`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`____________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`____________________
`
`
`
`APPLE INC.
`Petitioner,
`
`v.
`
`VIRNETX, INC. AND SCIENCE APPLICATION INTERNATIONAL
`CORPORATION,
`Patent Owner.
`
`Patent No. 8,560,705
`Issued: October 15, 2013
`Filed: January 3, 2012
`Inventors: Victor Larson, et al.
`Title: SYSTEM AND METHOD EMPLOYING AN AGILE NETWORK
`PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN
`NAMES
`
`____________________
`
`Inter Partes Review No. IPR2015-00871
`__________________________________________________________________
`
`Petition for Inter Partes Review of
`U.S. Patent No. 8,560,705
`
`
`
`
`
`
`
`
`
`
`I.
`
`Table of Contents
`
`Introduction .................................................................................................... 1
`A. Certification the ’0705 Patent May Be Contested by Petitioner ..... 1
`B.
`Fee for Inter Partes Review (§ 42.15(a)) ........................................... 1
`C. Mandatory Notices (37 CFR § 42.8(b)) ............................................. 1
`1.
`Real Party in Interest (§ 42.8(b)(1)) ............................................ 1
`2.
`Other Proceedings (§ 42.8(b)(2)) ................................................ 2
`3.
`Lead and Backup Lead Counsel (§ 42.8(b)(3)) .......................... 2
`4.
`Service Information (§ 42.8(b)(4)) ............................................. 2
`5.
`Proof of Service (§§ 42.6(e) and 42.105(a)) ............................... 2
`
`II.
`
`Identification of Claims Being Challenged (§ 42.104(b)) ........................... 2
`
`B.
`C.
`D.
`E.
`
`III. Relevant Information Concerning the Contested Patent .......................... 3
`A. Overview of the ’0705 Patent ............................................................. 3
`1.
`The ’0705 Patent Specification ................................................... 3
`2.
`Representative Claims ................................................................ 5
`3.
`Relevant Prosecution History ..................................................... 6
`Patent Owner’s Contentions About Related Patents ....................... 6
`Effective Filing Date ............................................................................ 7
`The Person of Ordinary Skill in the Art ........................................... 8
`Claim Construction ............................................................................. 9
`1.
`“interception of a request” .......................................................... 9
`2.
`“domain name” ......................................................................... 10
`3.
`“secure communication link” .................................................... 11
`4.
`“phone” ..................................................................................... 12
`5.
`“secure communications service” ............................................. 13
`6.
`“virtual private network link” ................................................... 14
`7.
`“secure domain name” .............................................................. 15
`8.
`“modulated transmission link” /
`i
`
`
`
`
`
`“unmodulated transmission link” .............................................. 15
`
`B.
`
`c)
`
`IV. Analysis of the Patentability of the ’0705 Patent ...................................... 17
`A.
`Summary of Prior Art to the ’0705 Patent ..................................... 17
`1.
`Overview of Aventail (Ex. 1009), Aventail User’s Guide (Ex.
`1010) and Aventail Extranet Guide (Ex. 1011) ........................ 17
`a)
`Nature of the Aventail Documents ................................. 17
`b)
`Components of the Aventail scheme .............................. 19
`c)
`Incorporation of Aventail Into A Client Computer ........ 21
`d)
`Handling Requests .......................................................... 21
`e)
`Establishing a Secure Connection .................................. 23
`f)
`Using Multiple Proxies ................................................... 25
`g)
`Secure Extranet Explorer ................................................ 26
`Overview of RFC 2401 (Ex. 1008) ........................................... 27
`2.
`Overview of RFC 2543 (Ex. 1013) ........................................... 29
`3.
`Overview of U.S. Patent Number 5,237,566 (Brand) (Ex. 1012)30
`4.
`Aventail (Ex. 1009) in View of RFC 2401 (Ex. 1008) and RFC
`2543 (Ex. 1013) Would Have Rendered Claims 1-23 and 25-30
`Obvious ............................................................................................... 30
`1.
