`
`Trials@uspto.gov
`571-272-7822 Entered: May 14, 2019
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`PANASONIC AVIONICS CORP,
`Petitioner,
`
`v.
`
`
` LINKSMART WIRELESS TECHNOLOGY, LLC,
`Patent Owner.
`____________
`
`Case IPR2019-00043
`Patent RE46,459
`____________
`
`
`
`Before JEAN R. HOMERE, BRIAN J. McNAMARA, and
`CHARLES J. BOUDREAU, Administrative Patent Judges.
`
`McNAMARA, Administrative Patent Judge.
`
`
`DECISION
`Denying Institution of Inter Partes Review
`35 U.S.C. § 314
`
`
`
`
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`
`
`BACKGROUND
`
`Panasonic Avionics Corp. (“Petitioner”) filed a Petition, Paper 2
`(“Pet.”), to institute an inter partes review of claims 91–99, 108–120, and
`122–125 (the “challenged claims”) of U.S. Patent No. RE46,459 (“the ’459
`patent”). 35 U.S.C. § 311. Linksmart Wireless Technology, LLC (“Patent
`Owner”) timely filed a Preliminary Response, Paper 6 (“Prelim. Resp.”),
`contending that the petition should be denied as to all challenged claims.
`We have jurisdiction under 35 U.S.C. § 314, which provides that an inter
`partes review may not be instituted unless the information presented in the
`Petition “shows that there is a reasonable likelihood that the petitioner would
`prevail with respect to at least 1 of the claims challenged in the petition.”
`Having considered the arguments and the associated evidence presented in
`the Petition and the Preliminary Response, for the reasons described below,
`we decline to institute inter partes review.
`
`REAL PARTIES IN INTEREST
`The Petition states “The Petitioner is Panasonic Avionics Corp. (‘Panasonic’
`or ‘Petitioner’). Panasonic is a subsidiary of Panasonic Corporation of
`North America, which in turn is a subsidiary of Panasonic Holding
`(Netherlands) B.V., which is a subsidiary of Panasonic Corporation, all of
`which are real parties-in-interest.” Pet. 6. Petitioner also states that it has a
`vendor-customer relationship with multiple companies that have been sued
`for alleged infringement of the ’459 patent and may, therefore, benefit from
`institution of inter partes review. Id. Citing Applications in Internet Time v.
`RPX Corp., No. 2017-1698, slip op. at 26 (Fed. Cir. July 9, 2018), and
`without conceding they are actual real parties-in-interest, Petitioner also
`identifies the following entities as real parties-in-interest: Aerovias de
`2
`
`
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`Mexico, SA de CV; Grupo Aeromexico SAB de CV; Société Air France
`a/k/a Air France; Koninklijke Luchtvaart Maatschappij N.V. a/k/a KLM
`Royal Dutch Airlines; Air France-KLM SA; United Airlines, Inc.; United
`Continental Holdings, Inc.; American Airlines, Inc.; American Airlines
`Group, Inc.; WestJet Airlines Ltd.; WestJet Operations Corp.; WestJet, an
`Alberta Partnership Southwest Airlines Company; Emirates; and The
`Emirates Group.
`Id.
`
`Patent Owner identifies itself as the sole real party-in-interest.
`Paper 3.
`
`RELATED PROCEEDINGS
`Petitioner states that, to the best of its knowledge, as of the filing date
`of the Petition, the ’459 patent is involved in the following litigation:
`Linksmart Wireless Technology, LLC v. Panasonic Avionics Corp., No.
`8:18-cv-00662 (C.D. Cal.); Linksmart Wireless Technology, LLC v. Caesars
`Entm’t Corp., No. 2:18-cv-00862 (D. Nev.); Linksmart Wireless
`Technology, LLC v. Golden Nugget, Inc., No. 2:18-cv-00864 (D. Nev.);
`Linksmart Wireless Technology, LLC v. Las Vegas Sands Corp., No. 2:18-
`cv-865 (D. Nev.); Linksmart Wireless Technology, LLC v. MGM Resorts
`Int’l, No. 2:18-cv-00867 (D. Nev.); Linksmart Wireless Technology, LLC v.
