`
`______________________
`
`
`
`
`
`IN THE UNITED STATES PATENT TRIAL AND APPEAL BOARD
`
`______________________
`
`NETAPP, INC., LENOVO (UNITED STATES) INC., and EMC CORP.,
`Petitioner
`
`v.
`
`INTELLECTUAL VENTURES II, LLC
`Patent Owner
`
`Case No.: IPR2017-00467
`U.S. Patent No. 6,968,459
`
`
`
`DECLARATION OF IAN JESTICE
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 1 of 92
`
`
`
`I, Ian Jestice, do hereby declare and say:
`
`1.
`
`I am over the age of twenty-one (21) and competent to make this
`
`declaration. I am also qualified to give testimony under oath. The facts and
`
`opinions listed below are within my personal knowledge.
`
`2.
`
`I am being compensated for my time in this matter at my standard consulting
`
`rate of $325/hr. My compensation in no way depends on the outcome of this
`
`proceeding or the content of my opinions. I am not employed by, nor receiving
`
`grant support from, the Petitioner in this matter. I am receiving compensation from
`
`Petitioner solely for my involvement in this matter and based only on my standard
`
`hourly consulting fees.
`
`3.
`
`I have been asked to review certain documents, including U.S. Patent No.
`
`6,968,459 (which I refer to as the ’459 Patent) (Ex. 1001), and to provide my
`
`opinions on what those documents disclose. The documents I was asked to review
`
`include those addressed in more detail in the rest of this declaration. I provide my
`
`conclusions regarding the disclosures of these documents below. I was also asked
`
`to review and provide opinions regarding U.S. Patent Nos. 6,516,442 and
`
`6,633,945, which I understand are also involved in litigation against Petitioner
`
`along with the ’459 Patent.
`
`4.
`
`In addition to the ’459 Patent, I have reviewed and am familiar with the
`
`2
`
`following documents:
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 2 of 92
`
`
`
`a. U.S. Patent No. 5,677,952 to Blakley, III et al. (“Blakley”) (Ex.
`
`1005);
`
`b. U.S. Patent No. 7,124,301 to Uchida (“Uchida”) (Ex. 1006); and
`
`c. Ian D. Bramhill & Mathew Sims, Copyright in a Digital Age, BT
`
`Technol J Vol 15 No 2 (April 1997) (“Bramhill”) (Ex. 1007).
`
`5.
`
`I was also asked to provide my opinions on the technical feasibility of
`
`combining certain aspects of certain documents, and whether those combinations
`
`would have been made from a technical perspective. I have offered my opinions
`
`on the feasibility of such combinations in this declaration.
`
`6.
`
`I am not offering any conclusions as to the ultimate determinations I
`
`understand the Patent Trial and Appeal Board will make in this proceeding.
`
`Specifically, I am not offering opinions on ultimate issues of validity or claim
`
`construction. I am simply providing my opinion on technical issues, including on
`
`the technical aspects of the documents as compared to the claims of the ’459 Patent
`
`as a factual matter and on the combinability of the concepts disclosed in those
`
`documents from a technical perspective.
`
`BACKGROUND
`
`7.
`
`I hold the equivalent of an undergraduate degree in Telecommunications and
`
`Computer Science from the City and Guilds Institute of London, which I obtained
`
`3
`
`in 1971.
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 3 of 92
`
`
`
`8.
`
`As described in more detail in my curriculum vitae (Ex. 1003) I have more
`
`than 40 years of industry experience with storage devices, embedded software
`
`systems for industry and consumer products, and other systems including Flash
`
`Memory (Solid State Disks, memory cards, flash drives), Optical Storage (CD,
`
`DVD, WORM, Magneto-Optical), Magnetic Storage (Hard Disk, Floppy Disk,
`
`Tape), RAID/Disk Arrays
`
`and
`
`jukeboxes; USB,
`
`SCSI,
`
`iSCSI,
`
`IDE/ATA/ATAPI/SATA, Fibre Channel, PCMCIA, game programming, home
`
`appliances and telecommunications.
`
`9.
`
`As part of my experience, I have worked as a design and systems engineer at
`
`Amdahl Corporation, IBM and Fujitsu, designing, building, testing and supporting
`
`computing environments with secure storage devices.
`
`10.