`Aventail Describes or, with RFC 2401 and RFC 2543, Suggests
`Every Element of Independent Claims 1 and 16 ...................... 32
`a)
`Claim 1 Preamble: “a client device” ............................. 33
`b)
`Claim 1: “a memory configured and arranged to facilitate
`a connection of the client device with a target device …”33
`Claim 16 Preamble: a “method executed by a client
`device for communicating with a target device …
`comprising … facilitating a connection with the target
`device” ............................................................................ 34
`“facilitat[e/ing] a connection with the target device over a
`secure communication link” ........................................... 35
`“created based on (i) interception of a request … to look
`up an internet protocol (IP) address . . . based on a
`domain name” ................................................................. 35
`ii
`
`d)
`
`e)
`
`
`
`
`
`g)
`
`h)
`
`2.
`
`
`
`f)
`
`“created based on … (ii) a determination … that… a
`secure communication link can be established” ............. 38
`“allow[ing] participation in audio/video communications
`… over the secure communication link” ........................ 41
`Claim 1: “a signal processing configuration arranged to
`execute the application program” ................................... 42
`The Distinctions Between the Claimed Methods and Systems
`Would Have Been Obvious Based on Aventail in View of RFC
`2401 and RFC 2543 .................................................................. 43
`a)
`End-To-End Encryption ................................................. 43
`b)
`Participation in Audio and Video Communications ....... 47
`Claims 2, 13, 14, 17, 28, and 29 Would Have Been Obvious .. 49
`3.
`Claims 3, 15, 18, and 30 Would Have Been Obvious .............. 49
`4.
`Claims 4 and 20 Would Have Been Obvious ........................... 50
`5.
`Claims 5 and 19 Would Have Been Obvious ........................... 51
`6.
`Claims 6 and 21 Would Have Been Obvious ........................... 51
`7.
`Claims 7 and 22 Would Have Been Obvious ........................... 52
`8.
`Claim 8 Would Have Been Obvious ......................................... 55
`9.
`10. Claims 9 and 23 Would Have Been Obvious ........................... 56
`11. Claims 10, 11, 25, and 26 Would Have Been Obvious ............ 56
`12. Claims 12 and 27 Would Have Been Obvious ......................... 57
`C. Aventail in View of RFC 2401 and RFC 2543 in Further View of
`Brand (Ex. 1012) Would Have Rendered Claim 24 Obvious ........ 58
`D. No Secondary Considerations Exist ................................................ 59
`
`V. Conclusion .................................................................................................... 60
`
`
`
`iii
`
`
`
`Petition in IPR2015-00871
`
`I.
`
` Introduction
`A. Certification the ’0705 Patent May Be Contested by Petitioner
`Petitioner certifies that U.S. Patent No. 8,560,705 (Ex. 1050) (the ’0705
`
`patent) is available for inter partes review. Petitioner also certifies it is not barred
`
`or estopped from requesting inter partes review of the claims of the ’0705 patent.
`
`Neither Petitioner, nor any party in privity with Petitioner, has filed a civil action
`
`challenging the validity of any claim of the ’0705 patent. The ’0705 patent has not
`
`been the subject of a prior inter partes review by Petitioner or a privy of Petitioner.
`
`Petitioner also certifies this petition for inter partes review is timely filed as
`
`it has never been asserted against Petitioner in litigation. Thus, because there is no
`
`patent owner’s action, this petition complies with 35 U.S.C. § 315(b). Petitioner
`
`also notes that the timing provisions of 35 U.S.C. § 311(c) and 37 C.F.R.
`
`§ 42.102(a) do not apply to the ’0705 patent, as it pre-dates the first-to-file system.
`
`See Pub. L. 112-274 § 1(n), 126 Stat. 2456 (Jan. 14, 2013).
`
`Fee for Inter Partes Review (§ 42.15(a))
`
`B.
`The Director is authorized to charge the fee specified by 37 CFR § 42.15(a)
`
`to Deposit Account No. 50-1597.
`
`C. Mandatory Notices (37 CFR § 42.8(b))
`1.