`Wynn Resorts, Ltd., No. 2:18-cv-00868 (D. Nev.); Linksmart Wireless
`Technology, LLC v. Deep Blue Commc’ns, LLC, No. 1:18-cv-02441
`(E.D.N.Y.); Linksmart Wireless Technology, LLC v. DCI-Design Commc’ns
`LLC, No. 2:18-cv-02444 (E.D.N.Y.); Linksmart Wireless Technology, LLC
`v. Aerovias de Mexico, SA de CV, No. 2:18-cv-03335 (C.D. Cal.); Linksmart
`Wireless Technology, LLC v. Air Canada, No. 2:18-cv-03337 (C.D. Cal);
`
`
`
`3
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`Linksmart Wireless Technology, LLC v. Société Air France a/k/a Air France
`and Koninklijke Luchtvaart Maatschappij N.V. a/k/a KLM Royal Dutch
`Airlines, No. 2:18-cv-03341 (C.D. Cal.); Linksmart Wireless Technology,
`LLC v. Alaska Air Group, Inc., No. 2:18-cv-03345 (C.D. Cal.); Linksmart
`Wireless Technology, LLC v. United Airlines, Inc., No. 2:18-cv-03348 (C.D.
`Cal.); Linksmart Wireless Technology, LLC v. American Airlines, Inc., No.
`2:18-cv-03349 (C.D. Cal.); Linksmart Wireless Technology, LLC v. British
`Airways, PLC, No. 2:18-cv-03352 (C.D. Cal.); Linksmart Wireless
`Technology, LLC v. Emirates, No. 2:18-cv-03353 (C.D. Cal.); Linksmart
`Wireless Technology, LLC v. Delta Air Lines, Inc., No. 2:18-cv-03354 (C.D.
`Cal.); Linksmart Wireless Technology, LLC v. Gogo Inc., No. 8:18-cv-
`00654 (C.D. Cal.); Linksmart Wireless Technology, LLC v. WestJet Airlines
`Ltd. and WestJet Operations Corp., No. 8:18-cv-00657 (C.D. Cal.); and
`Linksmart Wireless Technology, LLC v. Southwest Airlines Co., No. 8:18-
`cv-00660 (C.D. Cal.).
`
`THE ’459 PATENT (EXHIBIT 1001)
`The ’459 patent describes a database system for use in dynamically
`redirecting and filtering Internet traffic. Ex. 1001, 1:21–22. The system
`“allows for creating and implementing dynamically changing rules, to allow
`the redirection, blocking, or allowing, of specific data traffic for specific
`users, as a function of database entries and the user’s activity.” Id. at 3:7–
`11. The system is programmable and “may be implemented to control
`(block, allow, and redirect) any type of service, such as Telnet FTP, WWW
`and the like.” Id. at 8:24–29.
`Figures 1 and 2 of the ’459 patent are reproduced below side-by side.
`
`
`
`4
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`
`
`Figures 1 and 2 of the ’459 patent
`
`Figure 1 on the left shows a typical Internet Service Provider environment
`and Figure 2 on the right shows an embodiment of an Internet Server
`Provider environment with integrated redirection. Ex. 1001, 3:50–54.
`In the conventional system of Figure 1, networking server 102
`communicates with terminal 100, authentication and accounting server 104,
`and the Internet 110 through gateway 108. In conventional redirection in the
`context of World Wide Web (WWW) access, a user instructs a browser to
`access a remote page (specified by a universal resource locator (URL)), the
`browser sends the request to the server, and the server returns the requested
`page—but the returned page contains hypertext markup language (HTML)
`code instructing the browser to request a different page, thereby redirecting
`the request to the URL in the first page’s HTML code. Id. at 1:48–2:3. A
`disadvantage of this approach is that redirection is controlled at the remote
`end (the WWW server end), rather than at the user end. Id. at 2:6–10.
`In the system according to the invention shown in Figure 2,
`networking server 102 communicates with the Internet 110 through
`redirection server 208. For a newly established session, authentication
`accounting server 204 queries database 206 and forwards the currently
`
`
`
`5
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`assigned Internet Protocol (IP) address and rules set to redirection
`server 208. Id. at 4:63–5:5. Redirection server 208
`is programmed to implement the rule set for the IP address, as
`well as other attendant logical decisions such as: checking data
`packets and blocking or allowing the packet as a function of the
`rules sets, performing the physical redirection of data packets
`based on the rule sets, and dynamically changing the rule sets
`based on conditions.
`Id. at 5:7–12. Upon notice of session termination from authentication and
`accounting server 204, redirection server 208 removes outstanding rules sets
`and information associated with the session. Id. at 5:13–16. Thus,
`redirection occurs at the user end.
