`
`______________________
`
`
`
`IN THE UNITED STATES PATENT TRIAL AND APPEAL BOARD
`
`______________________
`
`
`
`NETAPP, INC., LENOVO (UNITED STATES) INC., and EMC CORP.,
`Petitioner
`
`v.
`
`INTELLECTUAL VENTURES II, LLC
`Patent Owner
`
`____________________________
`
`CASE IPR: IPR2017-00467
`U.S. PATENT NO. 6,968,459
`____________________________
`
`PETITION FOR INTER PARTES REVIEW
`
`
`
`
`
`
`Mail Stop Patent Board
`Patent Trial and Appeal Board
`U.S. Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`
`
`
`Petition for Inter Partes Review of U.S. Patent No. 6,968,459
`
`Table of Contents
`
`I.
`
`II.
`
`INTRODUCTION ........................................................................................... 1
`
`THE ’459 PATENT ......................................................................................... 2
`
`A. Overview of the ’459 Patent .................................................................. 2
`
`B.
`
`Summary of the Prosecution of the ’459 Patent ................................... 5
`
`III. GROUNDS FOR STANDING (37 C.F.R. § 42.104(a)) ................................. 6
`
`IV. PAYMENT OF FEES (37 C.F.R. §§ 42.15 and 42.103) ................................ 6
`
`V. MANDATORY NOTICES (37 C.F.R. § 42.8) ............................................... 6
`
`A.
`
`B.
`
`C.
`
`Real Parties-In-Interest .......................................................................... 6
`
`Related Matters ...................................................................................... 7
`
`Lead and Backup Counsel (37 C.F.R. § 42.8(b)(3)) and Service
`Information (37 C.F.R. § 42.8(b)(4)) .................................................... 7
`
`VI. PERSON OF ORDINARY SKILL IN THE ART .......................................... 8
`
`VII. CLAIM CONSTRUCTION ............................................................................ 9
`
`A.
`
`B.
`
`C.
`
`D.
`
`“Device-Specific Security Information” ............................................... 9
`
`“Device-Specific Information” and “User-Specific Information” ...... 11
`
`“Security Information” ........................................................................ 12
`
`“Detecting a Storage Device within a Storage Drive” ........................ 12
`
`VIII. STATEMENT OF THE PRECISE RELIEF REQUESTED AND THE
`REASONS THEREFORE (37 C.F.R. § 42.22(a) AND 42.104(b)) .............. 16
`
`A. Ground 1: Claims 15, 18, 24 and 25 Are Obvious Over Blakley in
`View of Bramhill ................................................................................. 17
`
`1.
`
`Overview of the Prior Art ......................................................... 17
`
`2. Motivation to Combine ............................................................. 20
`
`i
`
`
`
`Petition for Inter Partes Review of U.S. Patent No. 6,968,459
`
`3.
`
`Specific Identification of Challenge ......................................... 24
`
`B.
`
`Ground 2: Claims 15, 18, 24 and 25 Are Obvious Over Uchida in
`View of Bramhill ................................................................................. 42
`
`1.
`
`Overview of the Prior Art ......................................................... 42
`
`2. Motivation to Combine ............................................................. 47
`
`3.
`
`Specific Identification of Challenge ......................................... 50
`
`IX. SECONDARY CONSIDERATIONS OF OBVIOUSNESS ........................ 71
`
`X.
`
`CONCLUSION .............................................................................................. 71
`
`
`
`ii
`
`
`
`Petition for Inter Partes Review of U.S. Patent No. 6,968,459
`
`List of Exhibits
`
`Ex. 1001 U.S. Patent No. 6,968,459 (“’459 Patent”)
`
`Ex. 1002 Declaration of Mr. Ian Jestice
`
`Ex. 1003 Curriculum Vitae of Mr. Ian Jestice
`
`Ex. 1004
`
`Prosecution History of the ’459 Patent
`
`Ex. 1005 U.S. Patent No. 5,677,952 to Blakley, III et al. (“Blakley”)
`
`Ex. 1006 U.S. Patent No. 7,124,301 to Uchida (“Uchida”)
`
`Ex. 1007
`
`Ian D. Bramhill & Mathew Sims, Copyright in a Digital Age, BT
`
`Technol. J. Vol 15 No 2 (April 1997) (“Bramhill”)
`
`Ex. 1008
`
`Petition for Inter Partes Review of the ’459 Patent, dated July 11,
`
`2016, in Case No. IPR2016-01404 (Paper No. 2)
`
`Ex. 1009
`
`Patent Owner Preliminary Response to Petition for Inter Partes
`
`Review of the ’459 Patent, dated October 19, 2016, in Case No.