`Real Party in Interest (§ 42.8(b)(1))
`The real party in interest of this petition pursuant to § 42.8(b)(1) is Apple
`
`Inc. (“Apple”) located at One Infinite Loop, Cupertino, CA 95014.
`
`1
`
`
`
`Petition in IPR2015-00871
`
`2. Other Proceedings (§ 42.8(b)(2))
`IPR2015-00870 filed concurrently also involves the ’0705 patent. Each
`
`petition advances unique grounds and is based on different primary references.
`
`Each petition presents a unique correlation of the claims to the prior art, and
`
`warrants independent institution of trial. Petitioner respectfully requests the Board
`
`institute each petition, as each presents distinct and non-redundant grounds.
`
`Lead and Backup Lead Counsel (§ 42.8(b)(3))
`
`3.
`Lead Counsel is: Jeffrey P. Kushan (Reg. No. 43,401), jkushan@sidley.com,
`
`(202) 736-8914. Back-Up Lead Counsel are: Scott Border (pro hac to be
`
`requested), sborder@sidley.com, (202) 736-8818; and Thomas A. Broughan III
`
`(Reg. No. 66,001), tbroughan@sidley.com, (202) 736-8314.
`
`Service Information (§ 42.8(b)(4))
`
`4.
`Service on Petitioner may be made by e-mail (iprnotices@sidley.com), mail
`
`or hand delivery to: Sidley Austin LLP, 1501 K Street, N.W., Washington, D.C.
`
`20005. The fax number for lead and backup lead counsel is (202) 736-8711.
`
`Proof of Service (§§ 42.6(e) and 42.105(a))
`
`5.
`Proof of service of this petition is provided in Attachment A.
`
`II.
`
`Identification of Claims Being Challenged (§ 42.104(b))
`
`Claims 1-30 of the ’0705 patent are unpatentable as obvious under 35 U.S.C.
`
`§ 103. Specifically: (i) claims 1-23 and 25-30 would have been obvious based on
`
`Aventail Connect v3.01/v2.51 Administrator’s Guide (“Aventail”) (Ex. 1009) in
`
`
`
`2
`
`
`
`Petition in IPR2015-00871
`
`view of RFC 2401, “Security Architecture for the Internet Protocol” (“RFC 2401”)
`
`(Ex. 1008) and RFC 2543 “SIP: Session Initiation Protocol” (“RFC 2543”) (Ex.
`
`1013); and (ii) claim 24 is obvious based on Aventail in view of RFC 2401 and
`
`RFC 2543 in further view of U.S. Patent No. 5,237,566 (Brand) (Ex. 1012).
`
`Attachment B lists the evidence relied upon in support of this petition.
`
`III. Relevant Information Concerning the Contested Patent
`A. Overview of the ’0705 Patent
`1.
`The ’0705 Patent Specification
`The ’0705 patent is a member of a family of patents issued to Larson et al.,
`
`including, inter alia, U.S. Patent Nos. 6,502,135 (“ ’135 patent”), 7,188,180
`
`(“ ’180 patent”), 7,418,504 (“ ’504 patent”), 7,490,151 (“ ’151 patent”), 7,921,211
`
`(“ ’211 patent”), 7,987,274 (“ ’274 patent”), 8,051,181 (“ ’181 patent”), 8,504,697
`
`(“ ’697 patent”), 8,868,705 (“ ’8705 patent”), 8,850,009 (“’009 patent”), 8,516,131
`
`(“ ’131 patent”), and 8,458,341 (“ ’341 patent).1
`
`The ’0705 patent disclosure, like other members of this patent family, is
`
`largely focused on techniques for securely communicating over the Internet based
`
`on a protocol called the “Tunneled Agile Routing Protocol” or “TARP.” Ex. 1050
`
`at 3:16-19. According to the ’0705 specification, TARP allows for secure and
`
`
`1
`
`IPR2015-00866, -00867, -00868, and -00869 filed concurrently involve the
`
`’341 and ’131 patents.