`According to the ’459 patent, a user whose access is “locked”
`can access only one location or set of locations—i.e., each time the
`user attempts to access another location, redirection server 208
`redirects the user to a default location. Id. at 5:36–41. In such cases,
`the redirection server acts as a proxy for the destination address, or, in
`the case of WWW traffic, the redirection server replies to the user
`request with a page containing a redirection command. Id. at 5:41–44.
`Redirection server 208 may also redirect a user based on a condition,
`such as the passage of time, e.g., after being directed to a first
`location, the user is allowed to access other locations, but every 10
`minutes, the user is redirected to the first location. Id. at 5:46–47.
`One way such conditional redirection can be accomplished is to
`activate an initial temporary rule set that redirects all traffic and after
`the user accesses the redirected location, remove the rule set or
`replace it with a standard rule set, until the expiration of the time
`period, when the rule set is reinstated. Id. at 5:51–59. Periodic
`
`
`
`6
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`redirection can be based on any number of factors, such as time spent
`at a location, the types of locations accessed, the number of locations
`accessed. Id. at 7:60–64.
`Signals from the Internet 110 side of redirection server 208 can
`be used to modify the redirection server’s rule sets. Id. at 8:3–5. In
`an example of this embodiment a rule set programmed into the
`redirection server 208 redirects a user to a questionnaire web site
`where the user fills out a questionnaire or provides some other
`information. Id. at 8:9–14. After the questionnaire web site receives
`acceptable data in all required fields, it sends an authorization to
`redirection server 208 that deletes the redirection to the questionnaire
`web site from the rule set. Id. 8:14–18.
`
`ILLUSTRATIVE CLAIM
`Claim 91 of the ’459 patent, reproduced below with Petitioner’s claim
`element designation in brackets, is illustrative:
`91[.0] A system comprising:
`[.1] a redirection server programmed with a user's rule set
`correlated to a temporarily assigned network address;
`[.2] wherein the rule set contains at least one of a plurality of
`functions used to control data passing between the user
`and a public network;
`[.3] wherein the redirection server is configured to automatically
`modify at least a portion of the rule set while the rule set
`is correlated to the temporarily assigned network address;
`[.4] wherein the redirection server is configured to automatically
`modify at least a portion of the rule set as a function of
`some combination of time, data transmitted to or from the
`user, or location the user accesses; and
`[.5] wherein the redirection server is configured to modify at
`least a portion of the rule set as a function of time while
`
`
`
`7
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`Designation
`Abraham
`
`Exhibit No.
`1005
`
`
`the rule set is correlated to the temporarily assigned
`network address.
`ART CITED IN PETITIONER’S CHALLENGES
`Petitioner cites the following references in its challenges to
`patentability:
`Reference
`U.S. Patent No. 5,983,270
`issued Nov. 9, 1999
`U.S. Patent No. 6,247,054 B1
`issued Jun. 12, 2001
`European Patent Appl.
`Publication No.
`EP 0 762 707 A2
`In support of the Petition, Petitioner also cites the Declaration of
`Dr. Bill Lin. Ex. 1003 (“Lin Decl.”).
`The Preliminary Response does not cite any expert testimony.
`
`Malkin
`
`Telia
`
`1006
`
`1007
`
`CHALLENGES ASSERTED IN PETITION
`The sole ground asserted in the Petition is that all the challenged
`claims are unpatentable under 35 U.S.C. § 103(a) as obvious over Abraham
`in view of Malkin and Telia.
`
`ORDINARY SKILL IN THE ART
`Petitioner states that a person of ordinary skill in the art is someone
`familiar with and knowledgeable of network security and access controls,
`such as firewall configuration and operation, redirection, rule-based packet
`control, and common networking protocols, such as IP, TCP, HTTP, Telnet,
`and DCHP. Pet. 17–18 (citing Ex. 1003, Lin Decl. ¶ 37). According to
`Petitioner such a person would have (i) a Bachelor’s degree in Electrical
`and/or Computer Engineering, Computer Science, or equivalent training, and
`8
`
`
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`(ii) approximately three years of experience working in hardware and/or
`software design and development related to network security and access
`controls. Id. (citing Ex. 1003, Lin Decl. ¶¶ 35–39). Petitioner’s assessment
`of the level of ordinary skill is consistent with the subject matter of the ’459
`patent and we apply Petitioner’s definition of the level of ordinary skill in
`this Decision.
