (if password protection [has] been
`
`
`
`- 11 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`previously invoked) and enables normal operation if the password is valid.”
`
`(Bensimon, 5:65–67.) When a user wishes to enable password protection, the user
`
`can send the new password with a Password-Enable command. (See Bensimon,
`
`5:35–39.) The PC card then stores the new password in memory storage 102 along
`
`with a password-enabling flag indicating that the card is password-protected.
`
`Bensimon discloses “two classes of passwords: (1) Write protection (read-
`
`only); and (2) Read/Write Protection” that are stored on Bensimon’s device.
`
`(Bensimon, 6:13–14.) A user that correctly enters the read-only password is given
`
`read-only access to the storage device. (See, Bensimon, 7:3–7.) Conversely, a user
`
`that correctly enters the read-write password is given read-write access to the
`
`storage device. (See, Bensimon, 7:8–12.)
`
`The password-enabling flag is sent to the computer to inform the computer
`
`that the device is password-protected, regardless of the type of password protection
`
`that is enabled. (Bensimon, 6:23–34; Goldschlag Decl., ¶37.) The computer
`
`prompts the user for a password, and passes the entered password to the device for
`
`comparison. (Bensimon, 5:63–67.) The storage device has a processor to perform
`
`the comparison and other instructions. (Bensimon, Figure 3; 4:48–52.)
`
`The PC card of Bensimon does not modify the operation of the PC itself.
`
`The card itself protects the data on the device. (Goldschlag Decl., ¶33.) Bensimon
`
`explains that it specifically rejected trying to modify the operation of the PC,
`
`
`
`- 12 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`finding as “inadequate” previous approaches to security of removable storage
`
`devices because “[a] thief of a small removable device could have read the
`
`information in the medium in a system not requiring a password and could also re-
`
`use the storage device itself.” (Bensimon, 2:23–29.) Bensimon addressed this
`
`inadequacy by requiring a password to access the device in addition to any security
`
`measures required to operate the computer itself. (See, Bensimon, 4:50–56.) As a
`
`result, “the device 100 is rendered useless to those without knowledge of the
`
`password.” (Bensimon, 6:17–19.)
`
` Bensimon does not anticipate independent claims 1, 33, 39.
`
`B.
`Ground 1 fails for independent claims 1, 33, and 39—set out more fully in
`
`the following subsections to this argument—because Petitioner did not show that
`
`Bensimon discloses the “restricted-mode” operation as well as the “device-specific
`
`security information” set forth in the challenged independent claims. Petitioner
`
`also fails to show that the computer prevents access during the restricted-access
`
`mode as required in claim 1. Because claims 46 and 48 depend from claim 39,
`
`Ground 1 fails for those dependent claims as well. In the following subsections,
`
`Patent Owner discusses Ground 1’s deficiencies in detail.
`
`
`
`- 13 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`1. Petitioner does not establish that Bensimon discloses “device
`specific security information.”
`Each of claims 1, 33, and 39 recites “device-specific security information.”
`
`The presence or absence of this “device-specific security information” is used to
`
`determine the mode of operation for the storage device: full-access (read-write)
`
`when the storage device has “device-specific security information” or restricted
`
`access (read only) when the storage device does not have “device-specific security
`
`information.”
`
`Petitioner begins its analysis of the “sensing” element of the claims arguing
`
`that “[t]he password and password-enabling flag, alone or in combination, disclose
`
`the claimed ‘device-specific security information stored thereon.’” (Petition, p. 22.)
`
`But Petitioner quickly retreats from this position in the full-access and restricted
`
`access elements, relying solely on the “read/write” password to meet the language
`
`of the claim as illustrated in the following table.
`
`Claim Language
`
`Petition
`
`sensing whether a storage device has
`device-specific security information
`stored thereon
`
`“The password and password-enabling
`flag, alone or in combination, disclose
`the claimed ‘device-specific security
`information stored thereon.’”
`
`(Petition, p. 22.)
`
`operating a computer in full-access
`
`“The above step of claim 1 is met in a
`
`
`
`- 14 -
`
`
`
`
`
`
`
`Claim Language
`mode when the storage device has
`device-specific security information
`
`operating a computer in a restricted-
`access mode when the storage device
`does not have device-specific security
`information
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`Petition
`situation where Bensimon’s storage
`device 100 has the password-enabling
`flag and the read/write password.”
`
`(Petition, p. 26.)
`
`“The above step of claim 1 is met in a
`situation where Bensimon’s storage
`device 100 does not have the read-write
`password as ‘device-specific security
`information’ but instead has the write-
`only password.”
`
`(Petition, p. 27.)
`
`
`
`Thus, when Petitioner’s argument for the entirety of the independent claims
`
`is considered, Petitioner only relies on Bensimon’s read-write password as the
`
`recited “device-specific security information.” Petitioner’s argument fails because
`
`Bensimon’s read-write password is not “unique” and therefore not “device-
`
`specific.” Moreover, even if Bensimon’s password-flag is considered alone or in
`
`combination with the read-write password, Patent Owner demonstrates below that
`
`the password-flag cannot be the claimed “device-specific security information”
`
`because it is also not “unique.”