`
`I have been familiar with the field of storage devices, specifically secure
`
`storage devices, for at least the past 30 years. I have worked with security in the
`
`context of storage devices while working for IBM, Amdahl and Fujitsu using
`
`IBM’s RACF (Resource Access Control Facility) software. Additionally, while
`
`working at Zadian, I was involved in the testing of secure storage devices. For
`
`these reasons and because of my technical experience and training as outlined in
`
`my curriculum vitae (Ex. 1003), I believe I am capable of offering technical
`
`opinions regarding the ’459 Patent and the other documents I reviewed as part of
`
`4
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 4 of 92
`
`
`
`my work in this matter. I believe I am capable of opining about the state of the art
`
`in these areas at various points in time from the early 1970s to the present.
`
`OVERVIEW OF SECURE STORAGE DEVICES
`11. Before the introduction of Personal Computers, computer systems were
`
`physically secured in locked computer rooms where access was restricted to a few
`
`trusted employees. External access to the data was restricted by the limitations of
`
`computer network and the cost of the equipment. Data was stored in the secure
`
`computer rooms on physically large and heavy media. Consequently the security of
`
`the data could be achieved using traditional physical security protocols.
`
`12. As inexpensive, small, data storage, computer networks and management
`
`became more prevalent in the mid to late 90s, creating secure computing
`
`environments became a top priority. A specific goal was to prevent unauthorized
`
`use of computer data. Preventing unauthorized use of computer data became an
`
`even greater concern as the use of removable storage devices became more
`
`common.
`
`13. One of the biggest fears while using removable storage devices was the
`
`copying and/or reading of sensitive data by unauthorized users. To prevent
`
`unauthorized use of sensitive computer data, many security measures were created
`
`and implemented to regulate and secure access to data.
`
`5
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 5 of 92
`
`
`
`14. Mechanisms as simple as physical switches on floppy disks have been used
`
`to prevent some copying of data. Similarly, with regard to DVD video, encoding
`
`techniques have been used to ensure that only authorized devices (with the
`
`capability to decode) can be used to playback a disk. Likewise, because of the
`
`encoded nature of the content on these discs, copying to a hard disk drive is not
`
`possible without first breaking the encoding scheme.
`
`15. Other security measures over time have included the use of PINs or
`
`passwords or other similar user-specific identifiers, bad sectors or physical
`
`nonuniformities or other similar device-specific identifiers, and encryption and
`
`other similar data specific measures. To increase the level of security, multiple
`
`different security measures, especially different types of security measures, were
`
`often combined to achieve maximum security.
`
`16.
`
`In the late 1970’s and 1980’s, Computer manufactures realized that
`
`operating system software could play a significant part in the security of the data
`
`and access to the computer systems. IBM introduced RACF (Resource Access
`
`Control Facility) for storage devices in 1977 to the MVS operating system. RACF
`
`provided different levels of access to data based on userid’s, passwords and
`
`security key strings. RACF also supported the encryption on data storage devices.
`
`The ’459 Patent is directed to a particular security regime involving the use of
`
`6
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 6 of 92
`
`
`
`security information (such as device-specific security information) on media to
`
`ensure that copying is authorized.
`
`U.S. PATENT NO. 6,968,459
`
`17. The ’459 Patent relates to a secure storage device and restricting access to
`
`that device. Ex. 1001 at Title, Abstract. It describes “a computer 100 that
`
`automatically operates in a secure data storage mode when the computer 100
`
`senses that storage device 151 is a secure storage device.” Ex. 1001 at 2:30-33.
`
`Fig. 1 of the ’459 Patent illustrates computer 100 and removable storage media 151
`
`(which, in the figure, are a floppy disk and a CD-ROM).
`
`
`
`7
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 7 of 92
`
`
`
`Ex. 1001 at Fig. 1. In the above figure, I have added annotations to show the
`
`removable storage media in blue and the drive into which the media are inserted in
`
`red. According to the ’459 Patent, “each storage device 151 represents a
`
`removable device having a storage medium for holding digital information such as
`
`a floppy diskette, a magneto-optical storage device, an optical disk, a SuperDiskTM
`
`diskette, a ZipTM disk, a JazzTM disk, a tape cartridge, etc.” Id. at 3:8-33 (emphasis
`
`added).