`
`IPR2016-01404 (Paper No. 8)
`
`iii
`
`
`
`INTRODUCTION
`
`
`
`I.
`
`NetApp, Inc., Lenovo (United States) Inc., and EMC Corporation
`
`(collectively “Petitioner”) hereby petition for inter partes review (“IPR”) of claims
`
`15, 18, 24, and 25 of U.S. Patent No. 6,968,459 (“’459 Patent”) (Ex. 1001) under
`
`35 U.S.C. §§ 311–319 and 37 C.F.R. § 42.1
`
`In the mid to late 90s, creating secure computing environments was a
`
`challenge and priority. A specific challenge involved preventing unauthorized use
`
`of computer data. Ex. 1001, 1:21-24; Ex. 1007, 1. Particularly with the
`
`proliferation of removable storage devices, the industry experienced an increasing
`
`fear of unauthorized users accessing sensitive data. Ex. 1001, 1:21-26; Ex. 1007,
`
`2. As a result, many security measures were created to regulate such access.
`
`These included user-specific measures based on passwords or PINs, device-
`
`specific measures based on formatting information such as bad disk sectors, and
`
`data specific measures such as encryption. Security measures were often
`
`1
`An entity unrelated to Petitioner (“Unified Patents” or “UP”) requested IPR
`
`of the ’459 Patent in case number IPR2016-01404 (“UP IPR”). That petition
`
`(Paper No. 2), which relies on different art and arguments than the instant Petition,
`
`is attached hereto as Ex. 1008. Patent Owner Intellectual Ventures II LLC (“PO”)
`
`filed a preliminary response in the UP IPR (Paper No. 8), attached hereto as Ex.
`
`1009, on October 19, 2016.
`
`
`
`1
`
`
`
`
`
`combined to provide maximum security. See Ex. 1002, ¶¶11-16.
`
`The ’459 Patent, originally assigned to Imation Corp. (a manufacturer of
`
`removable media products) describes known techniques for addressing known
`
`security concerns.
`
`II. THE ’459 PATENT
`A. Overview of the ’459 Patent
`The ’459 Patent was filed on December 15, 1999, and issued on November
`
`22, 2005. It purports to describe an improved method of controlling access to data
`
`storage devices. More specifically, it claims methods and systems for controlling
`
`write access to a data storage device based on whether the storage device has
`
`“security information.” See, e.g., Ex. 1001, claim 15, claim 18. “Security
`
`information” can include “device-specific information” that identifies the storage
`
`device, as well as “user-specific information” such as a user password. Id., 4:63-
`
`5:6. This technology was well known and described in patents and other printed
`
`publications long before the ’459 Patent, and is obvious. Ex. 1002, ¶¶17-24.
`
`Figure 1 illustrates “a computer 100 that automatically operates in a secure
`
`data storage mode when the computer 100 senses that storage device 151 is a
`
`secure storage device.” Ex. 1001, 2:30-33.
`
`
`
`2
`
`
`
`
`
`
`
`Ex. 1001, Fig. 1. “Various storage drives…including hard disk drive 120 and one
`
`or more removable media drives 121 [indicated in red]…are used to access one or
`
`more removable storage devices 151 [indicated in blue].” Id., 3:5-8 (annotations
`
`added). “Each storage device 151 represents a removable device having a storage
`
`medium for holding digital information such as a floppy diskette, a magneto-
`
`optical storage device, an optical disk, a SuperDiskTM diskette, a ZipTM disk, a
`
`JazzTM disk, a tape cartridge, etc.” Id., 3:8-33. (emphasis added).
`
`A storage manager detects whether the storage device 151 has “security
`
`3
`
`
`
`
`
`
`
`
`
`information”
`
`such as “device-specific”
`
`information and “user-specific”
`
`information. Ex. 1001, 3:57-4:34, 5:7-10. Device-specific security information
`
`may include information that is “a function of the unique format characteristics of
`
`the underlying storage medium.” Id., Abstract, 3:66-4:1. Such information is also
`
`described, for example, as “low-level format information” that “uniquely identifies
`
`the underlying media of the storage device 151” (id., 4:9-12), which may include
`
`“a hash of the addresses of the bad sectors for storage device 151.” Id., 4:13-17.