`
`
`
`- 15 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`a) The read-write password is not “device-specific security
`information” under the correct construction of that term.
`The proper construction for “device-specific security information” is
`
`“information that is unique to the storage device and used to secure access to the
`
`storage device.” (See, Section II, above.) Bensimon’s read-write password cannot
`
`be “device-specific security information” because it is not unique. Bensimon never
`
`explicitly discloses that either its read-write or read only passwords are unique.
`
`(Goldschlag Decl., ¶42.) And it is not inherent that a password would be unique.
`
`To the contrary, as Dr. Goldschlag explains it is not inherent that a password is
`
`unique as two different people could be using the same password. (Goldschlag
`
`Decl., ¶42.)
`
`When the proper construction is applied, Bensimon does not explicitly or
`
`inherently disclose that its read-write password is the recited “device-specific
`
`security information.” Accordingly, the Board should find patentable claims 1, 33,
`
`and 39.
`
`b) The password-flag is not “device-specific” information.
`Petitioner fails to establish the Bensimon discloses under either its
`
`construction or the proper construction set forth above by Patent Owner. In the
`
`discussion of the “sensing” claim element, Petitioner notes that “when the
`
`password-enabling flag is stored on Bensimon’s storage device 100, it places the
`
`
`
`- 16 -
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`storage device ‘in a password protected mode’ and ‘make[s] the card 100 password
`
`
`
`protected.” (Petition, p. 24; citing Bensimon at 5:34–36.) From this statement,
`
`Petitioner speculates, without support, that “Benimon’s [sic] password-enabling
`
`[flag] is ‘information that is specific to the storage device.’” (Petition, p. 24.)
`
`Nowhere does Petitioner explain why or how the password-enabling flag is
`
`specific to the storage device. Thus, Petitioner fails to establish that Bensimon’s
`
`password-enabling flag is “device-specific security information.”
`
`The Board, in the Institution Decision, found that “Petitioner relies on both
`
`Bensimon’s password and its password-enabling flag, and cites Bensimon’s
`
`description of the password-enabling flag stored on the storage media as a ‘unique
`
`string of characters.’ (Pet. 26–27 (citing Ex. 1004, 6:13–29).” (Institution Decision,
`
`p. 12.) But Petitioner only refers to the read-write password in the full and
`
`restricted access sections as “device-specific security information,” not the
`
`password flag. There is no discussion in the Petition on how the passage cited by
`
`the Board supports any contention that the password-enabling flag is “device-
`
`specific security information.” Indeed, Petitioner itself did not rely on this portion
`
`of Bensimon when actually discussing the password-enabling flag in the “sensing”
`
`claim element.
`
`Patent Owner respectfully disagrees with the Board’s interpretation of this
`
`passage from Bensimon. As Dr. Goldschlag explains, although Bensimon’s refers
`
`
`
`- 17 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`to its password flag as “a unique string of characters,” a person of ordinary skill in
`
`the art (POSITA) would understand this does not mean that the string of characters
`
`are unique between devices, but rather only unique from the other information
`
`returned by a storage device to a computer. (Goldschlag Decl., ¶45.) If Bensimon’s
`
`password flag were truly unique between devices, then Bensimon’s computer
`
`could never know what to look for to determine whether a password was required.
`
`(Goldschlag Decl., ¶46.) Therefore, the password-enabling flag of Bensimon is
`
`also not unique (or specific) to a device. (Goldschlag Decl., ¶46.)
`
`Accordingly, the password-enabling flag of Bensimon is not “device-specific
`
`security information” under either Petitioner’s or Patent Owner’s construction of
`
`the term.
`
`2.
`
`Petitioner did not establish that Bensimon discloses the
`“restricted-access mode” step.
`
`Petitioner’s argument fails for a further reason—Petitioner fails to establish
`
`that Bensimon discloses the “restricted-access” claim element. Each of the
`
`independent claims requires that the computer operate “in a restricted-access mode
`
`when the storage device does not have the device-specific security information.”
`
`Petitioner contends this claim element is met “in a situation where Bensimon’s
`
`storage device 100 does not have the read-write password as ‘device-specific
`
`security information’ but instead has the write-only password.” (Petition, p. 27.)
`
`
`
`- 18 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`However, Petitioner’s contention is based on a fundamental misunderstanding of
`
`Bensimon, as highlighted by its own expert at deposition. And the new theory
`
`advanced by Petitioner’s expert to compensate for this fatal flaw in the Petition is
`
`equally flawed.
`
`a) The Petition fails to establish that Bensimon discloses the
`“operating in a restricted-access mode” claim element.
