Filed on behalf of: VirnetX Inc.
`By:
`
`Joseph E. Palys
`Paul Hastings LLP
`875 15th Street NW
`Washington, DC 20005
`Telephone: (202) 551-1996
`Facsimile: (202) 551-0496
`E-mail: josephpalys@paulhastings.com
`
`
`
`Paper No. ___
`Filed: June 6, 2016
`
`Naveen Modi
`Paul Hastings LLP
`875 15th Street NW
`Washington, DC 20005
`Telephone: (202) 551-1990
`Facsimile: (202) 551-0490
`E-mail: naveenmodi@paulhastings.com
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`
`
`
`
`
`
`
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`
`
`
`
`
`
`
`
`
`
`
`
`APPLE INC.,
`Petitioner
`
`v.
`
`VIRNETX INC.
`Patent Owner
`
`
`
`
`
`
`
`Case IPR2015-00810
`Patent No. 8,868,705
`
`
`
`
`
`
`
`
`
`
`PATENT OWNER’S DEMONSTRATIVE EXHIBITS
`
`
`By:
`
`Joseph E. Palys
`Paul Hastings LLP
`875 15th Street NW
`Washington, DC 20005
`Telephone: (202) 551-1996
`Facsimile: (202) 551-0496
`E-mail: josephpalys@paulhastings.com
`
`
`
`Paper No. ___
`Filed: June 6, 2016
`
`Naveen Modi
`Paul Hastings LLP
`875 15th Street NW
`Washington, DC 20005
`Telephone: (202) 551-1990
`Facsimile: (202) 551-0490
`E-mail: naveenmodi@paulhastings.com
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`
`
`
`
`
`
`
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`
`
`
`
`
`
`
`
`
`
`
`
`APPLE INC.,
`Petitioner
`
`v.
`
`VIRNETX INC.
`Patent Owner
`
`
`
`
`
`
`
`Case IPR2015-00810
`Patent No. 8,868,705
`
`
`
`
`
`
`
`
`
`
`PATENT OWNER’S DEMONSTRATIVE EXHIBITS
`
`
`
`Inter Partes Review of
`U.S. Patent No. 8,868,705
`U.S. Patent No. 8,850,009
`
`Case Nos. IPR2015-00810,
`IPR2015-00811, and IPR2015-00812
`
`Oral Hearing: June 8, 2016
`
`
`
`Instituted Grounds
`IPR2015-00810 (U.S. Patent No. 8,868,705)
`– Claims 1-4, 6-10, 12-26, and 28-34 as obvious over Beser and RFC
`2401
`– Claims 5, 11, and 27 as obvious over Beser, RFC 2401, and Brand
`
`
`IPR2015-00811 (U.S. Patent No. 8,868,705)
`– Claims 1-3, 6, 14, 16-25, 28, 31, 33, and 34 as obvious over Aventail
`Connect and RFC 2401
`– Claims 8-10, 12, 15, 30, and 32 as obvious over Aventail Connect,
`RFC 2401, and RFC 2543
`– Claims 4, 5, 7, 26, 27, and 29 as obvious over Aventail Connect, RFC
`2401, and Brand
`– Claims 11 and 13 as obvious over Aventail Connect, RFC 2401, RFC
`2543, and Brand
`
`IPR2015-00812 (U.S. Patent No. 8,850,009)
`– Claims 1-8, 10-20, and 22-25 as obvious over Beser and RFC 2401
`
`•
`
`•
`
`•
`
`IPR2015-00810, Inst. Dec. at 23; IPR2015-00811, Inst. Dec. at 24; IPR2015-00812, Inst. Dec. at 14
`
`2
`2
`
`
`
`IPR2015-00810
`U.S. Patent No. 8,868,705
`
`3
`
`
`
`Beser’s Tunneling Method
`
`IPR2015-00810, Ex. 1007 at Figs. 1, 6; P.O. Resp. at 17-21
`
`4
`4
`
`
`
`Beser’s Tunneling Method
`Apple’s expert:
`
`IPR2015-00810, Ex. 2015 at 110:9-11; P.O. Resp. at 22
`
`5 5
`
`
`
`Independent Claim 1 of the ’705 Patent
`
`1. A method of transparently creating an encrypted communications channel
`between a client device and a target device, each device being configured to allow
`secure data communications between the client device and the target device over
`the encrypted communications channel once the encrypted communications
`channel is created, the method comprising:
`
`(1) intercepting from the client device a request to look up an Internet Protocol (IP)
`address corresponding to a domain name associated with the target device;
`
`(2) determining whether the request to look up the IP address [[transmitted]]
`intercepted in step (1) corresponds to a device that accepts an encrypted channel
`connection with the client device; and
`
`(3) in response to determining, in step (2), that the request to look up the IP address
`in step (2) corresponds to a device that accepts an encrypted communications
`channel connection with the client device, providing provisioning information
`required to initiate the creation of the encrypted communications channel between
`the client device and the target device such that the encrypted communications
`channel supports secure data communications transmitted between the two
`devices, the client device being a device at which a user accesses the encrypted
`communications channel.
