Trials@uspto.gov
`571-272-7822
`
`
`
`
`
`
`
`Paper 10
`Entered: June 22, 2017
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`NETAPP, INC., LENOVO (UNITED STATES) INC., and EMC CORP.,
`Petitioner,
`
`v.
`
`INTELLECTUAL VENTURES II, LLC,
`Patent Owner.
`____________
`
`Case IPR2017-00467
`Patent 6,968,459 B1
`____________
`
`
`
`Before THOMAS L. GIANNETTI, PATRICK M. BOUCHER, and
`KAMRAN JIVANI, Administrative Patent Judges.
`
`JIVANI, Administrative Patent Judge.
`
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`571-272-7822
`
`
`
`
`
`
`
`Paper 10
`Entered: June 22, 2017
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`NETAPP, INC., LENOVO (UNITED STATES) INC., and EMC CORP.,
`Petitioner,
`
`v.
`
`INTELLECTUAL VENTURES II, LLC,
`Patent Owner.
`____________
`
`Case IPR2017-00467
`Patent 6,968,459 B1
`____________
`
`
`
`Before THOMAS L. GIANNETTI, PATRICK M. BOUCHER, and
`KAMRAN JIVANI, Administrative Patent Judges.
`
`JIVANI, Administrative Patent Judge.
`
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`INTRODUCTION
`I.
`NetApp, Inc., Lenovo (United States) Inc., and EMC Corporation
`(collectively, “Petitioner”) requested an inter partes review of claims 15, 18,
`24, and 25 (the “Challenged Claims”) of U.S. Patent No. 6,968,459 B1 (“the
`’459 patent”). Paper 1 (“Petition” or “Pet.”). Patent Owner Intellectual
`Ventures II, LLC filed a Preliminary Response. Paper 9 (“Prelim. Resp.”).
`Under 35 U.S.C. § 314(a), an inter partes review may not be instituted
`unless it is determined that there is “a reasonable likelihood that the
`petitioner would prevail with respect to at least 1 of the claims challenged in
`the petition.” Based on the information presented in the Petition and
`Preliminary Response, we are not persuaded that there is a reasonable
`likelihood Petitioner would prevail on its challenges. Accordingly, we
`decline to institute inter partes review of claims 15, 18, 24, and 25 for the
`reasons set forth below.
`
`
`BACKGROUND
`II.
`The ’459 patent (Ex. 1001)
`A.
`The ’459 patent seeks to create “a highly secure computing
`environment . . . preventing the appropriation of sensitive data.” Ex. 1001,
`1:13–31. The ’459 patent describes “a secure computing environment in
`which a computer automatically operates in a secure ‘full access’ data
`storage mode when the computer detects the presence of a secure removable
`storage device.” Id. at 1:36–39. If, however, the computer detects the
`presence of a removable storage device that is not secure, “then the
`computer automatically operates in a ‘restricted-access’ mode.” Id. at 1:41,
`42. Figure 1 of the ’459 patent is reproduced below.
`
`2
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`
`
`
`
`Figure 1 of the ’459 patent depicts a block diagram of a secure
`computing environment, including computer 100, which senses whether
`storage device 151 is secure. Id. at 1:30–33. To determine whether a
`removable storage device is secure, the ’459 patent describes attempting to
`read “device-specific security information” from the storage device. Id. at
`5:7–10. The device-specific security information is “derived from the
`unique format information of the removable storage device.” Id. at 3:66–
`4:1. The’459 patent elaborates:
`the device-specific security
`In one embodiment,
`information is a function of the low-level format
`information and,
`therefore, uniquely
`identifies
`the
`
`3
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`underlying media of storage device 151. For example, in
`one embodiment the device-specific security information
`is a hash of the addresses of the bad sectors for storage
`device 151. Because it is a function of the physical
`characteristics of the actual storage medium within
`storage device 151, the format information is inherently
`unique to each storage device 151. In other words, the
`addresses of the bad sectors change from device to
`device.
`
`
`Id. at 4:9–19.
`According to the ’459 patent, when a computer operates in a secure
`“full access” data storage mode, storage management software encrypts and
`decrypts data transmitted between the computer and the removable storage
`device using a cryptographic key. Id. at 3:61–64. The system of the ’459
`patent generates this cryptographic key by combining any number of the
`following types of information: “(1) device-specific security information
` . . . , (2) manufacturing information that has been etched onto the storage
`device, (3) drive-specific information, such as drive calibration parameters,
`retrieved from the storage drive, and (4) user-specific information such as a
`password or biometric information.” Id. at 3:65–4:5.