`
`CLAIM CONSTRUCTION
`
`Introduction
`The Petition has been accorded a filing date of October 9, 2018.
`Paper 5. For petitions filed before November 13, 2018, we interpret claims
`of an unexpired patent using the broadest reasonable construction in light of
`the specification of the patent in which they appear. See 37 C.F.R.
`§ 42.100(b); Cuozzo Speed Techs. LLC v. Lee, 136 S. Ct. 2131, 2144–46
`(2016).1 However, the ’459 patent will expire during this inter partes
`review. In such circumstances, claim terms are given their ordinary and
`customary meaning at the time of the invention, consistent with the
`principles of Phillips v. AWH Corp., 415 F.3d 1303, 1312–19 (Fed. Cir.
`2005). Any special definition for a claim term must be set forth in the
`specification with reasonable clarity, deliberateness, and precision. In re
`Paulsen, 30 F.3d 1475, 1480 (Fed. Cir. 1994).
`
`
`1 See also Changes to the Claim Construction Standard for Interpreting
`Claims in Trial Proceedings Before the Patent Trial and Appeal Board, 83
`Fed. Reg. 51,340, 51,344 (Oct. 11, 2018) (“The Office will continue to apply
`the BRI standard for construing unexpired patent claims . . . in AIA
`proceedings where a petition was filed before the [November 13, 2018]
`effective date of the rule.”).
`
`
`
`9
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`
`Redirection Server
`Petitioner proposes that we construe “redirection server” to mean “a
`server operable to control network access by applying the following actions:
`block, allow, and redirect.” Pet. 15 (citing Ex. 1003, Lin Decl. ¶¶ 44–45).
`Petitioner cites the Specification’s disclosure that “the invention may be
`implemented to control (block, allow and redirect) any type of service.” Id.
`(quoting Ex. 1001, 8:24–26). Petitioner cites a prior appeal to the Board of
`an Examiner’s final rejection in a reexamination proceeding involving the
`’459 patent pre-reissue that affirmed the rejection in part, reversed the
`rejection in part, and entered a new ground of rejection. Id.; see Ex. 1009,
`352. In that appeal, a panel of this Board construed “redirection server” as
`“requir[ing] some sort of redirection functionality” and noted that “blocking
`and allowing are ‘further’ functions of the redirection server.” Id. (quoting
`Ex. 1009, 354–55).
`Patent Owner argues we need not address whether a “redirection
`server” includes the blocking or allowing functions for purposes of this
`Decision. Prelim. Resp. 11–13. We agree. In the reexamination appeal, the
`Board noted “blocking and allowing are ‘further’ functions of the redirection
`server rather than its essential function for purposes of the claim.” Ex. 1009,
`355.
`
`According to Patent Owner the plain and ordinary meaning of
`“redirection” is appropriate for construing this term. Prelim. Resp. 15.
`Patent Owner urges that, to the extent any construction is necessary, “the
`‘redirection server’ must have the functionality of redirecting the user by
`modifying the user’s request for a network location or service to request a
`different network location or service.” Id. at 15–16 (emphasis omitted).
`
`
`
`10
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`Patent Owner argues that in the reexamination appeal the Board
`distinguished the claimed “redirection server” from a “credential server”
`used to determine whether a user was authorized (thus allowed access) or
`unauthorized (thus blocked from access). Id. at 14. (citing Ex. 1009, 354–
`55). The Board stated: “[p]roperly construed the redirection server must, at
`a minimum, be configured to redirect something. He’s [the reference under
`consideration] credential server 204, while providing the control functions of
`blocking and allowing, does not appear to teach or suggest redirecting, alone
`or in combination with Zenchelsky.” Ex. 1009, 356.
`Patent Owner further notes that the Specification of the ’459 patent
`states that the logic employed by the redirection server to implement the rule
`set changes the request from one website to a request for a different website
`and does not disclose any other form of redirection. Id. at 15 (citing
`Ex. 1001, 6:53–7:5, 7:38–55).
`We agree with the prior Board panel that “redirection” requires the
`server perform a redirection function as distinguished from merely blocking
`or allowing user access, i.e., there must be some form of redirection of the
`user’s request. In one example disclosed in the Specification, for a
`particular source IP address (10.0.0.1) the authentication-accounting server
`transmits to the redirection server a rule set that programs the redirection
`server to allow the user access to website www.us.com and Telnet services
`and to redirect any request to access a server in the xyz domain (*.xyz.com)
`to www.us.com—requests to access any other services are blocked.