`
`18. The ’459 Patent teaches that once a piece of removable media has been
`
`inserted into an appropriate drive, a so-called storage manager detects whether the
`
`removable storage device 151 has “security information” such as “device-specific”
`
`information and “user-specific” information. Ex. 1001 at 3:57-4:34, 5:7-10. The
`
`’459 Patent provides examples of device-specific security information, including
`
`information that is “a function of the unique format characteristics of the
`
`underlying storage medium” (id. at Abstract, 3:66-4:1), such as “a hash of the
`
`addresses of the bad sectors for storage device” that is “inherently unique to each
`
`storage device ….” Id. at 4:9-17.
`
`19.
`
`In what the ’459 Patent describes as an “exemplary embodiment,” an “LS-
`
`120 SuperDiskTM 300 from ImationTM Corp.” as the storage device. Id. at 7:51-52.
`
`The ’459 Patent explains that “unique format information … for example the zone
`
`numbers and corresponding LBA’s for SuperDisk 300, or a combination thereof,
`
`8
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 8 of 92
`
`
`
`can be hashed to form the device-specific security information.” Id. at 8:15-60.
`
`Specifically, “SuperDisk 300 uses a slip-sector format that maps data into good
`
`data sectors. In the slip-sector format, each data sector is assigned a logical block
`
`address (LBA),” which “identifies a readable sector of data and its logical position
`
`within SuperDisk 300.” Id. at 8:28-37. The ’459 Patent further describes how “the
`
`slip-sector format defines 110 zones,” each having a defined number of tracks,
`
`where “[e]ach zone has an LBA that represents the starting address of the
`
`corresponding zone.” Id. at 8:32-37. Thus, the data sectors are indexed by
`
`assigning LBAs corresponding to their logical positions within the storage device.
`
`“[A] device-specific key can be generated using the unique format information
`
`described above.” Id. at 8:50-52.
`
`20. The ’459 Patent further states that “device-specific security information can
`
`be combined with other security information in order to increase the level of
`
`security of computer 100.” Id. at 4:20-22. For example, device-specific security
`
`information can be combined with “user-specific security information” such as a
`
`password or biometric information.” Id. at 4:4-5, 5:39-46, 11:1-7.
`
`21.
`
`In the ’459 Patent, if the required “security information” such as “user-
`
`specific” information and/or “device-specific” information is retrieved, then “full
`
`access” is provided to the storage device, where data can be read by and written to
`
`the storage device 151. Id. at 4:29-34, 6:28-33. A cryptographic key for
`
`9
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 9 of 92
`
`
`
`encrypting and decrypting the data to the storage device 151 is generated from the
`
`“security information.” Specifically, data written to the storage device 151 is
`
`encrypted, and data read from the storage device 151 is decrypted using a
`
`cryptographic key generated from the “security information.” Id. at 3:64-4:5, 4:63-
`
`5:6, 5:58-60, 6:4-15.
`
`22. However, if the required “security information” is not retrieved, then the
`
`’459 Patent discusses providing “restricted access” to the storage device 151. Id. at
`
`4:29-34, 5:15-19, 5:39-46.
`
`23. Figure 2 below graphically illustrates one example of the security protocol
`
`described in the ’459 Patent.
`
`10
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 10 of 92
`
`
`
`
`
`Ex. 1001 at Fig. 2.
`
`24.
`
`I have been asked to focus my analysis and opinions on claims 15, 18, 24,
`
`and 25 of the ’459 Patent. Those claims are reproduced below for reference:
`
`Claim 15:
`
`A method for accessing a storage device comprising:
`
`detecting a storage device within the storage drive;
`
`sensing whether a storage device has a device-specific security
`11
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 11 of 92
`
`
`
`information stored thereon;
`
`providing full-access to the storage device when the storage device has
`
`the device-specific security information by:
`
`encrypting digital data using the security information during a write
`
`access to write the digital data to the storage device; and
`
`decrypting digital data using the security information during a read
`
`access to read the digital data from the storage device; and
`
`providing restricted-access to the storage device when the storage
`
`device does not store the device-specific security information by
`
`preventing the digital data from being written to the storage device
`
`during the write access.
`
`Claim 18:
`
`A method for accessing a storage device comprising:
`
`detecting a storage device within the storage drive;
`
`sensing whether the storage device has security information generated from
`
`a combination of device-specific information associated with the storage
`
`device and user-specific information associated with a user;
`
`configuring the storage drive to prevent write access to the storage device
`
`when the security information is not sensed; and
`
`12
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 12 of 92
`
`
`
`configuring the storage drive to permit write access by encrypting digital
`
`data using the security information and writing the encrypted digital data to
`
`the storage device when the security information is sensed.