`
`
`
`3
`
`
`
`Petition in IPR2015-00871
`
`anonymous communications by using tunneling, an IP address hopping scheme
`
`where the IP addresses of the end devices and routers participating in the system
`
`can change over time, and a variety of other security techniques. Ex. 1050 at 3:35-
`
`37, 3:16-6:9. Two short sections of the ’0705 specification – spanning primarily
`
`columns 39 to 41 and 49 to 53 – are directed to a different concept, namely,
`
`techniques for establishing secure communications in response to DNS requests
`
`specifying a secure destination. See Ex. 1050 at 39:4-41:59, 49:5-53:13. This
`
`material was added in a continuation-in-part application filed in February 2000. In
`
`proceedings involving related patents, Patent Owner has asserted that these short
`
`passages provide written description support for claim terms involving domain
`
`names, DNS requests, requests to look up IP addresses, and DNS servers.
`
`These portions of the ’0705 specification describe a “conventional DNS
`
`server” that purportedly is modified to include additional functionality that allows
`
`it to support the creation of virtual private networks. See Ex. 1050 at 39:63-40:25.
`
`According to the ’0705 specification, the “modified DNS server” (id. at 39:67-
`
`40:1) receives a request to look up a network address associated with a domain
`
`name, determines whether a secure site has been requested (e.g., by checking an
`
`internal table of sites), and then performs additional steps to support establishing a
`
`“virtual private network” with the secure site. See Ex. 1050 at 39:1-6, 39:46-62,
`
`40:6-25, 40:65-41:15, 51:38-44. This process can include conventional devices
`
`
`
`4
`
`
`
`Petition in IPR2015-00871
`
`such as personal computers running web browsers, proxy servers, intermediate
`
`routers, and web servers. Ex. 1050 at 39:63-40:5, 49:19-29, 52:31-35.
`
`The ’0705 specification describes several optional features of this system,
`
`such as using “IP hopblocks” to create a VPN or incorporating user authentication.
`
`Ex. 1050 at 39:52-56, 39:61-62, 41:8-15, 51:52-65. It also describes several
`
`optional configurations of the “modified DNS server,” including a standalone DNS
`
`server and a system incorporating a DNS server, a DNS proxy server, and a
`
`gatekeeper. Ex. 1050 at 40:49-63.
`
`Representative Claims
`
`2.
`Independent claims 1 and 16 of the ’0705 patent define a client device and a
`
`method, respectively, but recite the same operative steps. See Ex. 1050 at 56:12-
`
`25, 57:4-25. Claim 16 is representative, specifying a method executed by a client
`
`device for communicating with a target device, the method comprising: (a)
`
`facilitating a connection with the target device over a secure communication link
`
`created based on (i) interception of a request, generated by the client device, to
`
`look up an internet protocol (IP) address of the target device based on a domain
`
`name associated with the target device, and (ii) a determination as a result of the
`
`request that the target device is a device with which a secure communication link
`
`can be established; and (b) Allowing participation in audio/video communications
`
`with the target device over the secure communication link once the secure
`
`
`
`5
`
`
`
`Petition in IPR2015-00871
`
`communication link is established.
`
`Relevant Prosecution History
`
`3.
`During prosecution, Patent Owner argued against a rejection that relied on
`
`Aventail by arguing that it was not prior art and failed to disclose the claimed
`
`determination or participating features. Ex. 1005 at ¶ 63. As shown below,
`
`Aventail is prior art, see § IV.A.1.a), and renders the claimed determination and
`
`participating features obvious, see § IV.B.1.f)-g).
`
`Patent Owner’s Contentions About Related Patents
`
`B.
`Patent Owner has asserted varying sets of claims of its patents in this family
`
`against Petitioner and other entities in numerous lawsuits. In August of 2010,
`
`Patent Owner sued Petitioner and five other entities (the “2010 Litigation”)
`
`asserting claims from the ’135, ’151, ’504, and ’211 patents. In November 2011,
`
`Patent Owner filed a lawsuit accusing Petitioner of infringing claims of the ’181
`
`patent. In December 2012, Patent Owner served a new complaint on Petitioner
`
`asserting infringement of numerous claims of the ’135, ’151, ’504, and ’211
`
`patents (the “2012 Litigation”). In August 2013, Patent Owner served an amended
`
`complaint adding the ’697 patent to the 2012 Litigation. Patent Owner also
`
`asserted patents from this family against Microsoft and others in separate lawsuits
`
`filed in February 2007, March 2010, and April 2013, and against numerous other
`
`defendants in actions filed in 2010 and 2011.