`When a computer operates in a “restricted-access” data storage mode,
`the computer operates the storage device as “read-only” such that the user
`may read data from the device but may not write any data to the device. Id.
`at 1:63–66. Alternatively, the user may be permitted “to write [] non-
`sensitive data to the removable storage device in an unencrypted format.”
`Id. at 2:1, 2.
`Illustrative Claim
`B.
`Claims 15 and 18 are independent claims. Claim 15 is
`reproduced below.
`
`4
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`for accessing a storage device
`
`15. A method
`comprising:
`detecting a storage device within the storage drive;
`sensing whether a storage device has device-specific
`security information stored thereon;
`providing full-access to the storage device when the
`storage device has the device-specific security information by:
`encrypting digital data using
`the
`security
`information during a write access to write the digital data
`to the storage device; and
`security
`the
`decrypting digital data using
`information during a read access to read the digital data
`from the storage device; and
`providing restricted-access to the storage device when the
`storage device does not store the device-specific security
`information by preventing the digital data from being written to
`the storage device during the write access.
`
`Evidence Relied Upon
`C.
`Petitioner relies on the following references:
`1. Blakley III et al., U.S. Patent No. 5,677,952, issued October 14,
`1997 (Ex. 1005, “Blakley”);
`2. Uchida, U.S. Patent No. 7,124,301 B1, issued on October 17, 2006
`(Ex. 1006, “Uchida”); and
`3. Ian D. Bramhill & Mathew Sims, Copyright in a Digital Age, BT
`Technol. J. Vol. 15 No. 2 (April 1997) (Ex. 1007, “Bramhill”).
`Petitioner further relies on the Declaration of Dr. Paul Franzon
`(Ex. 1002).
`
`5
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`Proposed Grounds of Unpatentability
`D.
`Petitioner contends Blakley and Bramhill render the Challenged
`Claims unpatentable under 35 U.S.C. § 103. Pet. 16. Petitioner also
`contends Uchida and Bramhill render the Challenged Claims unpatentable
`under 35 U.S.C. § 103. Id.
`
`Related Proceedings
`E.
`The ’459 patent is the subject of IPR2016-01404, wherein claims 1, 2,
`13, 14, 33, 34, 39, 46, and 48 are currently under inter partes review.
`IPR2016-01404, Paper 9, 2. The Board declined to institute inter partes
`review of claims 15 and 18 in that proceeding. Id.
`Petitioner also identifies actions for infringement of the ’459 patent
`pending in the United States District Court for the District of Massachusetts.
`Pet. 7.
`
`
`III. CLAIM CONSTRUCTION
`Petitioner proposes construction of the following terms: “device-
`specific security information,” “device-specific information,” “user-specific
`information,” “security information,” and “detecting a storage device within
`a storage drive.” Pet. 9–16. Patent Owner responds that we need not
`construe the terms of the Challenged Claims. Prelim. Resp. 5. Because
`construction of the terms proposed by Petitioner is not necessary for our
`determination of whether to institute a trial, we do not construe these terms.
`Vivid Techs., Inc. v. Am. Sci. & Eng’g, Inc., 200 F.3d 795, 803 (Fed. Cir.
`1999) (explaining that only claim terms in controversy need to be construed,
`and only to the extent necessary to resolve the controversy).
`
`
`6
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`IV. ANALYSIS
`A. Overview of Cited References
`Blakley
`1.
`Blakley describes a method for protecting information in a storage
`disk of a computer using a secret key derived from a password entered by an
`authorized user. Ex. 1005, 2:6–10. Blakley’s method begins by applying a
`length-increasing pseudorandom function to the secret key and an index. Id.
`at 2:10–13. The index identifies a sector of the storage disk. Id. at 2:13.
`The function generates a pseudorandom bit string having a length that is the
`size of the sector. Id. at 2:14–15. The pseudorandom bit string is then used
`to encrypt data written to the sector and to decrypt data read from the sector.
`Id. at 2:16–17.
`Uchida
`2.
`Uchida describes protecting data recorded on a removable storage
`medium such as an optical magnetic disk. Ex. 1006, Abst. Figure 10 of
`Uchida is reproduced below.
`
`7
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`
`Figure 10 of Uchida depicts a flowchart of a two-password process
`employed in an embodiment of Uchida’s invention. Id. at 11:45–46. The
`process begins with a disk driver receiving a password entered by the user.