`
`Claim 24:
`
`The method of claim 18, wherein encrypting digital data using the security
`
`information includes generating the cryptographic key as a function of the
`
`user-specific information.
`
`Claim 25:
`
`The method of claim 18, wherein the user-specific information is a
`
`password.
`
`SUMMARY OF OPINIONS
`
`25.
`
`I was asked to offer my opinion about the qualifications of a “person of
`
`ordinary skill in the art” or a “POSA,” in the field of the ’459 Patent as of
`
`December 15, 1999. I was asked to offer opinions about what certain documents
`
`taught to such a POSA as of December 15, 1999. At a high level, the methods and
`
`systems of using secure storage devices disclosed in the ’459 Patent were not new
`
`as of December 15, 1999. My review of the documents referenced herein
`
`comports with my experience that those of skill in the art prior to December 1999
`
`knew how to protect storage devices (both removable and non-removable) using
`
`device-specific security information and user-specific security information to
`
`13
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 13 of 92
`
`
`
`prevent unauthorized use of data. Further, those of skill in the art prior to
`
`December 1999 knew that this same security information could be used to encrypt
`
`data adding an increased level of security.
`
`26. As discussed in more detail below, my review of prior art documents in this
`
`proceeding demonstrates that the individual components of Claims 15, 18, 24 and
`
`25 of the ’459 Patent were well-known as of December 15, 1999.
`
`27. Specifically, U.S. Patent No. 5,677,952 to Blakley, III et al. (“Blakley”) (Ex.
`
`1005) in view of Ian D. Bramhill & Mathew Sims, Copyright in a Digital Age, BT
`
`Technol. J. Vol 15 No 2 (April 1997) (“Bramhill”) (Ex. 1007) discloses each and
`
`every element of Claims 15, 18, 24, and 25 of the ’459 Patent.
`
`28. Additionally, U.S. Patent No. 7,124,301 to Uchida (“Uchida”) (Ex. 1006) in
`
`view of Bramhill (Ex. 1007) discloses each and every element of Claims 15, 18, 24
`
`and 25.
`
`29.
`
`I was asked to consider the feasibility and combinability of references
`
`through the eyes of a POSA as of December 15, 1999. In considering those
`
`combinations, I was asked not to use “hindsight” reasoning. I have been informed
`
`about certain factors that should be considered in making such combinations,
`
`which I detail below.
`
`30. Under the framework I have been provided, it is my opinion that the
`
`combinations I have been asked to consider in the instant proceeding (i.e., Blakley
`
`14
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 14 of 92
`
`
`
`in view of Bramhill and Uchida in view of Bramhill) could and would have been
`
`made by a POSA, which I address in more detail below, as of December 15, 1999.
`
`As I describe below, the individual references, several of which are attributable to
`
`large computer companies that specialized in computer storage technology, contain
`
`statements and teachings that motivate those of skill in the art to look to other
`
`references in the combinations I was asked to consider.
`
`31. Thus, in my opinion, a POSA would have been motivated to combine
`
`Blakley with Bramhill; the resulting system discloses each feature of claims 15, 18,
`
`24 and 25 of the ’459 Patent. Likewise, in my opinion, a POSA would have been
`
`motivated to combine Uchida with Bramhill; the resulting system also discloses
`
`each feature of claims 15, 18, 24 and 25 of the ’459 Patent.
`
`LEVEL OF SKILL IN THE ART
`
`32.
`
`I was asked to provide my opinion about the experience and background a
`
`POSA of the ’459 Patent would have had as of December 15, 1999. In my
`
`opinion, such a POSA would have had a bachelor’s degree in computer science,
`
`computer engineering, or the equivalent, and would have had at least two years of
`
`experience in the design or research of secure computer data storage devices.
`
`33.
`
`I believe I qualified as a person of skill in the art in 1999 based on my
`
`telecommunication and computer science degree along with the experience I
`
`15
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 15 of 92
`
`
`
`outlined above. Furthermore, I believe that I can opine today about what those of
`
`skill in the art would have known and understood as of December 15, 1999.