`
`IPR2015-00810, Ex. 1001, claim 1
`
`6
`6
`
`
`
`The “Intercepting” Feature
`Apple’s Petition:
`
`IPR2015-00810, Pet. at 11
`
`7
`7
`
`
`
`The “Intercepting” Feature
`Apple’s expert:
`
`IPR2015-00810, Ex. 2015 at 80:3-13; P.O. Resp. at 11-13, 23-25
`
`8 8
`
`
`
`The “Intercepting” Feature
`Apple’s Reply:
`
`IPR2015-00810, Reply at 14-15
`
`9 9
`
`
`
`The “Intercepting” Feature
`Apple’s Petition:
`
`IPR2015-00810, Pet. at 33
`
`10
`10
`
`
`
`The Alleged Request in Beser Is Not “Intercept[ed]”
`
`
`
`
`
`IPR2015-00810, Ex. 1007 at 11:15-20, Fig. 6; P.O. Resp. at 25
`
`11 11
`
`
`
`The Alleged Request in Beser Is Not “Intercept[ed]”
`
`
`
`
`
`IPR2015-00810, Ex. 1007 at 11:15-20, Fig. 6; P.O. Resp. at 26-27
`
`12 12
`
`
`
`The Alleged Request in Beser Is Not “Intercept[ed]”
`
`
`
`
`
`IPR2015-00810, Ex. 1007 at 11:15-20, Fig. 6; P.O. Resp. at 26-27
`
`13 13
`
`
`
`Claims 14 and 31 of the ’705 Patent
`Claims 14 and 31:
`14. The method of claim 1, wherein the target device is a
`server.
`31. The system according to claim 21, wherein the target
`device is a server.
`
`Apple’s Petition:
`
`IPR2015-00810, Ex. 1001, claims 14 and 31; Pet. at 46
`
`14 14
`
`
`
`Claims 14 and 31 of the ’705 Patent
`Apple’s expert:
`
`IPR2015-00810, Ex. 1005 at ¶ 289; P.O. Resp. at 35-37
`
`15
`15
`
`
`
`Claims 14 and 31 of the ’705 Patent
`Apple’s Petition:
`
`IPR2015-00810, Pet. at 46-47
`
`16
`16
`
`
`
`Claims 14 and 31 of the ’705 Patent
`Apple’s expert:
`
`IPR2015-00810, Ex. 1005 at ¶ 126; P.O. Resp. at 35-37
`
`17
`17
`
`
`
`IPR2015-00812
`U.S. Patent No. 8,850,009
`
`18
`
`
`
`Independent Claim 1 of the ’009 Patent
`
`1. A network device, comprising: a storage device storing an application program for a
`secure communications service; and
`
`at least one processor configured to execute the application program for the secure
`communications service so as to enable the network device to:
`
`send a domain name service (DNS) request to look up a network address of a second
`network device based on an identifier associated with the second network device;
`
`receive, following interception of the DNS request and a determination that the second
`network device is available for the secure communications service: (1) an indication that
`the second network device is available for the secure communications service, (2) the
`requested network address of the second network device, and (3) provisioning
`information for an encrypted communication link;
`
`connect to the second network device over the encrypted communication link, using the
`received network address of the second network device and the provisioning information
`for the encrypted communication link; and
`
`communicate data with the second network device using the secure communications
`service via the encrypted communication link,
`
`the network device being a device at which a user uses the secure communications
`service to access the encrypted communication link.