`
`The ’459 Patent describes an example of “device-specific information” on
`
`an “LS-120 SuperDiskTM 300” storage device. Id., 7:51-52. “Unique format
`
`information[,]…[f]or example, the zone numbers and corresponding LBA’s for
`
`SuperDisk 300, or a combination thereof, can be hashed to form the device-
`
`specific security information.” Id., 8:50-60. “SuperDisk 300 uses a slip-sector
`
`format that maps data into good data sectors. In the slip-sector format, each data
`
`sector is assigned a logical block address (LBA),” which “identifies a readable
`
`sector of data and its logical position within SuperDisk 300.” Id., 8:28-32. The
`
`data sectors are indexed by assigning LBA’s corresponding to their logical
`
`positions within the storage device. Then, “a device-specific key can be generated
`
`using the unique format information described above.” Id., 8:50-52.
`
`Moreover, “device-specific security information can be combined with other
`
`security information in order to increase the level of security of computer 100.”
`
`
`
`4
`
`
`
`
`
`Id., 4:20-22. For example, device-specific security information can be combined
`
`with “user-specific security information” such as a password or biometric
`
`information.” Id., 4:4-5, 5:39-46, 11:1-7.
`
`
`
`If “security information” is retrieved, “full access” is provided such that data
`
`can be read by and written to the storage device 151. Id., 4:29-34, 6:28-33. A
`
`cryptographic key for encrypting and decrypting the data to the storage device 151
`
`is generated from the “security information.” Id., 3:64-4:5, 4:63-5:6, 5:58-60, 6:4-
`
`15.
`
`If the required “security information” is not retrieved, then “restricted
`
`access” is invoked, and data cannot be written to the storage device 151. Id., 4:29-
`
`34, 5:15-19, 5:39-46; Ex. 1002, ¶¶17-24.
`
`
`
`Summary of the Prosecution of the ’459 Patent
`
`B.
`The application for the ’459 Patent was filed on December 15, 1999 and
`
`does not claim priority to earlier-filed applications. Ex. 1001, Cover. In response
`
`to a non-final office action rejecting all claims over the prior art, (Ex. 1004, 33-34),
`
`Applicant amended the independent claims to add limitations regarding full and/or
`
`restricted access to the storage device, (id.). The Examiner eventually mailed a
`
`Notice of Allowance for some of the amended claims. Id., 16. The Examiner did
`
`not provide any reasons for allowance, and the Applicant did not make any post-
`
`allowance comments. Id. The ’459 Patent issued on November 22, 2005.
`
`
`
`5
`
`
`
`
`
`III. GROUNDS FOR STANDING (37 C.F.R. § 42.104(a))
`Petitioner certifies that (1) the ’459 Patent, issued on November 22, 2005, is
`
`available for IPR; (2) Petitioner is not barred or estopped from requesting IPR of
`
`the ’459 Patent on the grounds identified herein; and (3) Petitioner has not filed a
`
`complaint relating to the ’459 Patent. This Petition is filed in accordance with 37
`
`C.F.R. § 42.106(a).
`
`IV. PAYMENT OF FEES (37 C.F.R. §§ 42.15 and 42.103)
`Petitioner authorizes the USPTO to charge any required fees to Deposit
`
`Account No. 02–1818.
`
`V. MANDATORY NOTICES (37 C.F.R. § 42.8)
`A. Real Parties-In-Interest
`NetApp, Inc., a Delaware corporation with a principal place of business at
`
`495 East Java Drive, Sunnyvale, California 94089, is a real party-in-interest.
`
`Lenovo (United States) Inc., a Delaware corporation with a principal place
`
`of business at 1009 Think Place, Morrisville, North Carolina 27560, is a real party-
`
`in-interest.
`
`EMC Corporation, a Massachusetts corporation with a principal place of
`
`business at 176 South Street Hopkinton, MA 01748, is a real party-in-interest.
`
`Lenovo Group Ltd., LenovoEMC Products USA, LLC, Dell Inc., Denali
`
`Intermediate Inc., and Dell Technologies Inc. may also be considered real parties-
`
`in-interest.
