`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 1 of 29
`
`EXHIBIT 17
`EXHIBIT 17
`
`
`
`
`
`
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 2 of 29
`Paper 8
`
`Trials@uspto.gov
`
`571-272-7822
` Entered: September 24, 2015
`
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`
`SOPHOS, INC.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2015-00907
`Patent 7,613,926 B2
`____________
`
`
`Before JAMES B. ARPIN, ZHENYU YANG, and
`CHARLES J. BOUDREAU, Administrative Patent Judges.
`
`ARPIN, Administrative Patent Judge.
`
`
`
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 3 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`
`I. INTRODUCTION
`Sophos, Inc. (“Petitioner”) filed a Petition (Paper 1, “Pet.”) requesting
`inter partes review pursuant to 35 U.S.C. § 311 of claims 15, 18, 19, and 22
`of Patent No. US 7,613,926 B2 to Edery et al. (Ex. 1001, “the ’926 patent”).
`Pet. 4. Finjan, Inc. (“Patent Owner”) filed a Preliminary Response. Paper 7
`(“Prelim. Resp.”). We review the Petition under 35 U.S.C. § 314, which
`provides that an inter partes review may not be instituted “unless . . . there is
`a reasonable likelihood that the petitioner would prevail with respect to at
`least 1 of the claims challenged in the petition.” 35 U.S.C. § 314(a).
`For the reasons that follow and on this record, we are not persuaded
`that Petitioner demonstrates a reasonable likelihood of prevailing in showing
`the unpatentability of any of the challenged claims on the asserted grounds.
`Accordingly, we deny Petitioner’s request to institute an inter partes review.
`A. The ’926 Patent
`The ’926 patent issued November 3, 2009, from U.S. Patent
`Application No. 11/370,114, filed March 7, 2006. The ’926 patent also
`claims priority from six earlier applications, of which the earliest-filed is
`U.S. Patent Application No. 08/964,388, filed November 6, 1997. Ex. 1001,
`[60], [63], col. 1, ll. 8–32.
`The ’926 patent is directed to systems and methods to protect personal
`computers and other network accessible devices from “harmful, undesirable,
`suspicious or other ‘malicious’ operations that might otherwise be
`effectuated by remotely operable code.” Ex. 1001 col. 2, ll. 27–31. The
`protection paradigm involves hashing an incoming Downloadable to derive
`an identifier, referred to as a “Downloadable ID,” which is used to reference
`security profile data for the incoming Downloadable in a database indexed
`
`
`
`2
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 4 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`according to Downloadable IDs. Id. at col. 2, l. 27–col. 4, l. 49; Fig. 1b and
`1c.
`
`The Downloadable security profile data for each Downloadable
`includes “a list of suspicious computer operations that may be attempted by
`the Downloadable.” Id. at col. 21, ll. 66–67. Thus, security profile data for
`a Downloadable is derived from that Downloadable. Patent Owner contends
`that security profile data are different from “security policies, for example,
`which include policies specific to particular users and generic policies that
`determine whether to allow or block an incoming Downloadable.” Paper 7,
`4 (citing Ex. 1001, col. 4, ll. 27–37).
`The Downloadable and representation of the Downloadable security
`profile data are sent to a destination computer. Ex. 1001, col. 22, ll. 1–4.
`Because previously generated profiles can be retrieved efficiently, the
`systems and methods allow accurate security decisions to be made without
`the need to generate profiles for all incoming Downloadables, and it is not
`necessary for the Downloadable to be scanned by the device for malicious
`operations because the Downloadable security profile already lists malicious
`operations. See Ex. 1001, col. 10, ll. 44–50.