`
`IPR2015-00812, Ex. 1003, claim 1
`
`19
`19
`
`
`
`The “Domain Name Service (DNS) Request” Feature
`Apple’s expert:
`
`IPR2015-00812, Ex. 2015 at 102:9-13; P.O. Resp. at 28
`
`20 20
`
`
`
`The “Domain Name Service (DNS) Request” Feature
`Apple’s Reply:
`
`
`
`Apple’s expert:
`
`IPR2015-00812, Reply at 10; Ex. 1005 at ¶ 306
`
`21 21
`
`
`
`IPR2015-00811
`U.S. Patent No. 8,868,705
`
`22
`
`
`
`Basic Configuration for Aventail
`• Application->Aventail Connect->SOCKS server
`->Remote Host
`
`• Aventail Connect
`– Checks redirection rule for the hostname of a remote
`(step 1)
`– Checks a connection request by application (step 2a)
`
`
`• SOCKS server
`– Negotiates authentication method with Aventail
`Connect (step 2b)
`– If encryption option selected by SOCKS server, data is
`encrypted to the SOCKS server (step 3)
`
`IPR2015-00811, P.O. Resp. at 15-17
`
`23 23
`
`
`
`Basic Configuration for Aventail
`
`IPR2015-00811, Ex. 1009 at 11-12; P.O. Resp. at 15-17
`
`24 24
`
`
`
`Basic Configuration for Aventail
`
`IPR2015-00811, Ex. 1009 at 11-12; P.O. Resp. at 15-17
`
`25 25
`
`
`
`Basic Configuration for Aventail
`
`IPR2015-00811, Ex. 1009 at 11-12; P.O. Resp. at 15-17
`
`26 26
`
`
`
`Independent Claim 1 of the ’705 Patent
`
`1. A method of transparently creating an encrypted communications channel
`between a client device and a target device, each device being configured to allow
`secure data communications between the client device and the target device over
`the encrypted communications channel once the encrypted communications
`channel is created, the method comprising:
`
`(1) intercepting from the client device a request to look up an Internet Protocol (IP)
`address corresponding to a domain name associated with the target device;
`
`(2) determining whether the request to look up the IP address [[transmitted]]
`intercepted in step (1) corresponds to a device that accepts an encrypted
`channel connection with the client device; and
`
`(3) in response to determining, in step (2), that the request to look up the IP address
`in step (2) corresponds to a device that accepts an encrypted communications
`channel connection with the client device, providing provisioning information
`required to initiate the creation of the encrypted communications channel between
`the client device and the target device such that the encrypted communications
`channel supports secure data communications transmitted between the two
`devices, the client device being a device at which a user accesses the encrypted
`communications channel.