`
`
`
`6
`
`
`
`Petition in IPR2015-00871
`
`C. Effective Filing Date
`The ’0705 patent issued from U.S. Appl. No. 13/342,795 (“the ’795
`
`application”). The ’795 application claims the benefit as a continuation of the
`
`following applications: 13/049,552 (issued as U.S. Patent No. 8,572,247);
`
`11/840,560 (issued as the ’211 patent); 10/714,849 (issued as the ’504 patent); and
`
`09/558,210, filed April 26, 2000, and now abandoned. It also is designated a
`
`continuation-in-part of 09/504,783, filed on February 15, 2000 (“the ’783
`
`application”), which is a continuation-in-part of 09/429,643, filed on October 29,
`
`1999. The ’210, ’783 and ’643 applications also claim priority to 60/106,261, filed
`
`October 30, 1998 and 60/137,704, filed June 7, 1998.
`
`Claims 1 and 16 of the ’0705 patent are independent claims. Claims 2-15
`
`depend directly or indirectly from claim 1, and claims 17-30 depend directly from
`
`claim 16. Claims 2-15 and 17-30 cannot enjoy an effective filing date earlier than
`
`that of claims 1 and 16, respectively, from which they depend.
`
`Claims 1 and 16 of the ’0705 patent rely on information found only in the
`
`’783 application. For example, claim 1 of the ’0705 patent specifies a client device
`
`comprising a memory configured to facilitate intercepting a request “to look up an
`
`internet protocol (IP) address . . . based on a domain name” (emphasis added).
`
`Claim 16 specifies a method executed by a client device comprising facilitating a
`
`connection based on intercepting a request “to look up an internet protocol (IP)
`
`
`
`7
`
`
`
`Petition in IPR2015-00871
`
`address . . . based on a domain name” (emphasis added). No application filed
`
`prior to the ’783 application mentions the term “domain name” much less provide
`
`a written description of devices or methods corresponding to the ’0705 patent
`
`claims. In proceedings involving the related ’135, ’504, ’151, ’211, ’274 and ’697
`
`patents, Patent Owner has not disputed that claims reciting a “domain name” are
`
`not entitled to an effective filing date prior to February 15, 2000. See, e.g., Patent
`
`Owner Preliminary Oppositions in IPR2013-00348, -00349, -00354, -00375 to -
`
`00378, -00393, -00394, -00397, and -00398, as well as IPR2014-00237, -00238, -
`
`00403, -00404, and -00610; see also Inter Partes Reexamination Nos. 95/001,682,
`
`95/001,679, 95/001,697, 95/001,714, 95/001,788, and 95/001,789. The effective
`
`filing date of the ’0705 patent claims is thus no earlier than February 15, 2000.
`
`D. The Person of Ordinary Skill in the Art
`A person of ordinary skill in the art in the field of the ’0705 patent would
`
`have been someone with a good working knowledge of networking protocols,
`
`including those employing security techniques, as well as computer systems that
`
`support these protocols and techniques. The person also would be very familiar
`
`with Internet standards related to communications and security, and with a variety
`
`of client-server systems and technologies. The person would have gained this
`
`knowledge either through education and training, several years of practical
`
`working experience, or through a combination of these. Ex. 1005 ¶ 148.
`
`
`
`8
`
`
`
`Petition in IPR2015-00871
`
`E. Claim Construction
`In this proceeding, claims must be given their broadest reasonable
`
`construction in light of the specification. 37 CFR § 42.100(b). The ’0705 patent
`
`shares a common disclosure and uses several of the same terms as the ’697, ’274,
`
`’180, ’151, ’504, and ’211 patents with respect to which Patent Owner has
`
`advanced constructions. Also, if Patent Owner contends terms in the claims should
`
`be read as having a special meaning, those contentions should be disregarded
`
`unless Patent Owner also amends the claims compliant with 35 U.S.C. § 112 to
`
`make them expressly correspond to those contentions. See 77 Fed. Reg. 48764 at
`
`II.B.6 (August 14, 2012); cf. In re Youman, 679 F.3d 1335, 1343 (Fed. Cir. 2012).