`B. Related Proceedings
`The ’926 patent is the subject of a district court action between the
`parties, Finjan, Inc. v. Sophos, Inc., 3:14-cv-01197 (N.D. Cal.), and also has
`been asserted in two other district court actions, Finjan, Inc. v. Symantec
`Corp., 3:14-cv-02998 (N.D. Cal.), and Finjan, Inc. v. Palo Alto Networks,
`Inc., 3:14-cv-04908 (N.D. Cal.). Pet. 1–2; Paper 6, 1. Petitioner also has
`filed a petition seeking inter partes review of a related patent, Patent No. US
`
`
`
`3
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 5 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`8,677,494 B2 to Edery et al. Sophos, Inc. v. Finjan, Inc., Case IPR2015-
`01022, Paper 1.
`C. Illustrative Claim
`Petitioner challenges claims 15, 18, 19, and 22 of the ’926 patent.
`Claims 15 (method) and 22 (system) are independent. Each of claims 18
`and 19 depends directly from independent claim 15. Claim 15 is illustrative
`and is reproduced below:
`15. A computer-based method, comprising the steps
`
`of:
`
`receiving an incoming Downloadable;
`
`performing a hashing function on the incoming
`Downloadable to compute an incoming Downloadable ID;
`
`retrieving security profile data for the incoming
`Downloadable from a database of Downloadable security
`profiles indexed according to Downloadable IDs, based on the
`incoming Downloadable ID, the security profile data including
`a list of suspicious computer operations that may be attempted
`by the Downloadable; and
`
`transmitting the incoming Downloadable and a
`representation of the retrieved Downloadable security profile
`data to a destination computer, via a transport protocol
`transmission.
`
`Ex. 1001, col. 21, l. 58–col. 22, l. 4 (emphases added). Disputed
`limitations are emphasized.
`
`
`
`4
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 6 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`
`D. Applied References and Declaration
`Petitioner relies on the following references and declaration in support
`of its asserted grounds of unpatentability:
`Exhibit
`References and Declaration
`1003
`Declaration of Charles H. Sauer
`
`Date
`
`NA
`
`1004
`
`1005
`
`1025
`
`1027
`
`Patent No. US 5,983,348 to Ji (“Ji”)
`
`Sept. 10, 1997
`
`Patent No. US 6,263,442 B1 to Mueller
`et al. (“Mueller”)
`
`May 30, 1996
`
`Donald E. Knuth, The Art of Computer
`Programming, Vol. 3, Sorting and
`Searching (Addison Wesley Publishing
`Co., Inc. 1973) (“Knuth”)
`
`Jan Hruska, Computer Viruses and
`Anti-Virus Warfare (Ellis Horwood
`Ltd, 2nd rev. ed. 1992) (“Hruska”)
`
`1973
`
`1992
`
`
`As noted above, the ’926 patent claims the benefit of the November 6, 1997
`filing date of U.S. Patent Application No. 08/964,388. Ex. 1001, col. 1, ll.
`22–24; Paper 7, 59–60. Petitioner argues, however, that the ’926 patent is
`entitled only to priority from U.S. Provisional Patent Application No.
`60/205,591, filed May 17, 2000. Paper 1, 8. Nevertheless, because each of
`the applied references has an effective date prior to November 6, 1997, we
`agree with Patent Owner that we need not determine whether the ’926 patent
`is entitled to a priority date later than its earliest claimed priority date for
`purposes of this Decision. Paper 7, 59.
`
`
`
`5
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 7 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`
`E. Asserted Grounds of Unpatentability
`Petitioner challenges the patentability of each of claims 15, 18, 19,
`and 22 on the following grounds:1
`References
`Ji, Knuth, and Hruska
`
`Basis
`35 U.S.C. § 103(a)
`
`Claims Challenged
`15, 18, 19, and 22
`
`Mueller, Knuth, and
`Hruska, alone or in
`combination with Ji
`
`35 U.S.C. § 103(a)
`
`15, 18, 19, and 22
`
`
`1 Petitioner asserts that “[u]sing hash function to index entries in a database
`must have been well-known in the art because if it was not, the Challenged
`Claims would not be described or enabled under 35 U.S.C. § 112.” Pet. 20
`(citing Ex. 1003 ¶ 75). Nevertheless, no challenge under 35 U.S.C. § 112 is
`permitted in a petition for inter partes review. 35 U.S.C. § 311(b); see
`Prelim. Resp. 24 n.1.