`
`IPR2015-00811, Ex. 1001, claim 1
`
`27
`27
`
`
`
`Aventail Does Not Disclose the “Determining” Feature
`
` Apple’s Petition:
`
`
`IPR2015-00811, Pet. at 34
`
`28 28
`
`
`
`Aventail Does Not Disclose the “Determining” Feature
`
`
`
`Patent Owner’s Response:
`
`IPR2015-00811, P.O. Resp. at 17-23
`
`29 29
`
`
`
`Aventail Does Not Disclose the “Determining” Feature
`
`
`
`Patent Owner’s Response:
`
`IPR2015-00811, P.O. Resp. at 20
`
`30 30
`
`
`
`Aventail Does Not Disclose the “Determining” Feature
`
`• Aventail’s redirection rule:
`
`
`IPR2015-00811, Ex. 1009 at 40; P.O. Resp. at 21-22
`
`31 31
`
`
`
`Apple’s Reply
`
`IPR2015-00811, Reply at 8
`
`32 32
`
`
`
`Apple’s Reply
`
`IPR2015-00811, Reply at 8
`
`33 33
`
`
`
`Apple’s Reply
`
`IPR2015-00811, Reply at 9
`
`34 34
`
`
`
`Apple’s Reply
`
`IPR2015-00811, Reply at 9
`
`35 35
`
`
`
`Independent Claim 1 of the ’705 Patent
`
`1. A method of transparently creating an encrypted communications channel
`between a client device and a target device, each device being configured to allow
`secure data communications between the client device and the target device over
`the encrypted communications channel once the encrypted communications
`channel is created, the method comprising:
`
`(1) intercepting from the client device a request to look up an Internet Protocol (IP)
`address corresponding to a domain name associated with the target device;
`
`(2) determining whether the request to look up the IP address [[transmitted]]
`intercepted in step (1) corresponds to a device that accepts an encrypted channel
`connection with the client device; and
`
`(3) in response to determining, in step (2), that the request to look up the IP
`address in step (2) corresponds to a device that accepts an encrypted
`communications channel connection with the client device, providing
`provisioning information required to initiate the creation of the encrypted
`communications channel between the client device and the target device such
`that the encrypted communications channel supports secure data communications
`transmitted between the two devices, the client device being a device at which a
`user accesses the encrypted communications channel.
`
`IPR2015-00811, Ex. 1001, claim 1
`
`36
`36
`
`
`
`“Provisioning Information” Feature
`
`Patent Owner’s Response:
`
`IPR2015-00811, P.O. Resp. at 25-26
`
`37 37
`
`
`
`“Provisioning Information” Feature
`
`Patent Owner’s Response:
`
`IPR2015-00811, P.O. Resp. at 26
`
`38 38
`
`
`
`HOSTENT
`
`IPR2015-00811, P.O. Resp. at 26-29
`
`39 39
`
`
`
`TCP Sequence Numbers
`
`Patent Owner’s Response:
`
`IPR2015-00811, P.O. Resp. at 30-31
`
`40 40
`
`
`
`“Selection of Encryption Method”
`
`Patent Owner’s Response:
`
`IPR2015-00811, P.O. Resp. at 31-32
`
`41 41
`
`
`
`“SOCKS Exchanges”
`
`Patent Owner’s Response:
`
`IPR2015-00811, P.O. Resp. at 32-33
`
`42 42
`
`
`
`Claims 2, 16, and 33 of the ’705 Patent
`
`
`
`Claim 2:
`2. The method of claim 1, wherein providing the provisioning information required to initiate
`the encrypted communications channel is based on a determination that the target
`device is a device with which an encrypted communications channel can be
`established when the IP address request corresponds to a target device identified in an
`network address lookup.
`
`
`
`Apple’s Petition:
`
`
`
`IPR2015-00811, Ex. 1001, claim 2; Pet. at 44; P.O. Resp. at 34-36
`
`43 43
`
`
`
`Claims 3 and 25 of the ’705 Patent
`Claims 3 and 25:
`
`3. The method of claim 1, wherein the domain name is a
`secure domain name.
`
`25. The system according to claim 21, wherein the domain
`name is a secure domain name.