`Id. at 11:47–49. The driver then “judges whether or not the disk is protected
`by a password.” Id. at 11:49–50. If not, “the user is authorized to access the
`[disk], regardless of the password inputted from the user.” Id. at 11:51–53.
`If the driver determines that the disk is password protected, the driver checks
`the user entry against a first password. Id. at 11:53–58. A match of the first
`password results in the user having access to the whole disk. Id. If the user
`entry instead matches a second password, the user is authorized to read the
`root directory only. Id. at 11:59–66. Finally, if the disk is password
`
`8
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`protected and the user entry does not match the first or second passwords,
`the user is unable to access the disk. Id. at 11:66–67.
`Bramhill
`3.
`Bramhill “proposes an initial model of a software-based system that
`provides copyright protection of multimedia information when delivered by
`Internet-based services.” Ex. 1007, 63. Bramhill describes a number of
`characteristics, which it calls “cybermetric[s],” that can be measured to
`identify a computer. Id. at 67. These cybermetrics include the physical
`components comprising the computer (such as the size of memory or
`presence of CD a drive), the characteristics of the physical components
`(such as the manufacturer or number of tracks on a hard disk), the location
`of static information on a hard disk (i.e., the bad sectors of the disk), etc. Id.
`B. Obviousness of claims 15, 18, 24, and 25 based on Blakley and
`Bramhill
`Independent claim 15
`1.
`Claim 15 recites, in relevant part, “sensing whether a storage device
`has device-specific security information stored thereon.” Claim 15 further
`recites providing full-access by encrypting and decrypting digital data “using
`the security information.” Thus, claim 15 requires (1) a determination of
`whether the storage devices contains “device-specific security information”
`and (2) use of the device-specific security information to encrypt and
`decrypt digital data. Ex. 1001, 10–27; see also IPR2016-01404, Paper 9, 17.
`Petitioner’s analysis identifies three alternatives employing different
`teachings of Blakley and Bramhill to meet the claim limitation “device-
`specific security information.” These are: (a) Blakley’s index used to
`generate its pseudorandom bit string, (b) Blakley’s value identification (ID),
`and (c) Bramhill’s cybermetrics. Pet. 26–29. We have reviewed Petitioner’s
`
`9
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`analysis applying these three alternative theories, including the relevant
`portions of the Jestice Declaration cited in support. Id. (citing Ex. 1002,
`¶¶ 98–104). We conclude that Petitioner’s analysis is insufficient to
`establish a reasonable likelihood of success on this challenge for at least the
`following reasons.
`Blakley’s “index”
`a)
`Petitioner contends that “Blakley discloses ‘device-specific security
`information,’ e.g., the index used to generate the ‘pseudorandom bit string,’
`stored on the hard disk.” Pet. 27. Petitioner does not establish, however,
`that Blakey discloses “sensing” the presence of the index on the storage
`device, as required by claim 15. Id. at 28. Instead, Petitioner and
`Mr. Jestice assert that “a device-specific (and user-specific) pseudorandom
`bit string is generated and stored on the storage device during installation,
`and later checked against a pseudorandom bit string generated when a user
`logs on or otherwise initiates a request to access secure information.” Id.
`(emphasis added); see also Ex. 1002 ¶ 103.
`Petitioner’s argument blurs the distinction between Blakley’s index
`and Blakley’s pseudorandom bit string. That is, establishing that Blakley
`senses a bit string does not fulfill Petitioner’s burden to show that Blakley
`senses the presence of the “device-specific security information,” as claim
`15 requires, because Petitioner draws a correspondence between the recited
`device-specific security information and Blakley’s index. Further, claim 15
`recites using the device-specific security information (i.e., Blakley’s index)
`to encrypt and decrypt digital data. Petitioner does not contend Blakley’s
`index meets this requirement, and indeed Blakley does not describe using
`the index to encrypt and decrypt digital data. Ex. 1005, 2:15–16 (“The
`
`10
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`pseudorandom bit string is then used to encrypt and decrypt data accesses to
`and from the sector.”) (emphasis added).