`
`In the constructions below, Petitioner identifies representative subject matter
`
`within the scope of the claims, read with their broadest reasonable interpretation.
`
`Petitioner expressly reserves its right to advance different constructions in any
`
`district court litigation, which employs a different claim construction standard.
`
`1.
`“interception of a request”
`Each independent claim requires “interception of a request.” In a related
`
`proceeding involving the ’697 patent, the Board interpreted the phrase
`
`“intercepting . . . a request” as including “receiving a request pertaining to a first
`
`entity at another entity.” IPR2014-00237, Paper 15 at 13 (May 14, 2014). The
`
`Board further explained that “intercepting” a request involves “receiving and
`
`
`
`9
`
`
`
`Petition in IPR2015-00871
`
`acting on” a request, the request being “intended for” receipt at a destination other
`
`than the destination at which the request is intercepted. Id. at 12. The Board’s
`
`construction is consistent with the ’0705 patent specification. Ex. 1005 at ¶ 122.
`
`The ’0705 patent does not expressly define “interception” of a request, but
`
`uses the term “intercepting” as meaning receiving a request at a device other than
`
`the device specified in the request. Ex. 1005 at ¶ 123. For example, the
`
`specification explains that a DNS proxy 2610 “intercepts” all DNS lookup
`
`functions to examine whether access to a secure site has been requested. Ex. 1050
`
`at 40:6-13, Figs. 26 & 27. The specification also shows the requests are routed to
`
`the DNS proxy instead of a DNS server 2609, which ordinarily would receive and
`
`resolve the domain name in the request. Id. at 39:7-9. Because the DNS proxy and
`
`DNS server are described as separate entities, the ’0705 patent uses the term
`
`“intercept” as meaning receipt of a message by a proxy server instead of the
`
`intended destination. Accordingly, the broadest reasonable interpretation of the
`
`term “interception of a request” includes “receiving a request pertaining to a first
`
`entity at another entity.” Ex. 1005 at ¶ 124.
`
`2.
`“domain name”
`Each independent claim recites the term “domain name.” The ’0705 patent
`
`does not define “domain name.” A “domain name” would be understood by a
`
`person of ordinary skill to be a hierarchical sequence of words in decreasing order
`
`
`
`10
`
`
`
`Petition in IPR2015-00871
`
`of specificity that corresponds to a numerical IP address. Ex. 1005 at ¶ 125. A
`
`more general description of “domain name” has been advanced by Patent Owner in
`
`other proceedings; namely, “a name corresponding to an IP address.” See, e.g., Ex.
`
`1042 at 14-15. Both definitions are reasonable; thus the broadest reasonable
`
`interpretation of “domain name” is “a name corresponding to an IP address.” Ex.
`
`1005 at ¶ 125.
`
`3.
`“secure communication link”
`Each independent claim recites the term “secure communication link.” The
`
`’0705 patent does not define “secure communication link.” In IPR2014-00237
`
`involving the related ’697 patent, the Board interpreted the term “secure
`
`communications link” as “a transmission path that restricts access to data,
`
`addresses, or other information on the path, generally using obfuscation methods to
`
`hide information on the path, including, but not limited to, one or more of
`
`authentication, encryption, or address hopping.” Paper 15 at 10 (May 14, 2014).
`
`This interpretation is supported by Patent Owner’s own expert, who admitted that
`
`techniques such as “[a]ddress hopping may hide who is talking to whom” and
`
`“provide[] some amount of security,” and that the specification had at best
`
`“opposing views” as to what secure communications means. Deposition of Fabien
`
`Newman Monrose, PhD., IPR2014-00237, Exhibit 1083 at 113:16-114:12, 74:12-
`
`14 (Ex. 1055) (October 23, 2014); but see VirnetX, Inc. v. Cisco Systems, Inc., 767
`
`
`
`11
`
`
`
`Petition in IPR2015-00871
`
`F.3d 1308, 1319 (Fed. Cir. 2014) (construing “secure communication link” as
`
`recited in the ’504 and ’211 patents to require data security and anonymity).