`
`
`
`6
`
`
`
`
`
`B. Related Matters
`Petitioner understands that the ’459 Patent is involved in the following
`
`proceedings:
`
`• Intellectual Ventures I, LLC, Intellectual Ventures II, LLC v. Lenovo
`
`Group Ltd., Lenovo (United States) Inc., Lenovo EMC Products USA,
`
`LLC, and EMC Corporation, No. 1:16-cv-10860 (D. Mass)
`
`• Intellectual Ventures I, LLC, Intellectual Ventures II, LLC v. NetApp,
`
`Inc., No. 1:16-cv-10868 (D. Mass)
`
`• Unified Patents Inc., Petitioner, v. Intellectual Ventures II, LLC,
`
`Patent Owner, Case No. IPR2016-01404 (PTAB)
`
`C. Lead and Backup Counsel (37 C.F.R. § 42.8(b)(3)) and Service
`Information (37 C.F.R. § 42.8(b)(4))
`
`Lead Counsel
`Benjamin E. Weed
`Reg. No. 65,939
`K&L GATES LLP
`70 W. Madison Street, Suite 3100
`Chicago, IL 60602
`benjamin.weed.PTAB@klgates.com
`T: (312) 781-7166
`F: (312) 827-8152
`
`Backup Counsel
`Brian J. Ankenbrandt
`Reg. No. 41,586
`K&L Gates LLP
`630 Hansen Way
`Palo Alto, CA 94304
`brian.ankenbrandt@klgates.com
`T: (650) 798-6725
`F: (650) 798-6701
`
`Backup Counsel
`
`Peter Dichiara
`Reg. No. 38,005
`Wilmer Cutler Pickering Hale and Dorr LLP
`60 State Street
`
`
`
`7
`
`
`
`
`
`Boston, MA 02109
`peter.dichiara@wilmerhale.com
`T: (617) 526-6466
`F: (617) 526-5000
`
`
`Backup Counsel
`Theodoros Konstantakopoulos
`Reg. No. 74,155
`Wilmer Cutler Pickering Hale and Dorr LLP
`7 World Trade Center
`250 Greenwich Street
`New York, NY 10007
`theodoros.konstantakopoulos@wilmerhale.com
`T: (212) 295-6367
`F: (212) 230-8888
`
`
`Petitioner consents to electronic service by email.
`
`VI. PERSON OF ORDINARY SKILL IN THE ART
`A person of ordinary skill in the art (“POSA”) is a hypothetical person
`
`presumed to know the relevant prior art. Gnosis S.p.A. v. South Alabama Med. Sci.
`
`Found., IPR2013-00116, Final Written Decision (Paper 68) at 9. Such a person is
`
`of ordinary creativity, not merely an automaton, and is capable of combining
`
`teachings of the prior art. Id. (citing KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398,
`
`420-21 (2007).)
`
`A POSA as of December 15, 1999 would have had a bachelor’s degree in
`
`computer science, computer engineering, or the equivalent, and would have had at
`
`least two years’ experience in the design or research of secure computer data
`
`
`
`8
`
`
`
`
`
`storage devices. Ex. 1002, ¶32.
`
`VII. CLAIM CONSTRUCTION
`The claims of the ’459 Patent should be given their “broadest reasonable
`
`construction in light of the specification.” 37 C.F.R. § 42.100(b); In re Cuozzo
`
`Speed Tech., LLC, Case No. 14-1301, slip op. at 16, 18-19 (Fed. Cir. Feb. 2, 2015).
`
`Terms must be construed broadly enough to encompass all meanings set forth in
`
`the specification and the references incorporated therein. See MSM Investments
`
`Co. v. Carolwood Corp., 259 F.3d 1335, 1339-40 (Fed. Cir. 2011). Further, the
`
`broadest reasonable interpretation of the claims must be consistent with the
`
`interpretation that those skilled in the art would reach.” M.P.E.P. § 2111 (citing In
`
`re Cortright, 165 F.3d 1353, 1359 (Fed. Cir. 1999)).
`
`Petitioner proposes that the following constructions should be adopted here
`
`under the applicable broadest reasonable interpretation standard. For claim terms
`
`and phrases not specifically addressed, Petitioner proposes that those terms and
`
`phrases should be interpreted consistent with their plain and ordinary meaning as
`
`would be understood by a POSA.
`
`“Device-Specific Security Information”
`
`A.