`
`CLAIM CONSTRUCTION
`
`34. As I mentioned above, I am not offering any opinions with regard to the
`
`ultimate legal conclusion the Patent Trial and Appeal Board (“PTAB”) will make
`
`in this proceeding. I understand in general that the claim construction standard
`
`applicable here is the “broadest reasonable interpretation,” a standard which
`
`theoretically results in constructions broader than or equal to in scope than the
`
`claim construction standard applicable in district court.
`
`a. Device-Specific Security Information
`
`35. Claim 15 of the ’459 Patent recites “device-specific security information.” I
`
`was asked to provide my opinions herein based on the understanding that “device-
`
`specific security information” means “information that is specific to the storage
`
`device and used to control access to the storage device but excludes manufacturing
`
`information that has been etched onto the storage device (i.e., a randomly
`
`generated number), drive-specific
`
`information, such as drive calibration
`
`parameters, and user-specific information, such as a password selected by a user.”
`
`36.
`
`I was also asked to provide my opinion with a slightly broader
`
`understanding of the meaning of “device-specific security information:” namely,
`
`16
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 16 of 92
`
`
`
`that it means “information that is specific to the storage device and is used to
`
`control access to the storage device.”
`
`37.
`
`I provide my analysis under each construction in more detail below.
`
`b. “Device-Specific Information” and “User-Specific Information”
`
`38. Claim 18 of the ’459 Patent recites “device-specific information” and “user-
`
`specific information.” I was asked to offer my opinions here with the
`
`understanding that these terms mean “information specific to the device” and
`
`“information specific to the user,” respectively.
`
`c. “Security Information”
`
`39. Claim 18 of the ’459 Patent recites “security information.” I was asked to
`
`provide my opinions herein based on the understanding that the term “security
`
`information” means “information that is used to control access.”
`
`d. “Detecting a Storage Device within a Storage Drive”
`
`40. Claims 15 and 18 of the ’459 Patent each require a “detecting a storage
`
`device within a storage drive.” I have been asked to provide my opinion based on
`
`the construction of this term to be “determining that removable storage media has
`
`been inserted into a media drive.” Indeed, this construction is consistent with my
`
`understanding of the term “detecting a storage device within a storage drive,”
`
`which connotes that some removable medium is being inserted in drive configured
`
`17
`
`to read that medium.
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 17 of 92
`
`
`
`41.
`
`I have also been asked to provide my opinion based on a construction of the
`
`term where the device is not removable, and where establishing initial
`
`communications with a hard disk drive can satisfy this term.
`
`42.
`
`I provide my analysis under each construction in more detail below.
`
`U.S. PATENT NO. 5,677,952 (“BLAKLEY”)
`
`43. As part of my work in this proceeding, I was asked to review U.S. Patent
`
`No. 5,677,952 to Blakley. Ex. 1005.
`
`44.
`
`Blakely is directed to a “method to protect information on a computer
`
`storage device” in a storage drive, to create a secure computing environment. Ex.
`
`1005 at Title. “It is the principal object of [Blakley] to protect the confidentiality of
`
`information stored on a storage device of a computer” by permitting authorized
`
`users access to the information and preventing unauthorized users access to the
`
`information. Ex. 1005 at 1:43-45. Like the ’459 Patent, Blakley uses “security
`
`information” in the form of a pseudorandom bit string that is both user-specific
`
`(e.g., based in part on a secret key derived from an authorized user’s password) and
`
`device-specific (e.g., based in part on an index that is specific to the storage device)
`
`to control whether read and write access is granted to the storage device. Blakely
`
`further teaches that this user-specific and device-specific security information is
`
`used to encrypt and decrypt information to and from the storage device to protect
`
`access to the information when the information is lacking. Id. at Abstract, 2:16-17.
`
`18
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 18 of 92
`
`
`
`45.
`
`The pseudorandom bit string described in Blakley is generated by “applying
`
`a length-increasing pseudorandom function” to the “secret key” and “index.” Id. at
`
`Abstract, 2:10-13. Like the ’459 Patent, Blakley’s “secret key” is generated from
`
`user-specific information such as a user’s password. Compare Ex. 1001 (’459
`
`Patent) at 4:4-5, 5:39-46, 5:58-60, 5:66-6:3, with Ex. 1005 (Blakley) at 2:6-10,
`
`2:42-44, 5:1-3, 6:14-18, 11:1-7. Further, it is my opinion that Blakley’s “index” is
`
`“device-specific” in that it uniquely identifies “where in the storage device the
`
`particular data is stored.” Ex. 1005 at 3:45-49, claim 15 (“wherein the index is a
`
`file number identifying a file associated with the location in the storage device”),
`
`2:38 (“index (i.e., the disk sector identification)”), 5:17-19 (“In the event that there
`
`is more than one disk whose contents are to be encrypted, indices are selected for
`
`each disk such that no two sectors receive the same index.”). This is similar to the
`
`description of the device-specific information in the ’459 Patent. Ex. 1001 8:28-37
`
`(’459 Patent’s assignment of a logical block address (LBA) and zones to “identif[y]
`
`a readable sector of data and its logical position within” the storage device).