`
`
`
`6
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 8 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`
`II. DISCUSSION
`A. Claim Interpretation
`In an inter partes review proceeding, claims of an unexpired patent
`are given their broadest reasonable interpretation in light of the specification
`of the patent in which they appear. 37 C.F.R. § 42.100(b); Office Patent
`Trial Practice Guide, 77 Fed. Reg. 48,756, 48,766 (Aug. 14, 2012); see also
`In re Cuozzo Speed Techs., LLC, 793 F.3d 1268, 1278 (Fed. Cir. 2015) (“We
`conclude that Congress implicitly approved the broadest reasonable
`interpretation standard in enacting the AIA.”). Under this standard, we
`presume that claim terms have their ordinary and customary meaning. See
`In re Translogic Tech., Inc., 504 F.3d 1249, 1257 (Fed. Cir. 2007) (“The
`ordinary and customary meaning is the meaning that the term would have to
`a person of ordinary skill in the art in question.”) (internal quotation marks
`omitted). A patentee, however, may rebut this presumption by acting as his
`own lexicographer, providing a definition of the term in the specification
`with “reasonable clarity, deliberateness, and precision.” In re Paulsen, 30
`F.3d 1475, 1480 (Fed. Cir. 1994).
`Petitioner proposes interpretations for various claim terms:
`“database,” “Downloadable,” “Downloadable security profile data,” “a
`representation of the retrieved Downloadable security profile data,”
`“receiver,” “Downloadable identifier,” “database manager,” and “transmitter
`coupled with said receiver.” Pet. 24–28. Patent Owner responds to each of
`Petitioner’s proposed interpretations, offering interpretations for each term.
`Prelim. Resp. 7–15.
`
`
`
`7
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 9 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`
`1. “database”(Claims 15 and 22)
`The term “database” is recited in claims 15 and 22 of the ’926 patent.
`Relying on the definition provided in The IEEE Standard Dictionary of
`Electrical and Electronics Terms (Ex. 1036), Petitioner argues that the term
`“database” means “a collection of logically related data stored together in
`one or more computerized files and indexed by one or more indices.” Pet.
`24 (citing Ex. 1036, 3). Nevertheless, the IEEE definition does not state that
`the collection of data is “indexed by one or more indices,” and Petitioner
`does not explain adequately the source of this addition to the IEEE
`definition. Id. Petitioner also argues that, although the district court in the
`related action construed “database” in the ’926 patent to mean “a collection
`of interrelated data organized according to a database schema to serve one or
`more applications” (Ex. 1033, 3), the district court’s construction is too
`narrow to be the broadest reasonable interpretation because the ’926 patent
`uses the term “database” in a broad manner throughout the Specification,
`including allegedly comparing a database to a reference list. Pet. 25 (citing
`Ex. 1001, col. 16, ll. 51–55); see Facebook, Inc. v. Pragmatus AV, LLC, 582
`Fed. Appx. 864, 869 (Fed. Cir. 2014) (nonprecedential) (“The broadest
`reasonable interpretation of a claim term may be the same as or broader than
`the construction of a term under the Phillips standard. But it cannot be
`narrower.”).