`To the extent Petitioner argues Blakley’s index-generated
`pseudorandom bit string meets the claimed device-specific security
`information (see Pet. 28), the string Petitioner and Mr. Jestice identify as
`stored in Blakley is not the pseudorandom bit string generated using the
`index. Id.; see also Ex. 1002 ¶ 103. Rather, Blakley describes the cited
`string as a “one-way function of the secret key” used to distinguish correct
`and incorrect passwords. Ex. 1005, 5:66–6:3. Even if the cited string were
`the pseudorandom bit string generated using the index, Blakley teaches this
`index-generated pseudorandom bit string is not stored on the storage device,
`as required by claim 15. Ex. 1005, 2:10–21 (describing that the
`pseudorandom bit string does not exist until an authorized user first inputs a
`password into the computer, the password is used to derive a secret key, and
`the secret key is combined in a length-increasing pseudorandom function
`with an index).
`
`Blakley’s “value identification (ID)”
`b)
`Petitioner alternatively contends Blakley’s value identification (ID) is
`stored on the storage drive and meets the claimed device-specific security
`information. Pet. 27. Petitioner, however, makes no attempt to show Blakey
`discloses “sensing” the presence of the value ID on the storage device, as
`required by claim 15. Id. at 28. Moreover, claim 15 requires using the
`device-specific security information (i.e., the value ID) to encrypt and
`decrypt digital data, which Blakely does not teach. Ex. 1005, 2:15–16,
`5:44–56.
`
`11
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`Bramhill’s “cybermetrics”
`c)
`Petitioner alternatively identifies Bramhill’s cybermetrics, which
`Bramhill describes as a number of characteristics that can be measured to
`uniquely identify a device, as meeting the claimed device-specific security
`information. Pet. 29. Petitioner further asserts: “A POSA would have
`understood that the device-specific security information of Bramhill could
`be combined with the methods of controlling access to storage devices
`described in Blakley to further prevent the unauthorized use of data.” Id.
`(citing Ex. 1002, ¶¶72–80). Neither Petitioner nor Mr. Jestice identifies
`specific teachings from Blakley to be combined with Bramhill’s
`cybermetrics or explains how such teachings would be combined. See id.
`Because we cannot discern from Petitioner’s argument and its evidence cited
`the specific elements of Bramhill and Blakley to be combined and how an
`artisan of ordinary skill would combine them, we are not persuaded by
`Petitioner’s argument.
`For the foregoing reasons, we determine Petitioner has not
`shown a reasonable likelihood of prevailing on this obviousness
`challenge to claim 15.
`Independent claim 18
`2.
`Claim 18 recites, in relevant part, “sensing whether the storage device
`has security information generated from a combination of device-specific
`information associated with the storage device and user-specific information
`associated with a user.” Claim 18 further recites permitting write access by
`encrypting digital data “using the security information” when the security
`information is sensed. Thus, claim 18 requires a determination of whether
`the storage devices contains “security information” generated from a
`
`12
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`combination of device-specific and user-specific information and use of the
`security information to encrypt digital data. Ex. 1001, 36–49; see also
`IPR2016-01404, Paper 9, 18.
`Petitioner’s analysis of independent claim 18 incorporates its analysis
`of independent claim 15. Pet. 36–38. For the reasons discussed above in the
`context of claim 15, we determine Petitioner has not shown a reasonable
`likelihood of prevailing on this obviousness challenge to claim 18. See
`supra Section IV.B.1.
`Dependent claims 24 and 25
`3.
`Claims 24 and 25 depend from claim 18. Petitioner addresses these
`claims by relying on its analysis of claim 18. Pet. 41–42. Because
`Petitioner has not shown a reasonable likelihood of prevailing on its
`obviousness challenge to independent claim 18, we similarly find Petitioner
`has not shown a reasonable likelihood of prevailing on this obviousness
`challenge to dependent claims 24 and 25.
`C. Obviousness of claims 15, 18, 24, and 25 based on Uchida and
`Bramhill
`Independent claim 15
`1.
`Claim 15 recites, in relevant part, “providing restricted-access to the
`storage device when the storage device does not store the device-specific
`security information by preventing the digital data from being written to the
`storage device during the write access.” Thus, claim 15 requires a
`determination of whether the storage devices contains “device-specific
`security information” and, if not, preventing data from being written to the
`storage device. Ex. 1001, 10–27; see also IPR2016-01404, Paper 9, 17.
`Petitioner contends Uchida’s Figure 10 meets this limitation. Pet. 62–
`64. More specifically, Petitioner identifies Uchida’s passwords as teaching
`
`13
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`the claimed device-specific security information. See id. at 63. Petitioner,
`citing Mr. Jestice, further contends that if a user enters Uchida’s first
`password, the user is granted “full access” to the storage device, but if the
`user enters Uchida’s second password, the user is granted “restricted access”
`that permits reading from the disk but not writing. Id. at 64 (citing,
`Ex. 1002, ¶¶178–80).