`Claim 15 recites “device-specific security information.” In the UP IPR, PO
`
`objected
`
`to UP’s construction of
`
`this
`
`term, arguing
`
`it should exclude
`
`manufacturing information that has been etched onto the storage device (i.e., a
`
`
`
`9
`
`
`
`
`
`randomly generated number), drive-specific information, such as drive calibration
`
`parameters, and user-specific information, such as a password selected by a user.”
`
`Ex. 1009, 15.
`
`Petitioner believes that the narrower construction proposed by the PO in the
`
`UP IPR is correct, at least under the district court claim construction standard
`
`articulated in Phillips v. AWH Corp., 415 F.3d 1303 (Fed. Cir. 2005), and should
`
`be applied here. Information that is not derived from or otherwise specific to the
`
`device, such as manufacturing information etched onto the device or a password
`
`that identifies the user instead of the device, is not “device-specific” per the ’459
`
`Patent. See Ex. 1001 at 3:66-4:5, 4:20-25 (distinguishing “device-specific security
`
`information” from random manufacturing information etched onto the device,
`
`drive-specific information such as calibration parameters, and user-specific
`
`information such as passwords). Accordingly, Petitioner asserts that this term
`
`should be construed to mean “information that is specific to the storage device and
`
`used to control access to the storage device but that excludes manufacturing
`
`information that has been etched onto the storage device (i.e., a randomly
`
`generated number), drive-specific
`
`information, such as drive calibration
`
`parameters, and user-specific information, such as a password selected by a user.”
`
`If the Board follows the reasoning of the petitioner in the UP IPR and adopts
`
`a broader interpretation (i.e., “information that is specific to the storage device and
`
`
`
`10
`
`
`
`
`
`is used to secure [or control] access to the storage device,” see Ex. 1008, 11-13),
`
`this Petition identifies additional prior art disclosures that teach this claim
`
`limitation under the broader interpretation.2 Prior art cited herein teaches both the
`
`broader and narrower interpretations of “device-specific security information.”
`
`B.
`Claim 18
`
`“Device-Specific Information” and “User-Specific Information”
`
`recites “device-specific
`
`information” and “user-specific
`
`information.” These terms should be construed to mean “information specific to
`
`the device” and “information specific to the user,” respectively.3
`
`“Device-specific
`
`information”
`
`is similar
`
`to “device-specific security
`
`information,” except it lacks the “security” qualifier.
`
`Similarly, the ’459 Patent explains that the “user-specific information” is
`
`information specific to a user, “such as a password or biometric information.” Ex.
`
`2
`Petitioner submits that UP’s proposed definition of “device-specific security
`
`information” should be modified slightly to read: “information that is specific to
`
`the storage device and used to control access to the storage device.” Petitioner
`
`believes that “control[ling]” access is more consistent with permitting either full or
`
`restricted access (e.g., as in claim 15) or permitting or preventing write access
`
`(e.g., as in claim 18).
`
`3
`
`PO did not dispute this construction in the UP IPR. Ex. 1008, 13-14; Ex.
`
`1009, 6.
`
`
`
`11
`
`
`
`
`
`1001, 4:4-5; see also id., 11:1-7 (claiming biometric information can be digital
`
`output from a retina scanner or a fingerprint scan).
`
`“Security Information”
`
`C.
`Claim 18 recites “security information.” This is similar to the “device-
`
`specific security information” term, but without the “device-specific” aspect. For
`
`the reasons discussed in the UP Petition (Ex. 1008, 11-14) and in light of the
`
`modification in footnote 2, the term “security information” should be construed to
`
`mean “information that is used to control access.”4
`
`“Detecting a Storage Device within a Storage Drive”
`
`D.
`Claims 15 and 18 of the ’459 Patent each require “detecting a storage device
`
`within a storage drive.” Ex. 1001, 10:11, 10:38.
`
`This limitation should be construed to mean “determining that a removable
`
`storage medium has been inserted into a media drive.” The claim language
`
`supports this construction. For example, claim 18 requires that a storage device is
`
`within a storage drive. A POSA would understand the preposition “within” to
`
`mean that the storage device has been inserted into (or is within) the storage drive,
`
`and thus that the storage device must be removable. Ex. 1002, ¶¶40-42.