`Ex. 1001, 5:60–7:5. In another example, the redirection server is
`programmed to redirect a particular user to www.widgetsell.com before
`allowing the user access to other web sites, e.g., by removing the rule after
`
`
`
`11
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`the redirection. Id. at 7:10–57. These examples illustrate that an essential
`function of the redirection server of the ’459 patent is to redirect users to
`Internet locations that are different from those in the user’s request.
`Further evidence supporting our understanding of the functions
`performed by the claimed redirection server can be found in the ’459
`patent’s description of conventional redirection. The ’459 patent identifies a
`disadvantage of conventional redirection technology is ceding control of the
`redirection to the remote end, as distinguished from the local or user end.
`Ex. 1001, 1:56–2:11. The’459 patent’s description of conventional
`redirection states that when a browser sends a request to a web server, the
`web server sends the requested page to the browser, but the html code
`instructs the browser to request some other WWW page, “hence the
`redirection of the user begins. The browser then requests the redirected
`WWW page according to the URL in the first page’s html code.” Id. 1:63–
`2:3. As the ’459 patent does not describe any other type of redirection, we
`have no basis for interpreting the term “redirection server” in the context of
`the ’459 patent in any other way.
`Thus, we construe the redirection server to be a server that at least
`must be capable of redirecting a user to a network location that is different
`from the network location in the user’s request.
`
`ANALYSIS OF PETITIONER’S PRIOR ART CHALLENGES
`Introduction
`A patent claim is unpatentable under 35 U.S.C. § 103(a) if the
`differences between the claimed subject matter and the prior art are such that
`the subject matter, as a whole, would have been obvious at the time the
`invention was made to a person having ordinary skill in the art to which said
`
`
`
`12
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`subject matter pertains. KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398, 406
`(2007). The question of obviousness is resolved on the basis of underlying
`factual determinations including: (1) the scope and content of the prior art;
`(2) any differences between the claimed subject matter and the prior art;
`(3) the level of ordinary skill in the art; and (4) objective evidence of
`nonobviousness. Graham v. John Deere Co., 383 U.S. 1, 17–18 (1966).
`Claims 91–99, 108–120, and 122–125 as Unpatentable over
`Abraham in view of Malkin and Telia
`Abraham (Ex. 1005)
`Abraham discloses a system in which an operator, via a graphical user
`interface, inputs policies to be applied against a mapping of network users
`and computers. Ex. 1005, 2:37–42, 6:23–31. A filter executive optimizes
`the policies into rules that a filter engine applies to verify all inbound data
`packets from the network and to filter all outbound data packets. Id. at
`2:47–53. If a rule denies a user access to a particular service or type of
`information, any IP packets from that user requesting access for that service
`or information are be allowed to pass through the network server to its
`intended destination on the Internet. Id. at 6:31–36.
`Inbound and outbound global network protocol rules are records that
`retain a protocol number field, a port number field, an access/deny rule flag,
`a log/no log rule flag, a notify/no notify rule flag, and a rule type code
`indication the rule is a protocol type rule. Id. at 36:2–15, Fig. 17. A user
`policy table, i.e., a collection of records for each user from each of the
`protocol, site, and file type policy tables with similar rules, is provided by
`the filter executive. Id. at 17:7–29, 36:16–63. Each inbound packet is
`inspected to determine if the packet should be allowed to pass through the
`filter engine and/or be logged by the filter engine based on the inbound
`13
`
`
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`global network protocol rules only. Id. at 43:47–44:26. Outbound packets
`are first filtered using the global network protocol rules to determine if a
`log/no log, notify/no notify, or access/deny rule applies. Id. at 44:30–45. If
`a global network protocol rule is not applicable, the filter engine maps the
`source IP address to a user ID in the user mapping table. If the filter engine
`determines a record in the user mapping rules table contains a source IP
`address matching the source ID address of the outbound IP packet, the filter
`determines if any rules corresponding to the mapped user ID apply. Id. at
`44:46–59. If no such record is found, or if the user rule set does not contain
`any rules for the user ID, a default rule logs the packet and denies the
`outbound packet without notifying the user of the action. Id. at 44:59–66.