`
`46. Generally, the “length-increasing pseudorandom function” in Blakley refers
`
`to a function in a computer program that takes a shorter data field and encrypts it,
`
`using inputs such as the secret key and index, into a longer data field using an
`
`algorithm that produces a result that is practically indistinguishable from that of a
`
`truly random function. See Ex. 1005 at 8:3-8 (“the pseudorandom function is a
`
`19
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 19 of 92
`
`
`
`cryptographic ‘object’ that preferably maps a relatively short (e.g., 32 bits) index ‘i’
`
`and a secret key a to an pseudorandom bit sequence fa(i). For f to be called a
`
`pseudorandom function, it must be impossible for the attacker, who does not know
`
`‘a’ to distinguish fa(i) from a random function of i.”).
`
`47.
`
`Therefore, in my opinion, just as the ’459 Patent discloses that the device-
`
`specific security information can be generated using unique location based format
`
`information including the LBAs (Ex. 1001 at 8:28-52), Blakley discloses generating
`
`the pseudorandom bit string based at least in part on the device-specific information
`
`in the form of the disk sector index (Ex. 1005 at 3:45-56).
`
`48.
`
`If the required “security information,” including the correct user password
`
`and corresponding “pseudorandom bit string,” is received by the storage drive,
`
`Blakley teaches that the user is provided full access to the storage device and data
`
`can be read and written to the storage device. Ex. 1005 at 6:12-47. Like the ’459
`
`Patent, this security information in Blakley is used to generate a cryptographic key
`
`to encrypt and decrypt data from the disk sector. Id. at 2:16-17. Specifically, the
`
`“ciphertext is decrypted by the pseudorandom bit string when the disk is read.
`
`Information to be stored in a sector is encrypted by the pseudorandom string before
`
`it is written to the disk.” Id. at 2:18-21. Blakley confirms that the “pseudorandom
`
`bit string [] is used to secure the information intended for or retrieved from” a disk
`
`20
`
`sector. Id. at 5:34-36.
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 20 of 92
`
`
`
`49. Moreover, like the ’459 Patent, if the required “security information” in
`
`Blakley is not received by the storage drive, then data cannot be read from or
`
`written to the storage device. Id. at 6:12-24.
`
`50. Generally, after reviewing the ’459 Patent and Blakley, it is my opinion that
`
`the security architecture of Blakley functions the same way as the ’459 Patent:
`
`Blakley discloses the use of security information in the form of a pseudorandom bit
`
`string that is both user-specific (e.g., based in part on a secret key derived from an
`
`authorized user’s password) and device-specific (e.g., based in part on an index that
`
`is specific to a disk) to determine whether write access should be granted to the
`
`storage device. This security information described in Blakley is used to encrypt
`
`and decrypt information to and from the storage device.
`
`51. While Blakley discusses an embodiment restricting access to information on
`
`a computer’s hard disk 36, Blakley also clearly explains that its system can be
`
`applied to removable storage devices, such as floppy disks 37, as depicted in Figure
`
`2 below (as compared side-by-side with Figure 1 of the ’459 Patent with similar
`
`color annotations). Ex. 1005 at 2:50-53 (“The preferred method may be
`
`implemented on a program storage device (e.g., a floppy diskette) that is readable
`
`by a processor and that tangibly embodies a program of instructions executable by
`
`the processor to perform the method.”), 4:43-47 (“Until required by the computer
`
`system, the set of instructions may be stored in another computer memory, for
`
`21
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 21 of 92
`
`
`
`example, in the hard disk drive 36, or in a removable memory such as an optical
`
`disk for eventual use in the CD ROM 42 or in a floppy disk for eventual use in the
`
`floppy disk drive 37.”), 3:26-33 (“The invention protects against thieves, lunchtime
`
`attacks and other invasions of privacy. The invention is useful on so-called
`
`“portables”,…, desktop machines… smartcards and the like.”). Figs. 1 and 2 of
`
`Blakley confirm its applicability to both hard disks and removable media:
`
`
`
`52.