`
`
`IPR2015-00811, Ex. 1001, claims 3 and 25
`
`44 44
`
`
`
`Claims 3 and 25 of the ’705 Patent
`Apple’s Petition:
`
`
`
`
`IPR2015-00811, Pet. at 44-45, P.O. Resp. at 36-37
`
`45 45
`
`
`
`Claims 3 and 25 of the ’705 Patent
`Patent Owner’s Response:
`
`
`
`Patent Owner’s Response:
`
`
`IPR2015-00811, P.O. Resp. at 36-37
`
`46 46
`
`
`
`Claims 3 and 25 of the ’705 Patent
`Apple’s Reply:
`
`IPR2015-00811, Reply at 15
`
`47
`47
`
`
`
`Claims 17 and 34 of the ’705 Patent
`1. A method of transparently creating an encrypted communications
`channel between a client device and a target device . . . :
`
`(1) intercepting from the client device a request to look up an Internet
`Protocol (IP) address corresponding to a domain name associated with
`the target device;
`
`(2) determining whether the request to look up the IP address
`[[transmitted]] intercepted in step (1) corresponds to a device that
`accepts an encrypted channel connection with the client device; and
`
`. . . .
`
`17. The method according to claim 1, wherein the intercepting the
`request occurs within another device that is separate from the client
`device.
`
`
`IPR2015-00811, Ex. 1001, claims 1 and 17; P.O. Resp. at 38-40
`
`48 48
`
`
`
`Claims 17 and 34 of the ’705 Patent
`Apple’s Petition:
`
`
`
`
`
`IPR2015-00811, Pet. at 48; P.O. Resp. at 38-40
`
`49 49
`
`
`
`Aventail Not Shown As a Printed Publication
`Apple’s Petition:
`
`
`IPR2015-00811, Pet. at 15; P.O. Resp. at 46-51
`
`50 50
`
`
`
`Hopen Declaration
`• The version of Aventail Extranet Center relevant here is
`AEC v3.0, which allegedly included Aventail Connect
`v3.01/2.51. It was allegedly announced in Fall of 1998.
`
`
`
`IPR2015-00811, Ex. 1023 at 2; P.O. Resp. at 48-50
`
`51 51
`
`
`
`Hopen Declaration
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2015-00811, Ex. 1023 at 2-3; P.O. Resp. at 48-49
`
`52 52
`
`
`
`Chester Declaration
`
`Apple’s Petition:
`
`
`
`
`
`
`
`IPR2015-00811, Pet. at 16
`
`53 53
`
`
`
`Chester Declaration
`
`
`
`
`
`
`
`
`
`
`
`IPR2015-00811, Ex. 1002 at 3; P.O. Resp. at 50
`
`54 54
`
`
`
`Appendix
`
`
`
`Claim 1 of the ’705 Patent
`1. A method of transparently creating an encrypted communications channel
`between a client device and a target device, each device being configured to
`allow secure data communications between the client device and the target
`device over the encrypted communications channel once the encrypted
`communications channel is created, the method comprising:(1) intercepting from
`the client device a request to look up an Internet Protocol (IP) address
`corresponding to a domain name associated with the target device;
`(2) determining whether the request to look up the IP address [[transmitted]]
`intercepted in step (1) corresponds to a device that accepts an encrypted
`channel connection with the client device; and
`(3) in response to determining, in step (2), that the request to look up the IP
`address in step (2) corresponds to a device that accepts an encrypted
`communications channel connection with the client device, providing provisioning
`information required to initiate the creation of the encrypted communications
`channel between the client device and the target device such that the encrypted
`communications channel supports secure data communications transmitted
`between the two devices, the client device being a device at which a user
`accesses the encrypted communications channel.
`
`IPR2015-00810, -00811, Ex. 1001, claim 1
`
`56 56
`
`
`
`Claims 2-6 of the ’705 Patent
`2. The method of claim 1, wherein providing the provisioning information required
`to initiate the encrypted communications channel is based on a determination
`that the target device is a device with which an encrypted communications
`channel can be established when the IP address request corresponds to a target
`device identified in an network address lookup.
`
`3. The method of claim 1, wherein the domain name is a secure domain name.
`
`4. The method of claim 1, wherein the encrypted communications channel is a
`broadband connection.