`Malkin (Ex. 1006)
`In Malkin an Internet subscriber transmits a service request packet
`(first packet) to a Network Access Server (NAS) that evaluates whether the
`request exceeds that subscriber’s subscription. Ex. 1006, 1:40–44. If the
`service request exceeds the subscriber’s subscription, the NAS encapsulates
`the first packet, which includes the original destination of the service
`request, into a second packet and sends the second packet to a “redirection
`server” that generates a reply specifying why the service request was denied.
`Id. at 1:44–52. The redirection server substitutes the address of the original
`destination as the source of the reply message, so that it appears the reply
`message is received from the original destination, even though the Internet
`service provider (ISP) did not allow access to the Internet. Id. at 52–55.
`Telia (Ex. 1007)
`In Telia, a filter, such as router between a modem pool and an IP
`network, allows a user initial access only to an access check server, such as a
`
`
`
`14
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`WWW server. Ex. 1007, 2:47–50. After completing an initial access check
`(and debiting the user’s account, if appropriate), a program module in the
`server messages the filter to allow the user’s IP address access to servers on
`the network. Id. at 2:54–3:2. When the user disconnects, a message is
`transmitted from the modem pool to the filter to block user access, except to
`the access check server. Id. at 3:3–6. Network access can also be blocked
`conditionally, e.g., until the user demonstrates it has read an advertisement
`message. Id. at 3:10–20. In addition, messages can be transmitted to all
`filters to block specific servers or other IP networks, or to employ
`transmitted or predefined profiles that allow users at specific IP addresses to
`access some servers and not others, e.g. based on offensive content. Id. at
`3:21–41.
`Analysis
`Petitioner cites Abraham as teaching sending “violation messages” to
`the requesting client’s computer in a “notification thread” that “alert[s] users
`when their request to access a site has been denied.” Pet. 22 (citing Ex.
`1005, 13:62–65; Ex. 1003, Lin Decl. ¶ 63). Acknowledging that Abraham
`does not provide details about the contents of the service denial message or
`how it is delivered, Petitioner cites Malkin as disclosing how to use an NAS
`to redirect rejected requests to another server that “spoofs” the expected
`destination and sends the requesting server a denial explanation that appears
`to come from the expected destination. Id. at 23. Petitioner contends that a
`person of ordinary skill would have been motivated to combine the teachings
`of Abraham and Malkin to avoid Abraham’s mapping, which Malkin does
`not require, and to provide the requesting server more information regardless
`
`
`
`15
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`of the nature of the user’s network access request (e.g., HTTP, telnet, FTP,
`etc.). Id. at 23–24 (citing Ex. 1003, Lin Decl. ¶¶ 67–68).
`Petitioner also contends it would have been obvious further to
`combine Abraham with Telia’s filter controlled by an authorization server to
`produce the beneficial and predictable result of requiring a user logging in
`(per Abraham) to authenticate and verify compliance with advertised
`policies and procedures (per Telia) before gaining network access to the IP
`network. Id. at 26–28.
`As to the claimed redirection server (designated claim element 91.1),
`Petitioner cites Abraham as disclosing a network server that allows or denies
`the transmission of IP packets. Pet. 29–30. Petitioner argues it would have
`been obvious to augment Abraham’s network server with Malkin’s packet
`redirection “thereby making Abraham’s network server a ‘redirection
`server’” and that this combination “would have allowed Abraham’s network
`server to filter packets using rules that specify whether a packet should be
`allowed, blocked or redirected to another server.” Pet. 31, 33 (citing Ex.
`1003, Lin Decl. ¶ 92, ¶ 94). Petitioner asserts that “it would have been
`obvious for Abraham’s network server to redirect packets that are blocked,
`as described by Malkin.” Id. at 32 (citing Ex. 1003, Lin Decl. ¶ 94)
`Patent Owner responds that, using filtering to deny a user access to an
`unauthorized service level, Malkin is directed only to blocking user access
`and does not teach a redirection server, under a proper construction of that
`term. Prelim. Resp. 16. Patent Owner argues that Petitioner focuses on
`Malkin’s use of the term “redirection” because Malkin discloses the NAS
`may redirect a request to a redirection server, but that Malkin does not teach
`redirecting the user’s data packages to any location on the Internet. Id. at 17.
`
`
`
`16
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`Instead, in Malkin unauthorized packets never leave the ISP network
`because they are blocked. Id. at 17 (citing Ex. 1006, Fig. 1 as illustrating
`that the NAS and redirection server are within the ISP network.).