`
`In my opinion, a POSA would understand that the system of Blakley can be
`
`applied to removable storage devices as well as hard disks; when so applied, the
`
`security scheme of Blakley (including the index of Blakely) involves the use of
`
`information specific to the removable storage device on which the scheme is used
`
`to encrypt and decrypt data reads and writes. Blakley describes security measures
`
`that are easily transferrable and equally applicable to hard disks and removable
`
`22
`
`storage devices.
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 22 of 92
`
`
`
`U.S. PATENT NO. 7,124,301 (“UCHIDA”)
`
`53. As part of my work in this proceeding I was asked to review Uchida. Ex.
`
`1006.
`
`54. Uchida discloses a method “for protecting data recorded on a removable
`
`storage medium.” Ex. 1006 at Abstract. Like the ’459 patent, Uchida discloses a
`
`removable storage device, e.g., “removable storage medium, such as an optical
`
`magnetic disk,” that is inserted into a storage drive, e.g., “optical magnetic disk
`
`apparatus.” Specifically, Uchida discloses “an information processor including a
`
`storage device employing a removable storage medium, such as an optical
`
`magnetic disk.” Ex. 1006 at 5:2-4. The “optical magnetic disk apparatus 1
`
`includes a system controller 10 for writing to and reading out from an optical
`
`magnetic disk used as a storage medium.” Ex. 1006 at 5:46-49. The “optical
`
`magnetic disk apparatus” is an example of the “storage device” in Uchida.
`
`Therefore, what Uchida calls a “storage device,” in my opinion corresponds to
`
`what is referred to in the ’459 Patent’s disclosure and claims as a “storage drive.”
`
`In Uchida, the “removable storage medium” corresponds to the claimed “storage
`
`device.”
`
`55. The system of Uchida detects a removable storage medium when it is
`
`inserted into a storage drive. “[W]hen inserting a removable storage medium to
`
`the storage device 1 or supplying a power for an information processor[], a type of
`
`23
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 23 of 92
`
`
`
`the inserted storage medium is checked, and settings are performed according to
`
`the type[].” Ex. 1006 at 7:66-8:3.
`
`56. Similar to the ’459 Patent, Uchida discloses a mode “for permitting a user to
`
`write and read, [where] the user can write and read to the whole removable storage
`
`medium.” Ex. 1006 at 3:50-51. Specifically, Uchida explains that when a security
`
`condition is satisfied “it becomes possible to execute processing for reading from
`
`or writing to a whole disk.” Id. at 7:25-27. Uchida further describes a different
`
`mode where the used can “read only one area of the removable storage medium.”
`
`Id. at 3:65-66. Specifically, Uchida discloses that when the security condition is
`
`not satisfied “it is judged whether or not the access request is for writing…If it is
`
`for writing, an error is notified…If [] the request is for reading, a specific area
`
`included in the above-described access request command sent from the computer 2
`
`is checked…If the requested specific area is within the authorized range for
`
`reading access, the user can read data.” Id. at 7:27-43.
`
`57. Uchida generally discusses the security conditions in the context of what it
`
`calls “passwords.” For example, a security condition may be satisfied in Uchida
`
`“when the passwords coincide with each other” (Ex. 1006 at 7:25) and the security
`
`condition may not be satisfied when the “passwords do not coincide” (id. at 7:27-
`
`24
`
`28).
`
`
`
`
`
`NETAPP ET AL. EXHIBIT 1002
`Page 24 of 92
`
`
`
`58.
`
`In the methods disclosed in Uchida, in my opinion, passwords are device-
`
`specific, at least under the broader definition I was instructed to use in my analysis.
`
`Uchida identifies in the background of the invention the well-known problems with
`
`careless administration of passwords in connection with “removable storage
`
`mediums.” Specifically, Uchida discloses that
`
`[W]hen employing either of the conventional methods, it is inclined to
`form a careless administration, such that only one password is
`specified for almost all storage mediums. More particularly, the
`problem occurs if either of the above-described conventional method
`is applied to multiple removable storage mediums.
`Id. at 2: 59-64 (emphasis added).
`
`59.
`
`In my opinion, Uchida essentially describes and claims improvem