`Patent Owner contends that the proper construction of “database” is
`instead “a collection of interrelated data organized according to a database
`schema to serve one or more applications.” Prelim. Resp. 7. As Patent
`Owner points out (id.), this construction has been adopted by the district
`court in the related action between the parties (Ex. 1033, 7). Patent Owner
`
`
`
`8
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 10 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`contends that “[t]his construction stays true to the claim language and most
`naturally aligns with the patent’s description of the invention as well as the
`well-accepted definition of the term.” Prelim. Resp. 7 (citing IBM
`DICTIONARY OF COMPUTING, 165 (10th ed. 1993) (Ex. 2001, 3)). Moreover,
`in response to Petitioner’s argument that the district court’s construction is
`too narrow, Patent Owner contends that the portion of the Specification,
`upon which Petitioner relies, actually differentiates “a referencing list” from
`“a database” by referring to them separately. Id. at 7–8 (citing Ex. 1001, col.
`16, ll. 51–55 (stating that a “referencing list, database or other storage
`structure(s) . . .” can be used to implement a protection scheme; emphasis
`added). Further, Patent Owner contends that the district court recognized
`this distinction in its construction of this term. Id. at 8 (quoting Ex. 1033, 5).
`We agree with Patent Owner that the district court’s construction in
`the related action between the parties represents the broadest reasonable
`interpretation of “database” in light of the claim language and the
`Specification of the ’926 patent. See Translogic Tech., 504 F.3d at 1257; see
`also Power Integrations, Inc. v. Lee, ___ F.3d ____, 2015 WL 4757642, at
`*6 (Fed. Cir. Aug. 12, 2015) (“The fact that the board is not generally bound
`by a previous judicial interpretation of a disputed claim term does not mean
`. . . that it has no obligation to acknowledge that interpretation or to assess
`whether it is consistent with the broadest reasonable construction of the
`term.”). As explained in the Claim Construction Order, the ’926 patent does
`not define the term “database” (Ex. 1033, 5), there is no evidence that Patent
`Owner disavowed the full scope of that term either in the Specification or
`during prosecution (id.), and Patent Owner’s definition appears to reflect
`
`
`
`9
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 11 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`both the context of the Specification, as well as an accepted definition of the
`term. Ex. 1033, 5, 7; see Ex. 1036, 3; Ex. 2001, 3.
`Accordingly, on this record and for purposes of this Decision, we
`determine that the broadest reasonable interpretation of the term “database”
`to be “a collection of interrelated data organized according to a database
`schema to serve one or more applications.”
`
`“Downloadable” (Claims 15, 18, and 22)
`2.
`The term “Downloadable” is recited in challenged claims 15, 18, and
`22. According to Petitioner, under the broadest reasonable interpretation,
`the term “Downloadable” means “information received over a network that
`can include executable code (e.g. Java applets, JavaScript and Visual Basic
`scripts, ActiveX controls, Visual Basic, and other add-ins).” Pet. 25 (citing
`Ex. 1001, col. 2, ll. 46–51); see Ex. 1003 ¶ 90; see also Ex. 1001, col. 1, l.
`66–col. 2, l. 3, col. 2, ll. 35–40 (providing other examples of
`Downloadables).
`In response, Patent Owner contends that the proper construction of the
`term “Downloadable” is “an executable application program which is
`downloaded from a source computer and run on the destination computer.”
`Prelim. Resp. 8–9. Patent Owner points out that this is the definition
`provided in Patent Nos. US 6,804,780 B2 (Ex. 1012) and US 6,092,194 (Ex.
`1013), from which the ’926 patent claims priority and which the ’926 patent
`incorporates by reference. Id. at 9 (citing Ex. 1001, col. 1, ll. 17–27; Ex.
`1012, col. 1, ll. 50–53; Ex. 1013, col. 1, ll. 44–46). Moreover, it is also the
`definition agreed to by Patent Owner and Petitioner in the related action. Id.
`(citing Ex. 2002, 2).