`
`5. The method of claim 1, wherein the encrypted communications channel is an
`unmodulated transmission link.
`
`6. The method of claim 1, wherein the encrypted communications channel is a
`modulated transmission link.
`
`IPR2015-00810, -00811, Ex. 1001, claims 2-6
`
`57 57
`
`
`
`Claims 7-11 of the ’705 Patent
`7. The method of claim 1, wherein the encrypted communications channel
`supports at least one of the following: FDM, TDM and CDMA.
`
`8. The method of claim 1, wherein the client device is a phone.
`
`9. The method of claim 8, wherein providing the provisioning information required
`to initiate the encrypted communications channel is based on a determination
`that the target device is a device with which an encrypted communications
`channel can be established when the IP address request corresponds to a target
`device identified in an network address lookup.
`
`10. The method of claim 8, wherein the domain name is a secure domain name.
`
`11. The method of claim 8, wherein the encrypted communications channel is an
`unmodulated transmission link.
`
`IPR2015-00810, -00811, Ex. 1001, claims 7-11
`
`58 58
`
`
`
`Claims 12-17 of the ’705 Patent
`12. The method of claim 8, wherein the encrypted communications channel is a
`modulated transmission link.
`
`13. The method of claim 8, wherein the encrypted communications channel
`supports at least one of the following: FDM, TDM and CDMA.
`
`14. The method of claim 1, wherein the target device is a server.
`
`15. The method of claim 1, wherein the target device is a phone.
`
`16. The method according to claim 1, wherein intercepting the request consists of
`receiving the request to determine whether the target device accepts an
`encrypted channel connection with the client device.
`
`17. The method according to claim 1, wherein the intercepting the request occurs
`within another device that is separate from the client device.
`
`IPR2015-00810, -00811, Ex. 1001, claims 12-17
`
`59 59
`
`
`
`Claims 18-20 of the ’705 Patent
`18. The method according to claim 1, wherein the encrypted communications
`channel supports a plurality of services.
`
`19. The method according to claim 18, wherein the plurality of services
`comprises a plurality of communication protocols, a plurality of application
`programs, multiple sessions, or a combination thereof.
`
`20. The method according to claim 19, wherein the plurality of other application
`programs comprises at least one of the following: e-mail, a word processing
`program, and telephony.
`
`
`
`IPR2015-00810, -00811, Ex. 1001, claims 18-20
`
`60 60
`
`
`
`Claim 21 of the ’705 Patent
`21. A system for transparently creating an encrypted communications channel
`between a client device and a target device, each device being configured to
`allow secure data communications therebetween over an encrypted
`communications channel once the encrypted communications channel is created,
`the system including a memory storing instructions, and a server configuration
`arranged to:(1) intercept from the client device a request to look up an Internet
`Protcol (IP) address corresponding to a domain name associated with the target
`device;
`(2) determine whether the request to look up the IP address [[transmitted]]
`intercepted in step (1) corresponds to a device that accepts an encrypted
`channel connection with the client device; and
`(3) in response to determining, in step (2), that the request to look up the IP
`address corresponds to a device that accepts an encrypted communications
`channel connection with the client device, provide provisioning information
`required to initiate the creation of the encrypted communications channel
`between the client device and the target device such that the encrypted
`communications channel supports secure data communications transmitted
`between the two devices, the client device being a device at which a user
`accesses the encrypted communications channel.
`
`IPR2015-00810, -00811, Ex. 1001, claim 21
`
`61 61
`
`
`
`Claims 22-26 of the ’705 Patent
`22. A system according to claim 21, wherein the encrypted communications
`channel supports a plurality of services.
`
`23. The system according to claim 21, wherein the plurality of services comprises
`a plurality of communication protocols, a plurality of application programs,
`multiple sessions, or a combination thereof.
`
`24. The system according to claim 23, wherein the plurality of other application
`programs comprises at least one of the following: e-mail, a word processing
`program, and telephony.