`We have reviewed Petitioner’s analysis, including the relevant
`portions of the Jestice Declaration cited in support. Id. Petitioner’s analysis
`is insufficient to establish a reasonable likelihood of success on this
`challenge. Assuming arguendo that Uchida’s passwords meet the claimed
`device-specific security information, Uchida fails to teach restricted-access
`preventing writing data when the disk is not password protected (i.e., when
`the storage device does not contain the device-specific security information).
`Uchida states, “If the disk is not protected by a password, the user is
`authorized to access the whole storage medium, regardless of the password
`inputted from the user (STEP S62).” Id. at 11:51–53. Uchida thus teaches
`allowing full access, rather than restricted access, when the storage device
`does not store the device-specific security information.
`Petitioner further identifies Bramhill’s cybermetrics as meeting the
`claimed device-specific security information. Pet. 64 (citing, Ex. 1002
`¶¶ 176–183). Neither Petitioner nor Mr. Jestice explains how Bramhill’s
`cybermetrics would be combined with Uchida’s passwords in order to
`provide restricted-access preventing data from being written when the
`device-specific security information is not sensed. See id. Because we
`cannot discern from Petitioner’s argument and its evidence cited the specific
`elements of Bramhill and Blakley to be combined and how an artisan of
`
`14
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`ordinary skill would combine them, we are not persuaded by Petitioner’s
`argument.
`For the foregoing reasons, we determine Petitioner has not
`shown a reasonable likelihood of prevailing on this obviousness
`challenge to claim 15.
`Independent claim 18
`2.
`Claim 18 recites, in relevant part, “configuring the storage drive to
`prevent write access to the storage device when the security information is
`not sensed.” Petitioner’s analysis of independent claim 18 incorporates its
`analysis of independent claim 15. Pet. 67. Petitioner further directs our
`attention to Figure 9 of Uchida. Id. at 67–68. Like Figure 10 discussed in
`Section IV.C.1 above, Figure 9 describes writing data when Uchida’s disk is
`not password protected. Ex. 1006, 10:65–66 (“If it is not protected by a
`password, the data is written (STEP S52)”). Accordingly, for the reasons
`discussed above in the context of claim 15, we determine Petitioner has not
`shown a reasonable likelihood of prevailing on this obviousness challenge to
`claim 18. See supra Section IV.C.1.
`Dependent claims 24 and 25
`3.
`Claims 24 and 25 depend from claim 18. Petitioner addresses these
`claims by relying on its analysis of claim 18. Pet. 70–71. Because
`Petitioner has not shown a reasonable likelihood of prevailing on its
`obviousness challenge to independent claim 18, we similarly find Petitioner
`has not shown a reasonable likelihood of prevailing on this obviousness
`challenge to dependent claims 24 and 25.
`
`15
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`D. Discretion Whether to Institute Under 35 U.S.C. § 325(d)
`Patent Owner argues that we should exercise our discretion under
`35 U.S.C. § 325(d) and deny the Petition. Prelim. Resp. 6–8. Because we
`deny the Petition on the merits, we do not reach this argument.
`
`
`SUMMARY
`V.
`We determine that Petitioner has not demonstrated a reasonable
`
`likelihood of prevailing on its challenges to claims 15, 18, 24, and 25.
`
`
`VI. ORDER
`
`It is, therefore:
`ORDERED that the Petition is denied and no trial is instituted.
`
`
`
`16
`
`
`
`IPR2017-00467
`Patent 6,968,459 B1
`
`
`FOR PETITIONER:
`Benjamin E. Weed
`Brian J. Ankenbrandt
`K&L GATES LLP
`benjamin.weed.ptab@klgates.com
`brian.ankenbrandt@klgates.com
`
`Peter Dichiara
`Theodoros Konstantakopoulos
`WILMER CUTLER PICKERING HALE AND DORR LLP
`peter.dichiara@wilmerhale.com
`theodoros.konstantakopoulos@wilmerhale.com
`
`
`
`PATENT OWNER:
`Lori A. Gordon
`Steven W. Peters
`STERNE, KESSLER, GOLDSTEIN & FOX PLLC
`lgordon-ptab@skgf.com
`speters-ptab@skgf.com
`
`James R. Hietala
`Tim R. Seeley
`INTELLECTUAL VENTURES
`jhietala@intven.com
`tim@intven.com
`
`
`17
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