`
`
`
`10
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 12 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`
`Although the broadest reasonable interpretation may differ from a
`construction agreed upon by the parties to a district court action, where
`claim construction is determined according to the different standard set forth
`in Phillips v. AWH Corp., 415 F.3d 1303 (Fed. Cir. 2005) (en banc); on this
`record, we see no rationale for Petitioner’s alternative interpretation of this
`term. Power Integration, 2015 WL 4757642, at *6. Further, as noted above,
`the broadest reasonable interpretation of a claim term may be the same as or
`broader than the construction of that term under the Phillips standard, but
`not narrower. Facebook, 582 Fed. Appx. at 869. To the extent that
`Petitioner seeks to incorporate specific examples of “executable code” into
`the interpretation of this term, those examples narrow the interpretation of
`this term. Moreover, as Patent Owner notes, its proposed interpretation is
`broad enough to encompass those examples. Prelim. Resp. 10.
`We agree with and adopt the interpretation of the term
`“Downloadables” to which the parties agreed in the district court action, as
`the broadest reasonable interpretation of “Downloadable” consistent with the
`Specification. Accordingly, on this record and for purposes of this Decision,
`we construe the term “Downloadable” to mean “an executable application
`program which is automatically downloaded from a source computer and
`run on a destination computer.”
`3.
`“Downloadable security profile data” (Claims 15 and 22)
`The term “Downloadable security profile data” is recited in claims 15
`and 22 of the ’926 patent. Petitioner argues that the broadest reasonable
`interpretation of this term is “security information relating to the
`Downloadable.” Pet. 26. According to Petitioner, this term must be
`construed broadly to encompass the specific examples included in claim 15
`
`
`
`11
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 13 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`and in other, unchallenged claims; and this construction is consistent with
`the Specification of the ’926 patent. Id. (citing Ex. 1001, col. 3, ll. 6–11,
`col. 20, l. 67–col. 21, l. 3 (claim 1), col. 21, ll. 14–22 (claims 5–7), Fig. 9);
`see Ex. 1003 ¶¶ 91–93. Patent Owner contends that the term needs no
`express construction and that the plain meaning within the context of claims
`15 and 22 should apply. Prelim. Resp. 11–13.
`Although the term “Downloadable” is interpreted above, and claim 15
`and 22 provide specific language explaining what “Downloadable security
`profile data” includes, the phrase “security profile data” is not defined in the
`Specification, and neither party proposes an accepted definition for that
`phrase. See Pet. 26; Prelim. Resp. 11–13. Further, we find Petitioner’s
`proposed interpretation, “security information relating to the
`Downloadable,” to be overly broad, substantially circular, and generally
`unhelpful.
`As noted above, we presume that claim terms have their ordinary and
`customary meaning. See Translogic Tech., 504 F.3d at 1257. Looking at
`the individual words comprising the phrase, we note that “security” means
`“something that gives or assures safety, tranquility, certainty, etc.;
`protection; safeguard”; “profile” means “a graph, diagram, piece of writing,
`etc. presenting or summarizing data relevant to a person or thing”; and
`“data” means “information.” WEBSTER’S NEW WORLD DICTIONARY OF
`AMERICAN ENGLISH, 352, 1074, 1214 (3rd ed. 1988) (Ex. 3001). In addition,
`as noted by Petitioner, other claims of the patent at issue, both challenged
`and unchallenged, can be valuable sources of enlightenment as to the
`meaning of a claim term. See Vitronics Corp. v. Conceptronic, Inc., 90 F.3d
`1576, 1582 (Fed. Cir. 1996). Consistent with the Specification and the
`
`
`
`12
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 14 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`challenged and unchallenged claims of the ’926 patent, “Downloadable
`security profile data” includes “a list of suspicious computer operations that
`may be attempted by the Downloadable” (Ex. 1001, claims 15 and 22) and
`may include “calls made to an operating system, a file system, a network
`system, and to memory” (id., claim 5); “a URL from where the
`Downloadable originated” (id., claim 6); and “a digital certificate” (id.,
`claim 7). See Ex. 1001, col. 2, ll. 51–64.