`
`25. The system according to claim 21, wherein the domain name is a secure
`domain name.
`
`26. The system according to claim 21, wherein the encrypted communications
`channel is a broadband connection.
`
`IPR2015-00810, -00811, Ex. 1001, claims 22-26
`
`62 62
`
`
`
`Claims 27-32 of the ’705 Patent
`27. The system according to claim 21, wherein the encrypted communications
`channel is an unmodulated transmission link.
`
`28. The system according to claim 21, wherein the encrypted communications
`channel is a modulated transmission link.
`
`29. The system according to claim 21, wherein the encrypted communications
`channel supports at least one of the following: FDM, TDM and CDMA.
`
`30. The system according to claim 21, wherein the client device is a phone.
`
`31. The system according to claim 21, wherein the target device is a server.
`
`32. The system according to claim 21, wherein the target device is a phone.
`
`IPR2015-00810, -00811, Ex. 1001, claims 27-32
`
`63 63
`
`
`
`Claims 33-34 of the ’705 Patent
`33. The system according to claim 21, wherein intercepting the request consists
`of the system receiving the request to determine whether the target device
`accepts an encrypted channel connection with the client device.
`
`34. The system according to claim 21, wherein intercepting the request occurs
`within another device that is separate from the client device.
`
`IPR2015-00810, -00811, Ex. 1001, claims 33-34
`
`64 64
`
`
`
`Claim 1 of the ’009 Patent
`1. A network device, comprising: a storage device storing an application program
`for a secure communications service; and
`at least one processor configured to execute the application program for the
`secure communications service so as to enable the network device to:
`send a domain name service (DNS) request to look up a network address of a
`second network device based on an identifier associated with the second
`network device;
`receive, following interception of the DNS request and a determination that the
`second network device is available for the secure communications service: (1) an
`indication that the second network device is available for the secure
`communications service, (2) the requested network address of the second
`network device, and (3) provisioning information for an encrypted communication
`link;
`connect to the second network device over the encrypted communication link,
`using the received network address of the second network device and the
`provisioning information for the encrypted communication link; and
`communicate data with the second network device using the secure
`communications service via the encrypted communication link,
`the network device being a device at which a user uses the secure
`communications service to access the encrypted communication link.
`IPR2015-00812, Ex. 1003, claim 1
`
`65 65
`
`
`
`Claims 2-6 of the ’009 Patent
`2. The network device of claim 1, wherein the secure communications service
`includes an audio-video conferencing service, and the at least one processor is
`configured to execute the application program to communicate at least one of
`encrypted video data and audio data with the second network device via the
`encrypted communication link using the secure communications service.
`
`3. The network device of claim 1, wherein the secure communications service
`includes a telephony service.
`
`4. The system of claim 3, wherein the telephony service uses modulation.
`
`5. The network device of claim 4, wherein the modulation is based on one of
`frequency-division multiplexing (FDM), time-division multiplexing (TDM), or code
`division multiple access (CDMA).
`
`6. The network device of claim 1, wherein the network device is a mobile device.
`
`IPR2015-00812, Ex. 1003, claims 2-6
`
`66 66
`
`
`
`Claims 7-10 of the ’009 Patent
`7. The network device of claim 1, wherein the identifier associated with the
`second network device is a domain name.
`
`8. The network device of claim 1, wherein the encrypted communication link is
`part of a virtual private network communication link.
`
`9. The network device of claim 1, wherein the virtual private network
`communication link is based on inserting into each data packet communicated
`over the virtual private network communication link one or more data values that
`vary according to a pseudo-random sequence.
`
`10. The network device of claim 1, wherein the indication that the second
`network device is available for the secure communications service is a function of
`the result of a domain name lookup.
`
`IPR2015-00812, Ex. 1003, claims 7-10
`
`67 67
`
`
`
`Claims 11-13 of the ’009 Patent
`11. The network device of claim 1, wherein the encrypted communication link is
`an end-to-end link extending from the network device to the second network
`device.