`
`Petitioner argues that Bensimon discloses the “restricted access mode” step
`
`of claims 1, 33 and 39 when “Bensimon’s storage device 100 does not have the
`
`read-write password as ‘device-specific security information’ but instead has the
`
`write only password.” (Petition, p. 27.) In other words, under Petitioner’s theory,
`
`Bensimon discloses the “restricted access mode” claim element when the
`
`following conditions are present:
`
`— the storage device does not store a “read-write password”;
`
`— the storage device only stores a write protect (read only) password;
`
`and
`
`— the user correctly enters the write protection password.
`
`Thus, Petitioner premises its argument on its belief that Bensimon’s system can
`
`store a read only password alone, without also storing a read-write password.
`
`Petitioner misunderstands Bensimon. Nowhere does Bensimon disclose the storage
`
`
`
`- 19 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`of only one type of password. And both experts agree that a POSITA would not
`
`understand Bensimon in this way.
`
` Bensimon discloses two types of passwords: “(1) Write protection (read-
`
`only); and (2) Read/Write protection.” (Bensimon, 6:13–14.) When the user enters
`
`the write protection password, the device is read only (i.e., writes are disabled).
`
`(Bensimon, 6:14–17.) When the user enters the read/write password, the device
`
`can be accessed for both reads and writes. (Bensimon, 6:17–18; Franzon Dep.,
`
`71:20 to 72:6, 74:15–22, 96:9–12.) In both cases, if the user enters the wrong
`
`password, no access is granted. (Goldschlag Decl., ¶51; Bensimon, 6:17–18, 7:3–
`
`7.)
`
`Bensimon provides no further details about the usage of its two-password
`
`system in its detailed description. Bensimon never discloses that its system has a
`
`mode of operation where a read-only password is present but not a read-write
`
`password. And both Patent Owner’s and Petitioner’s experts agree that Bensimon
`
`does not explicitly disclose this mode of operation. (Goldschlag Decl., ¶¶50-52;
`
`Franzon Dep., 106:14–15 (“Bensimon is... silent on all the details of when it's read,
`
`when it's write.”); see also 105:22 to 106:6.)
`
`Without an explicit disclosure in Bensimon of a device that stores only a
`
`read-only password, Petitioner is forced to rely on inherency to make its
`
`anticipation case. See Eli Lilly and Co. v. Zenith Goldline Pharmaceuticals, Inc.,
`
`
`
`- 20 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`471 F. 3d 1369,1375–77 (Fed. Cir. 2003) (“[T]he prior art reference must disclose
`
`each and every feature of the claimed invention, either explicitly or inherently.”).
`
`But Petitioner’s inherency theory must fail because it is not necessarily the case
`
`that Bensimon’s device would have only a read-only password and not a read-write
`
`password.
`
`Bensimon does not contemplate a mode of operation where only its read-
`
`only password would be stored without a read-write password. Indeed, both
`
`experts agree that such a mode would be illogical.3 (Goldschlag Decl., ¶¶50-52;
`
`Franzon Dep., 105:22 to 106:6.) As Petitioner’s expert—Dr. Franzon—puts it, “at
`
`some point, data has to be written to the device in order to be able to read it, so it
`
`makes sense that… there would be a capability of… writing to the device in a
`
`protected mode.” (Franzon Dep, 106:9–13.) In fact, Dr. Franzon further
`
`underscored his point:
`
` Bensimon… doesn't say there might be two classes of
`passwords or sometimes there's two classes of passwords. It
`
`
`3 In fact, if the device only has a “write protection (read only)” password, a
`
`person with knowledge of the write protection password, could simply disable it
`
`using the “Password-Disable” command and gain full access to the device.
`
`(Goldschlag Decl., ¶50; Bensimon, 6:7–12.)
`
`
`
`- 21 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`says there are two classes of passwords. So to be more literal,
`it's saying that these passwords are present.
`
`(Franzon, 84:4–10 (emphasis added).) And Bensimon’s claims support the
`
`understanding that both passwords are stored, reciting that the storage device
`
`“stor[es] information including a read-only password and a read/write password.”
`
`(Bensimon, 6:65–67.) Therefore, a POSITA would understand Bensimon as
`
`requiring both passwords to be present. The storage device then enables access
`
`according to the password entered (i.e., when read-only password entered, user is
`
`granted read-only access; when read/write access granted, user has full access).
`
`Thus, Bensimon does not explicitly or inherently disclose “restricted-access
`
`mode.” Accordingly, the Board should find independent claims 1, 33, and 39
`
`patentable.
`
`b) Bensimon’s password enabling flag cannot meet the restricted-
`access claim element.
`
`Petitioner did not mention Bensimon’s password-enabling flag in its
`
`discussion of the “restricted-access mode.” (Petition, p. 27.) However, should
`
`Petitioner contend in its Reply that Bensimon’s password-enabling flag alone or in
`
`combination with the read-write password meets the “restricted access mode”
`
`claim element, Patent Owner demonstrates that such argument would be incorrect
`
`based on the explicit teachings of Bensimon.
`
`
`
`- 22 -
`
`
`
`
`
`
`
`IPR2016-01404
`Patent No. 6,968,459
`
`
`Bensimon’s password flag “provides a standard method for the computer
`
`system 10 to de
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