`
`The Board’s prior interpretation is consistent with the ’0705 patent
`
`specification, which uses the phrase “secure communications link” in a manner
`
`that suggests that a “secure communication link” is one that permits computers to
`
`privately communicate with each other over a public network – a communication
`
`link would be “secure” if it protects the anonymity of the computers involved in
`
`the communications. See, e.g., Ex. 1050 at 39:24-33; Ex. 1005 at ¶ 127. The
`
`broadest reasonable interpretation of “secure communication link” in the context of
`
`the ’0705 claims is “a transmission path that restricts access to data, addresses,
`
`or other information on the path, generally using obfuscation methods to hide
`
`information on the path, including, but not limited to, one or more of
`
`authentication, encryption, or address hopping.” Ex. 1005 at ¶ 128.
`
`4.
`“phone”
`Dependent claims 3, 15, 18, and 30 recite the term “phone.” The ’0705
`
`patent does not define or use the term “phone” but states that “telephony” is an
`
`example of an “application program[]” that may be executed on a “computer
`
`node[].” Ex. 1050 at 21:23-30. “Phone” in the context of the ’0705 patent
`
`disclosure therefore encompasses a device or component that can provide
`
`telephony functionality. This is consistent with the ordinary meaning of “phone.”
`
`
`
`12
`
`
`
`Petition in IPR2015-00871
`
`Ex. 1005 at ¶ 129. The broadest reasonable interpretation of “phone” is therefore
`
`“a device or component that can provide telephony functionality.” Ex. 1005 at
`
`¶ 130.
`
`5.
`“secure communications service”
`Dependent claims 5 and 19 recite the term “secure communications
`
`service.” The ’0705 patent does not expressly define this term. In IPR2014-00237
`
`involving the related ’697 patent, the Board interpreted the term “secure
`
`communications service” as “the functional configuration of a network device that
`
`enables it to participate in a secure communication link with another network
`
`device.” Paper 15 at 10 (May 14, 2014). The Board’s prior interpretation is
`
`consistent with the ’0705 patent specification, which uses the phrase “secure
`
`communications service” in a manner that indicates the term simply refers to the
`
`capacity of two computers to participate in a secure communications link. Ex.
`
`1005 at ¶ 133. For example, the ’0705 patent explains that the system
`
`“automatically sets up a virtual private network” when a request is received “for
`
`which secure communication services are defined.” Ex. 1050 at 39:46-51.
`
`Therefore, the broadest reasonable construction of the term “secure
`
`communications service” should encompass “the functional configuration of a
`
`network device that enables it to participate in a secure communications link
`
`with another computer or device.” Ex. 1005 at ¶ 134.
`
`
`
`13
`
`
`
`Petition in IPR2015-00871
`
`6.
` “virtual private network link”
`Dependent claims 6 and 21 require “a virtual private network link.” The
`
`’0705 patent does not provide an explicit definition for “virtual private network
`
`communication link.” In IPR2014-00481 involving the related ’180 patent, the
`
`Board interpreted “virtual private network communication link” to mean “a
`
`transmission path between two devices that restricts access to data, addresses, or
`
`other information on the path, generally using obfuscation methods to hide
`
`information on the path, including, but not limited to, one or more of
`
`authentication, encryption, or address hopping.” Paper 11 at 6-7 (Sept. 3, 2014).
`
`The Board also read the ’180 patent as employing various levels of security in a
`
`VPN that do not require encryption, such as authentication, or information or
`
`address hopping. Id. at 7.
`
`This is consistent with the ’0705 specification, which explains that “software
`
`module 3309 accesses secure server 3320 through VPN communication link 3321”
`
`and the communication link 3321 is shown as only the portion of the path between
`
`computer 3301 and server 3320 that is over network 3302. Ex. 1050 at 52:66-67,
`
`Fig. 33; Ex. 1005 at ¶ 137. The ’0705 patent uses the terms “VPN communication
`
`link” and “VPN link” interchangeably. See, e.g., Ex. 1003 at 51:66-52:10.