`Accordingly, on this record and for purposes of this Decision, the
`broadest reasonable interpretation of the term “Downloadable security
`profile data” is “a presentation or summary of information regarding the
`protection or safeguarding of an executable application program which is
`automatically downloaded from a source computer and run on a destination
`computer.”
`4. Other Claim Terms
`For purposes of this Decision, no other claim terms require express
`interpretation. Wellman, Inc. v. Eastman Chem. Co., 642 F.3d 1355, 1361
`(Fed. Cir. 2011) (“claim terms need only be construed ‘to the extent
`necessary to resolve the controversy’” (quoting Vivid Techs., Inc. v. Am. Sci.
`& Eng’g, Inc., 200 F.3d 795, 803 (Fed. Cir. 1999))).
`
`B. Asserted Grounds of Unpatentability
`1. Overview
`Petitioner argues that claims 15, 18, 19, and 22 of the ’926 patent are
`rendered obvious by the combinations of references described above. See
`supra Sec. I.E. A patent claim is unpatentable under 35 U.S.C. § 103(a) if
`the differences between the claimed subject matter and the prior art are
`“such that the subject matter[,] as a whole[,] would have been obvious at the
`
`
`
`13
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 15 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`time the invention was made to a person having ordinary skill in the art to
`which said subject matter pertains.” KSR Int’l Co. v. Teleflex Inc., 550 U.S.
`398, 406 (2007). The question of obviousness is resolved on the basis of
`underlying factual determinations, including: (1) the scope and content of
`the prior art; (2) any differences between the claimed subject matter and the
`prior art; (3) the level of skill in the art2; and (4) objective evidence of
`nonobviousness, i.e., secondary considerations. Graham v. John Deere Co.,
`383 U.S. 1, 17–18 (1966). On this record and for the reasons set forth
`below, we are not persuaded that Petitioner demonstrates a reasonable
`likelihood of prevailing in the challenges to claims 15, 18, 19, and 22 of the
`’926 patent.
`
`2. Obviousness over Ji, Knuth, and Hruska
`Petitioner contends that the combination of the teachings of Ji, Knuth,
`and Hruska would have rendered obvious the subject matter of claims 15,
`18, 19, and 22 of the ’926 patent. Pet. 29–40. For the reasons that follow,
`we are not persuaded that Petitioner has established a reasonable likelihood
`that it would prevail on this ground with respect to any of the challenged
`claims.
`
`a. Ji
`Ji describes methods and scanners for detecting and preventing
`execution of instructions in an application program provided from a
`computer network, in particular, methods and “network scanner for security
`checking of application programs (e.g. Java applets or Active X controls)
`
`2 Petitioner proposes a definition for a person of ordinary skill in the art.
`Pet. 16; see Ex. 1003 ¶ 69. Patent Owner does not challenge this definition.
`For purposes of this Decision and to the extent necessary, we adopt
`Petitioner’s definition.
`
`
`
`14
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 16 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`received over the Internet or an Intranet [that] has both static (pre-run time)
`and dynamic (run time) scanning.” Ex. 1004, Abstract. Ji teaches creating a
`sandboxed package including mobile protection code, the downloadable-
`information and the security policies, where the sandboxed package is
`communicated subsequently to the intended client destination. Id. at col. 3,
`ll. 32–44, col. 4, l. 66–col. 5, l. 43, col. 6, ll. 38–42, col. 7, ll. 8–28; Pet. 30
`(citing Ex. 1003 ¶ 106). Ji’s Figure 1 is reproduced below:
`
`
`Figure 1 depicts a block diagram illustrating client machine 14
`connected to the Internet 10 via proxy server machine 20. Ex. 1004, col. 4,
`ll. 55–60. Proxy server machine 20 receives software from the Internet 10
`
`
`
`15
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 17 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`and transmits that software to client machine 14 via web browser 22, so that
`the software is installed on client machine 14. Id. at col. 4, ll. 60–63. Client
`machine 14 also includes local resources 30, e.g., files stored on a disk drive.