`
`The specification also supports this construction by initially discussing two
`
`types of storage devices. See Ex. 1001, 3:26-27 (“storage devices…may include
`
`
`4
`PO did not dispute UP’s construction. Ex. 1008, 14; Ex. 1009, 6.
`
`
`
`12
`
`
`
`
`
`the hard disk 120 or storage devices 151.”) Fig. 1 correspondingly shows (i)
`
`“internal hard disk” 120 and (ii) “removable storage devices” 151. Fig. 1 further
`
`shows that “removable storage devices” 151 are inserted into “removable media
`
`drives” 121, as suggested by the arrows (circled in light blue) pointing from the
`
`“removable media” 151 to the “removable media drives” 121.
`
`
`
`Ex. 1001, Fig. 1. However, each time the ’459 Patent references “detect[ing]” a
`
`storage device (or information thereon), it refers to the removable storage device
`
`(151) and/or the removable storage drive (121). Id., Abstract, 1:36-40, 3:57-60,
`
`4:6-9, 4:28-31, 4:46-49, 4:57-60, 5:7-10, 6:23-28, 7:23-29, 8:60-64.
`
`
`
`13
`
`
`
`
`
`The ’459 Patent further discloses that “[v]arious storage drives are
`
`connected to the input/output bus 118 including hard disk drive 120 and one or
`
`more removable media drives 121 that are used to access one or more removable
`
`storage devices 151.” Id., 3:5-8 (emphasis added). “Each storage device 151
`
`represents a removable device having a storage medium for holding digital
`
`information such as a floppy diskette, a magneto-optical storage device, an optical
`
`disk, a SuperDisk™ diskette, a Zip™ disk, a Jazz™ disk, a tape cartridge, etc.”
`
`Id., 3:8-13 (emphasis added). The ’459 Patent therefore distinguishes “hard disk
`
`drives” 120 from “removable storage devices” 151 within “removable media
`
`drives” 121.
`
`This construction is also consistent with the purported problem the ’459
`
`Patent was trying to solve: “prevent[ing] an authorized user from appropriating
`
`sensitive data by simply copying the sensitive data to a removable storage device
`
`such as floppy diskette” (Ex. 1001, 1:24-26). See, e.g., Ex. 1001, Abstract (“A
`
`secure computing environment in which a computer automatically operates in a
`
`full-access data storage mode when it detects the presence of a secure removable
`
`storage device.”) (emphasis added); 8:60-64 (“computer automatically operates in
`
`a secure full-access data storage mode when it detects the presence of a secure
`
`removable storage device.”) (emphasis added).
`
`
`
`14
`
`
`
`
`
`Accordingly, “detecting a storage device within a storage drive” should be
`
`construed to mean “determining that a removable storage medium has been
`
`inserted into a media drive.”
`
`Petitioner has reason to believe that PO may attempt to construe this term
`
`broadly enough to encompass accessing a hard disk drive in a computer system—
`
`despite the ’459 Patent’s overwhelming focus on detecting removable storage
`
`devices. PO may cite to the statement noted above that “storage devices…may
`
`include the hard disk 120 or storage devices 151.” Id., 3:23-27 (emphasis added).
`
`Petitioner submits that the hard disk embodiment is captured by unchallenged
`
`claim 39, which requires a “storage device,” but does not recite “detecting a
`
`storage device within a storage drive,” as the challenged claims do.5
`
`
`5
`Claim 46, which depends from unchallenged independent claim 39, specifies
`
`that “the storage device is a removable storage device.” Ex. 1001, 12:43-44. The
`
`doctrine of claim differentiation suggests that the storage device of claim 39 covers
`
`either removable storage devices or other kinds of storage devices. See Nazomi
`
`Comm'ns, Inc. v. Arm Holdings, PLC., 403 F.3d 1364, 1370 (Fed. Cir. 2005).
`
`Challenged claims 15 and 18, by contrast, do not include dependent claims
`
`specifying a “removable” storage device; that concept is embodied in these claims’
`
`recitation of “detecting a storage device within a storage drive.”
`
`
`
`15
`
`
`
`
`
`Should the Patent Owner propose a broader construction of “detecting a
`
`storage device within a storage drive”
`
`that encompasses establishing
`
`communications with a hard disk drive in a computer system, the challenged
`
`claims are also unpatentable in view of the grounds presented herein. The instant
`
`Petition addresses both the narrower construction that Petitioner asserts is proper
`
`and the broader construction that PO may advance, and explains why under either
`
`construction the prior art discloses this limitation.