`
`Accordingly, the broadest reasonable interpretation of “virtual private network
`
`link” is “a transmission path between two devices that restricts access to data,
`
`
`
`14
`
`
`
`Petition in IPR2015-00871
`
`addresses, or other information on the path, generally using obfuscation
`
`methods to hide information on the path, including, but not limited to, one or
`
`more of authentication, encryption, or address hopping.” Ex. 1005 at ¶ 138.
`
`7.
`“secure domain name”
`Dependent claims 7 and 22 recite the term “secure domain name,” and
`
`specify a “secure domain name” is a type of “domain name.” In a related
`
`proceeding involving the ’180 patent, the Board found “a ‘secure domain name’ is
`
`a name that corresponds to a secure computer network address.” IPR2015-00481,
`
`Paper 11 at 8 (Sept. 3, 2014). This is consistent with the ’0705 patent disclosure.
`
`For example, the specification describes a “secure domain name” as a
`
`domain name that corresponds to the secure network address of a secure server
`
`3320. See Ex. 1050 at 51:15-51. The ’0705 patent also describes evaluating
`
`domain names in DNS requests to determine whether access to a secure site has
`
`been requested. Id. at 40:6-13. The disclosure also explains that “[e]ach secure
`
`computer network address is based on a non-standard top-level domain name, such
`
`as .scom, .sorg, .snet, .sedu, .smil and .sint.” Id. at 7:39-42. Accordingly, the
`
`broadest reasonable interpretation of “secure domain name” would be “a name
`
`that corresponds to a secure computer network address.” Ex. 1005 at ¶ 141.
`
`8.
`
`“modulated transmission link” /
`“unmodulated transmission link”
`Dependent claim 24 recites the term “unmodulated transmission link.”
`
`
`
`15
`
`
`
`Petition in IPR2015-00871
`
`Dependent claims 10 and 25 recite the term “modulated transmission link.”
`
`Neither term is defined in the ’0705 patent. In IPR2014-00237 involving the
`
`related ’697 patent, the Board interpreted “modulation” to include “the process of
`
`encoding data for transmission.” Paper 15 at 14 (May 14, 2014). This is
`
`consistent with the ’0705 patent and the understanding of a person of ordinary skill
`
`in the art. Ex. 1005 at ¶¶ 92-94, 144. For example, the specification explains that
`
`transmission paths may comprise “logically separate paths contained within a
`
`broadband communication medium (e.g., separate channels in an FDM, TDM,
`
`CDMA, or other type of modulated or unmodulated transmission link).” Ex. 1050
`
`at 34:53-59.
`
`A person of skill would understand “unmodulated” and “modulated” to refer
`
`to whether data is encoded for transmission over a physical medium by varying or
`
`“modulating” a carrier signal. Ex. 1005 at ¶ 145. Any data transmitted via a
`
`modem (i.e., a “modulator-demodulator” device) is modulated. Id. Similarly, any
`
`data transmitted via a cellular network is modulated. Id. Conversely, any data
`
`transmitted via a baseband network is unmodulated. Id. Therefore, the broadest
`
`reasonable interpretation of “modulated transmission link” is “a communication
`
`medium for transmitting data that is encoded by varying a carrier signal.”
`
`Ex. 1005 at ¶ 146. The broadest reasonable interpretation of “unmodulated
`
`transmission link” is “a communication medium for transmitting data that is not
`
`
`
`16
`
`
`
`Petition in IPR2015-00871
`
`encoded by varying a carrier signal.” Id.
`
`IV.
`
` Analysis of the Patentability of the ’0705 Patent
`
`The ’0705 patent has two independent claims (claims 1 and 16), each of
`
`which specifies the same operative steps. See § III.A.2. Claim 16 is
`
`representative, and defines a client device executed process for facilitating a
`
`connection with a target device over a secure communication link based on
`
`int