`Id.
`
`During prosecution of the ’926 patent, the Examiner relied on Ji as an
`anticipatory reference disclosing all of the limitations of originally filed
`claims, including original claims 141 and 143, which, after amendment,
`issued as challenged claims 15 and 22. Pet. 7–8; Ex. 1002, 127. During
`prosecution, however, the Examiner determined that at least two claims,
`original claims 142 and 144, contained allowable subject matter and would
`be allowable if rewritten in independent form to include the limitations of
`their base claims, claims 141 and 143. Ex. 1002, 132.
`Claim 142 recited “[t]he computer-based method of claim 141 further
`comprising performing a hashing function on the incoming Downloadable to
`compute the incoming Downloadable ID”; and claim 144 recited “[t]he
`system of claim 143 further comprising a Downloadable identifier for
`performing a hashing function on the incoming Downloadable to compute
`the incoming Downloadable to compute the incoming Downloadable ID.”
`Id. at 97 (emphases added). Applicants overcame the anticipation rejections
`of claims 141 and 143 over Ji by amending claims 141 (claim 15) and 143
`(claim 22) to include the limitations of claims 142 and 144, respectively. Id.
`at 148–49.
`
`b. Knuth
`Knuth is a treatise on computer programming. Ex. 1025, 5–6; Pet. 31
`(citing Ex. 1003 ¶ 109). In Knuth’s Section 6.4, Knuth provides a history
`and explanation of the use of hashing functions in computer programming in
`
`
`
`16
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 18 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`1973. Ex. 1025, 39–75; see Pet. 31 (citing Ex. 1003 ¶ 110). Petitioner
`argues that Knuth teaches that the use of hashing functions was well-known
`in computer programming and computer security applications. Pet. 32
`(citing Ex. 1003 ¶ 110).
`c. Hruska
`Hruska provides a framework for describing the principles of network
`security, particularly, virus protection. Ex. 1027, 12–13. Hruska analyzes
`the state of anti-virus principles in 1992 and teaches the use of various
`computer programming techniques for protecting computers, including the
`use of hashing functions to index entries in a database and the use of hashing
`functions for virus protection. Pet. 32 (citing Ex. 1003 ¶¶ 111–12).
`d. Discussion
`Relying, in part, on the analysis performed by the Examiner during
`prosecution, Petitioner argues that Ji teaches or suggests all of the limitations
`of challenged claims 15 and 22, except for the limitations relating to
`performance of the hashing function. Pet. 32–37 (claim 15), 39–40 (claim
`22) (citing Ex. 1002, 127–130). Further, Petitioner argues that Ji teaches the
`additional limitations of claims 18 and 19. Id. at 37–39. Petitioner
`acknowledges, however, that “Ji does not explicitly disclose using a hash of
`the Downloadable as an index.” Id. at 31 (citing Ex. 1003 ¶¶ 107–108).
`Petitioner argues, however, that the combination of the teachings of Ji with
`those of Knuth and Hruska teach or suggest “performing a hashing function
`on the incoming Downloadable to compute an incoming Downloadable ID,”
`as recited in claims 15 and 22 of the ’926 patent. Id. at 33–34, 39.
`Regarding the “performance” step of claim 15, Petitioner argues that
`“Knuth and Hruska disclose[] using a hash function to index entries in a
`
`
`
`17
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 19 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`database, which comprises the performance of a hashing function on the
`incoming data to compute an ID for the incoming data.” Pet. 33. Although
`the Specification of the ’926 patent does not include a definition of a hashing
`function, Hruska defines a “hash function” as “[a] function which maps a set
`of variable size data into objects of a single size. Widely used for fast
`searching.” Ex. 1027, 138. Patent Owner does not propose an alternative
`definition for “hashing function” for purposes of this Decision. Initially, we
`note that Petitioner argues that hashing the Downloadables to create the
`index entries in a database “comprises” hashing the incoming Downloadable
`to compute a Downloadable ID for the incoming data. Specifically,
`Petitioner states that “it would have been obvious to a POSITA to utilize a
`hash function as disclosed in Knuth and Hruska on an applet to form an
`index, and to use that index to retrieve the predefined security policies
`applicable to the applet from a database of predefined security policies.”