`
`VIII. STATEMENT OF THE PRECISE RELIEF REQUESTED AND THE
`REASONS THEREFORE (37 C.F.R. § 42.22(a) AND 42.104(b))
`
`Petitioner requests cancellation of independent claims 15 and 18 and
`
`dependent claims 24 and 25 of the ’459 Patent on the following grounds.
`
`Ground 35 U.S.C. Section
`1
`§ 103
`
`2
`
`§ 103
`
`Relied-On References
`Blakley (Ex. 1005) in view of Bramhill
`(Ex. 1007)
`Uchida (Ex. 1006) in view of Bramhill
`(Ex. 1007)
`
`Claims
`15, 18,
`24, 25
`15, 18,
`24, 25
`
`Per 37 C.F.R. § 42.6(c), copies of the relied-on references are marked as exhibits
`
`filed herewith. Petitioner provides the declaration of Mr. Ian Jestice (Ex. 1002) in
`
`support of its proposed Grounds of unpatentability.6
`
`Petitioner presents Ground 1 (Section VIII.A, Blakley in view of Bramhill)
`
`
`6 Mr. Jestice is an expert in the field of the alleged invention and the prior art.
`
`See, e.g., Ex. 1002, ¶¶1-10, 25-31; Ex. 1003.
`
`
`
`16
`
`
`
`
`
`and Ground 2 (Section VIII.B, Uchida in view of Bramhill) to address possible
`
`combinations of claim construction arguments it expects PO may make. Ground 1
`
`is particularly strong with regard to a narrow construction of “device-specific
`
`security information,” as both Blakley and Bramhill disclose security information
`
`derived, in part, from formatting characteristics of the memory device storing the
`
`secure data. Ground 2 is particularly strong in the event PO argues that “restricted
`
`access” requires partial (but not complete) restriction of access. Accordingly,
`
`Petitioner respectfully submits that Grounds 1 and 2 are not redundant of one
`
`another, and requests that the Board institute both Grounds, particularly in the
`
`event PO may argue for different claim scope during the trial phase of this IPR
`
`than it does during the preliminary phase of this IPR or during the UP IPR.
`
`A. Ground 1: Claims 15, 18, 24 and 25 Are Obvious Over Blakley in
`View of Bramhill
`1. Overview of the Prior Art
`(a) Blakley
`
`U.S. Patent No. 5,677,952 to Blakley, III et al. (“Blakley”) issued on
`
`October 14, 1997 (Ex. 1005, Cover) and is prior art under 35 U.S.C. § 102(b).
`
`Blakley discloses a “method to protect information on a computer storage
`
`device” to create a secure computing environment. Ex. 1005, Title. “It is the
`
`principal object of [Blakley] to protect the confidentiality of information stored on
`
`a storage device of a computer” by permitting authorized users access to the
`
`
`
`17
`
`
`
`
`
`information and preventing unauthorized users access to the information. Id.,
`
`1:43-45. Like the ’459 Patent, Blakley uses “security information” in the form of a
`
`pseudorandom bit string that is both user-specific (e.g., based in part on a secret
`
`key derived from an authorized user’s password) and device-specific (e.g., based in
`
`part on an index that is specific to the storage device) to control whether read and
`
`write access is granted to the storage device and to encrypt and decrypt information
`
`to and from the storage device. Id., Abstract, 2:16-17.
`
`The pseudorandom bit string in Blakley is generated by applying a “length-
`
`increasing pseudorandom function” to the “secret key” and “index.” Id., Abstract;
`
`2:10-13. Like the ’459 Patent, Blakley’s “secret key” is generated from a user-
`
`specific password. Compare Ex. 1001, 4:4-5, 5:39-46, 5:58-60, 5:66-6:3, with Ex.
`
`1005, 2:6-10, 2:42-44, 5:1-3, 6:14-18, 11:1-7. Also like the ’459 Patent, Blakley’s
`
`“index” is “device-specific” because it uniquely identifies “where in the storage
`
`device the particular data is stored.” Id., 3:45-49; see also id., claim 15, 2:38; cf.