`We agree with Patent Owner that Malkin fails to disclose the claimed
`redirection server. To the extent that Malkin discloses redirecting a request,
`such redirection is a step in informing a user he has been blocked from
`accessing a network, as opposed to a redirection of the user to a location
`other than the one the user requested on that network. Indeed, despite its
`name, Malkin’s redirection server does not actually redirect the user’s
`request. When the NAS detects a user attempting unauthorized access,
`Malkin routes the user’s request to redirection server 14 within ISP 16, as
`shown in Figure 1. Ex. 1006, Fig. 1. Instead of redirecting the user to
`another site on the network, redirection server 14 sends the user a message
`that appears to be generated from the user’s requested destination on the
`network. As the user’s packets never enter the network, we are not
`persuaded that Malkin’s NAS or redirection server “redirects” a request as
`that term is used in the ’459 patent. Malkin either allows network access for
`authorized user requests or blocks network access for unauthorized user
`requests, but it does not redirect a request to another location on the network.
`Malkin’s redirection server also operates differently from the
`redirection server of the ’459 patent. In Malkin, NAS 14 blocks
`unauthorized network access by encapsulating the request into a different
`message, without modifying the requested destination, and sending the
`encapsulated message to redirection server 16. “By redirecting the
`subscriber’s packet via encapsulation, the destination address of the
`
`
`
`17
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`subscriber’s request is preserved.” Ex. 1006, 4:38–41. Redirection server
`16 then responds to the user.
`In contrast, when performing redirections, the redirection server in the
`’459 patent modifies a request to access a destination on the network by
`changing the requested destination. Ex. 1001, Abstract. As a result, in the
`claimed redirection server the request is transformed into a request to access
`a different destination on the network. Id. The difference in effect is
`significant. In Malkin, the user can only be blocked. In the ’459 patent, the
`server at the alternate destination can perform other processing on the
`request and take whatever action is programmed into the redirection server,
`e.g., examining the request and, depending upon its contents, passing the
`request to still another location.
`As Patent Owner notes, Petitioner does not argue that Telia teaches
`the claimed redirection server. PO Resp. 19, see Pet. 29–33. Instead,
`Petitioner argues that Telia teaches a filter controlled by an authorization
`server that allows a user access to a network only after specific conditions
`are met. Pet. 25.
`All of the challenged claims recite a redirection server. As we are
`persuaded that Petitioner has not demonstrated the references disclose a
`redirection server as that term is properly construed within the meaning of
`the challenged claims, we conclude that Petitioner has not demonstrated a
`likelihood that it will prevail on its challenge to any of the claims.
`Patent Owner also argues that Petitioner has failed to demonstrate that
`Abraham’s “global rules” and “user rules” together constitute a user’s rule
`set correlated to a temporarily assigned network address, as also recited in
`all the claims. Prelim. Resp. 22. The Petition includes a version of
`
`
`
`18
`
`
`
`IPR2019-00043
`Patent RE46,459
`
`
`Figure 22 of Abraham annotated to show “applying user’s rules set” as
`“applying global rule set” and “applying user rules” “for each user.”
`Pet. 34–35 (citing Ex. 1005, 3:66–4:2, Fig. 22). Patent Owner argues that
`Petitioner relies upon Abraham’s “user rules” (user mapping rules table) as
`mapped to a user’s assigned IP address but contends Abrahams’ “timing
`rules,” which are “global network protocol rules” are not “user rules.”
`Prelim. Resp. at 20–21.
`Petitioner asserts that, to the extent Patent Owner contends “global
`protocol rules” including timer rules are not part of a user rule set because
`they are not user specific, it would have been obvious to include timer rules
`in user rules as a matter of design choice because timing on a per user basis
`was a known option. Id. at 35–36 (citing Lin. Decl. Ex. 1003, ¶ 103)
`Patent Owner notes that Abraham’s global rules are processed
`separately before processing of the user rules. Id. at 22–23 (citing Ex. 1005,
`44:46–64 as disclosing that only after evaluating global rules does the filter
`engine scan user mapping rules table 140 to determine if user rule set 156
`contains any rules that must be applied). Patent Owner also notes that
`Abraham’s global rules are modified on a fixed schedule irrespective of
`whether a user is logged on and therefore cannot be correlated to a user’s
`temporarily assigned network address. Id. at 23 (citing