`
`12. The network device of claim 1, wherein the interception of the DNS request
`consists of receiving the DNS request to determine that the second network
`device is available for the secure communications service.
`
`13. The network device of claim 1, wherein the interception of the DNS request
`occurs at another network device that is separate from the network device.
`
`IPR2015-00812, Ex. 1003, claims 11-13
`
`68 68
`
`
`
`Claim 14 of the ’009 Patent
`14. A method executed by a first network device for communicating with a
`second network device, the method comprising:sending a domain name service
`(DNS) request to look up a network address of a second network device based
`on an identifier associated with the second network device;
`receiving, following interception of the DNS request and a determination that the
`second network device is available for a secure communications service: (1) an
`indication that the second network device is available for the secure
`communications service, (2) the requested network address of the second
`network device, and (3) provisioning information for an encrypted communication
`link;
`connecting to the second network device over the encrypted communication link,
`using the received network address of the second network device and the
`provisioning information for the encrypted communication link; and
`communicating data with the second network device using the secure
`communications service via the encrypted communication link,
`the first network device being a device at which a user uses the secure
`communications service to access the encrypted communication link.
`
`IPR2015-00812, Ex. 1003, claim 14
`
`69 69
`
`
`
`Claims 15-19 of the ’009 Patent
`15. The method of claim 14, wherein the secure communications service
`includes a video conferencing service, and communicating includes
`communicating at least one of encrypted video data and audio data with the
`second network device via the encrypted communication link using the secure
`communications service.
`
`16. The method of claim 14, wherein the secure communications service
`includes a telephony service.
`
`17. The method of claim 14, wherein the telephony service uses modulation.
`
`18. The method of claim 17, wherein the modulation is based on one of
`frequency-division multiplexing (FDM), time-division multiplexing (TDM), or code
`division multiple access (CDMA).
`
`19. The method of claim 14, wherein the network device is a mobile device.
`
`IPR2015-00812, Ex. 1003, claims 15-19
`
`70 70
`
`
`
`Claims 20-23 of the ’009 Patent
`20. The method of claim 14, wherein the identifier associated with the second
`network device is a domain name.
`
`21. The method of claim 14, wherein the encrypted communication link is part of
`a virtual private network communication link, and communicating with the second
`network device using the secure communications service includes inserting into
`data packets communicated over the virtual private network communication link
`one or more data values that vary according to a pseudo-random sequence.
`
`22. The method of claim 14, wherein the indication that the second network
`device is available for a secure communications service is a function of a domain
`name lookup.
`
`23. The method of claim 14, wherein the encrypted communication link is an end-
`to-end link extending from the first network device to the second network device.
`
`IPR2015-00812, Ex. 1003, claims 20-23
`
`71 71
`
`
`
`Claims 24-25 of the ’009 Patent
`24. The method of claim 14, wherein the intercepting the DNS request consists of
`receiving the DNS request to determine that the second network device is
`available for the secure communications service.
`
`25. The method of claim 14, wherein the intercepting the DNS request occurs at
`another network device that is separate from the first network device.
`
`IPR2015-00812, Ex. 1003, claims 24-25
`
`72 72
`
`
`
`
`
`Case No. IPR2015-00810
`Patent No. 8,868,705
`
`CERTIFICATE OF SERVICE
`
`I hereby certify that on this 6th day of June 2016, a copy of the foregoing
`
`Patent Owner’s Demonstrative Exhibits was served electronically, pursuant to
`
`agreement, upon the following:
`
`Counsel for Apple Inc.:
`
`
`
`iprnotices@sidley.com
`Sidley Austin LLP
`1501 K Street NW
`Washington, DC 20005
`
`
`
`
`Respectfully submitted,
`
`By: /Joseph E. Palys/
`Joseph E. Palys
`Reg. No. 46,508
`Counsel for VirnetX Inc.
`
`Dated: June 6, 2016
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