`Pet. 34 (citing Pet. 16–21; Ex. 1003 ¶ 135).
`We agree with Patent Owner, however, that Petitioner fails to show
`where Knuth and Hruska teach or suggest performing a hashing function on
`a Downloadable to obtain a Downloadable ID (Prelim. Resp. 21–25 (citing
`Ex. 1025, 39; Ex. 1027, 83–84, 89)) for later use in “retrieving security
`profile data for the incoming Downloadable from a database of
`Downloadable security profiles indexed according to Downloadable IDs”
`(id. at 25–28). Nevertheless, as Petitioner notes, Knuth teaches “search
`methods based on comparing the given argument K to the keys in the table,
`or using its digits to govern a branching process.” Id. at 23 (quoting Ex.
`1025, 39); see Pet. 33. According to Petitioner, another possibility, which
`would avoid “rummaging” through a table of data, would be to do “some
`
`
`
`18
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 20 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`arithmetical calculation on K, computing a function f(K) which is the
`location of K and the associated data in the table.” Prelim. Resp. 23
`(quoting Ex. 1025, 39); see Pet. 33. Petitioner explains that “K is the
`claimed ‘Downloadable,’ f(K) is a hashing function, and the result from the
`hashing function, f(K), is the claimed ‘Downloadable ID’.” Pet. 33; see Ex.
`1003 ¶¶ 131–35. Further, Petitioner argues that a person of ordinary skill in
`the art “would have been motivated to perform the hashing function on an
`entire applet[, i.e., a Downloadable,] because Ji discloses that a security
`policy may be imposed based on the entire applet.” Pet. 35 (citing Ex. 1004,
`col. 3, ll. 7–56, col. 4, ll. 51–54; Ex. 1003 ¶¶ 126–35).
`As Patent Owner notes, however, Knuth states that “K” is an
`argument for a search algorithm, not an incoming Downloadable. Prelim.
`Resp. 23 (citing Ex. 1025, 39 (“the given argument K”)). Patent Owner
`further contends that “the function, f(K), does not compute a Downloadable
`ID. f(K) is simply a function in a program’s search algorithm for finding
`argument K’s location in the table.” Id. (citing Ex. 1025, 39 (“computing a
`function f(K) which is the location of K and the associated data in the
`table.”)). Moreover, even assuming, as Petitioner argues, that a person of
`ordinary skill in the art “would have been motivated to perform the hashing
`function on an entire applet” (Pet. 35), Petitioner fails to demonstrate
`sufficiently that this teaches or suggests computation of a Downloadable ID
`or retrieval of Downloadable security profile data based on a Downloadable
`ID. Prelim. Resp. 27–28. In view of Patent Owner’s arguments and our
`interpretations of the relevant claim terms, we are not persuaded by
`Petitioner that the combination of the teachings of Ji, Knuth, and Hruska
`teaches or suggests performing a hashing function on a Downloadable to
`
`
`
`19
`
`
`
`Case 3:17-cv-05659-WHA Document 182-18 Filed 08/20/18 Page 21 of 29
`IPR2015-00907
`Patent 7,613,926 B2
`
`compute a Downloadable ID or retrieving Downloadable security profile
`data from a database of Downloadable security profiles based on the
`computed Downloadable ID, as recited in claim 15 and 22 of the ’926
`patent.
`In addition, Petitioner argues that Ji teaches or suggests the step of
`“transmitting the incoming Downloadable and a representation of the
`retrieved Downloadable security profile data to a destination computer, via
`a transport protocol transmission,” as recited