`
`Ex. 1001, 8:28-37 (assignment of a logical block addresses (LBA’s) and zones to
`
`“identif[y] a readable sector of data and its logical position within” the storage
`
`device). Each index is specific to its corresponding disk: When “there is more
`
`than one disk whose contents are to be encrypted, indices are selected for each disk
`
`such that no two sectors receive the same index.” Ex. 1005, 5:17-19; Ex. 1002,
`
`¶¶43-47.
`
`
`
`18
`
`
`
`
`
`If the “security information,” including the correct user password and
`
`corresponding “pseudorandom bit string,” is received by the storage drive, full
`
`access is provided and data can be read and written to the storage device. Ex.
`
`1005, 6:12-47. Like the ’459 Patent, this security information is used to generate a
`
`cryptographic key to encrypt and decrypt data from the disk sector. Id., 2:16-21,
`
`Ex, 1002, ¶48. Thus, the “pseudorandom bit string…is used to secure the
`
`information intended for or retrieved from” a disk sector. Ex. 1005, 5:34-36; see
`
`also id., Abstract (pseudorandom bit string is “used to encrypt and decrypt data
`
`accesses to and from the [disk] sector”); Ex. 1002, ¶¶48-50.
`
`Like the ’459 Patent, if the required “security information” is not received
`
`by the storage drive, data cannot be written to the storage device. Id., 6:12-24,
`
`6:39-47.
`
`Blakley explains that its security techniques can be applied to removable
`
`storage devices, such as floppy disks. Id., 2:50-53; see also id., 4:43-47, 3:26-33.
`
`As explained by Mr. Jestice, a POSA would understand from these passages that
`
`the data-security measures described in Blakley in the hard-disk context could be
`
`implemented on a removable storage device. Ex. 1002, ¶¶51-52.
`
`(b) Bramhill
`
`The article, “Challenges for copyright in a digital age,” by Bramhill et al.
`
`(“Bramhill”) was published in the BT Technology Journal, Volume 15, No. 2, on
`
`
`
`19
`
`
`
`
`
`April 2, 1997. Ex. 1007, 12. It was publicly available at least as of June 4, 1997,
`
`when it was stamped received by the Linda Hall Library in Kansas City, Missouri.
`
`Ex. 1007, 12. Bramhill is prior art to the ’459 Patent under 35 U.S.C. § 102(b).
`
`Bramhill is an overview of methods for protecting multimedia information.
`
`Id., 1. Like the ’459 Patent, Bramhill discloses protecting digital information on a
`
`storage device using encryption and decryption based on a cryptographic key. Id.,
`
`2, n.3, 3, Fig. 2. Bramhill teaches “user-specific” information (see id., 5 (“need for
`
`a strong one-to-one binding between the software of a user, and the user.”)) and
`
`“cybermetrics,” or characteristics specific to a computer or device, to prevent
`
`unauthorized access or copying of secure data. Id., 5; Ex. 1002, ¶¶67-69.
`
`Bramhill’s “cybermetrics” are
`
`the same
`
`types of “device-specific
`
`information” as the ’459 Patent, such as “characteristics of the physical
`
`components (manufacturer, number of tracks on a hard disk)” and the “location of
`
`static information on a hard disk (bad sectors)” Ex. 1007, 5 (emphasis added); cf.
`
`Ex. 1001, 8:15-60 (one example of “device-specific information” includes using
`
`the location of data from LBA’s and zones within the storage device), 4:12-14 (“in
`
`one embodiment of device-specific security information is a hash of the addresses
`
`of the bad sectors for storage device 151.”) (emphasis added).
`
`2. Motivation to Combine
`
`
`
`20
`
`
`
`
`
`A POSA considering secure computing environments before December 15,
`
`1999 would have been motivated to combine the teachings of Blakley and
`
`Bramhill. Ex. 1002, ¶¶72-81. A POSA would have recognized the benefits of
`
`incorporating the teachings of Bramhill into Blakley and would have been
`
`motivated to combine Bramhill with Blakley to increase the level of security of
`
`information stored in a storage device. Ex. 1002, ¶76.
`
`Blakley and Bramhill are directed to solving the same problem: computer
`
`security and unauthorized use or disclosure of multimedia data. Ex. 1005, 1:10-14;
`
`Ex. 1007, 1-5; Ex. 1002, ¶73. Blakley teaches a method of securing and protecting
`
`information on a computer storage device using a pseudorandom bit string that is
`
`based on both “user-specific” information, e.g., a password