Trials@uspto.gov
`571-272-7822
`
`
`Paper No. 9
`
` Entered: January 28, 2016
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`SOPHOS, INC.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2015-01022
`Patent 8,677,494 B2
`____________
`
`
`
`Before JAMES B. ARPIN, ZHENYU YANG, and
`CHARLES J. BOUDREAU, Administrative Patent Judges.
`
`BOUDREAU, Administrative Patent Judge.
`
`DECISION
`Denying Request for Rehearing
`37 C.F.R. § 42.71(d)
`
`
`
`
`
`571-272-7822
`
`
`Paper No. 9
`
` Entered: January 28, 2016
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`SOPHOS, INC.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2015-01022
`Patent 8,677,494 B2
`____________
`
`
`
`Before JAMES B. ARPIN, ZHENYU YANG, and
`CHARLES J. BOUDREAU, Administrative Patent Judges.
`
`BOUDREAU, Administrative Patent Judge.
`
`DECISION
`Denying Request for Rehearing
`37 C.F.R. § 42.71(d)
`
`
`
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`
`I. INTRODUCTION
`Sophos, Inc. (“Petitioner”) filed a Petition (Paper 1, “Pet.”) requesting
`inter partes review of claims 1, 10, 14, and 18 of U.S. Patent No.
`8,677,494 B2 (Ex. 1001, “the ’494 patent”). Finjan, Inc. (Patent Owner”)
`filed a Preliminary Response. Paper 6 (“Prelim. Resp.”). Pursuant to
`35 U.S.C. § 314, we denied institution of inter partes review. Paper 7
`(“Dec.”). Pursuant to 37 C.F.R. § 42.71(d), Petitioner filed a Request for
`Rehearing (Paper 8, “Reh’g Req.”), seeking reconsideration of our Decision
`Denying Institution with respect to two of the four grounds asserted in the
`Petition. For the reasons set forth below, Petitioner’s Request for Rehearing
`is denied.
`
`II. BACKGROUND
`Petitioner challenged the patentability of claims 1, 10, 14, and 18 of
`the ’494 patent on the following four grounds:
`
`#
`
`References
`
`1 TBAV1 and Ji2
`
`2 TBAV, Ji, and Chen3
`
`3 Arnold4, Chen, and Ji
`
`4 Chen, Arnold, and Ji
`
`Basis
`
`§ 103(a)
`
`§ 103(a)
`
`Claim(s)
`Challenged
`1, 10, 18
`
`14
`
`§ 103(a)
`
`1, 10, 14, 18
`
`§ 103(a)
`
`1, 10, 14, 18
`
`
`Pet. 4. In our Decision Denying Institution, we concluded that the Petition
`did not establish a reasonable likelihood that Petitioner would prevail in
`
`
`1 ThunderBYTE Anti-Virus Utilities User Manual (Ex. 1006)
`2 U.S. Patent No. 5,623,600 (Ex. 1009)
`3 U.S. Patent No. 5,951,698 (Ex. 1010)
`4 U.S. Patent No. 5,440,723 (Ex. 1008)
`
`
`
`2
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`challenging the patentability of any of the challenged claims on the asserted
`grounds, and we, accordingly, denied Petitioner’s request to institute inter
`partes review. Dec. 11–25. In its Request for Rehearing, Petitioner seeks
`reconsideration of our Decision Denying Institution with respect to the first
`two of the asserted grounds set forth above, namely, obviousness of claims
`1, 10, and 18 of the ’494 patent over TBAV and Ji, and obviousness of claim
`14 of the ’494 patent over TBAV, Ji, and Chen. Req. Reh’g 1.
`III. DISCUSSION
`1. Standard for Reconsideration
`
`Under 37 C.F.R. § 42.71(d),
`
`A party dissatisfied with a decision may file a request for
`rehearing, without prior authorization from the Board. The
`burden of showing a decision should be modified lies with the
`party challenging the decision. The request must specifically
`identify all matters the party believes the Board misapprehended
`or overlooked, and the place where each matter was previously
`addressed in a motion, an opposition, or a reply.
`
`(emphasis added). When reconsidering a decision on institution, the Board
`reviews the decision for an abuse of discretion. 37 C.F.R. § 42.71(c). An
`abuse of discretion occurs when a “decision [i]s based on an erroneous
`conclusion of law or clearly erroneous factual findings, or . . . a clear error of
`judgment.” PPG Indus. Inc. v. Celanese Polymer Specialties Co., 840 F.2d
`1565, 1567 (Fed. Cir. 1988). A request for rehearing is not an opportunity
`merely to disagree with the panel’s assessment of the arguments or weighing
`of the evidence, or to present new arguments or evidence. It is not an abuse
`of discretion to have performed an analysis or reached a conclusion with
`
`
`
`3
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`which Petitioner disagrees, and mere disagreement with the Board’s analysis
`or conclusion is not a proper basis for rehearing.
`2. Overview
`Petitioner asserts two bases for its Request for Rehearing. First,
`Petitioner argues, “the Board abused its discretion by finding that the
`Petition failed to establish that TBAV discloses deriving a ‘list of suspicious
`computer operations’ through its identification in TBAV of suspicious
`instructions that perform suspicious operations.” Reh’g Req. 1. Second,
`Petitioner argues, the Board’s “construction of ‘database’ . . . is legal error
`because it is not the broadest reasonable construction,” and “[u]nder the
`correct broadest reasonable construction, TBAV discloses the storage of
`security profile data in a ‘database.’” Id. at 1–2. For the reasons set forth
`below, we are not persuaded by Petitioner’s arguments.
`3. “List of Suspicious Computer Operations”
`Each of claims 1 and 10, the two independent claims among the
`challenged claims, recites, inter alia, “deriving security profile data for [a]
`Downloadable, including a list of suspicious computer operations that may
`be attempted by the Downloadable.” Ex. 1001, 21:21–23, 22:11–13. In our
`Decision Denying Institution, we determined that TBAV discloses
`“detecting suspicious instruction sequences within a file and applying
`heuristic flags to the file,” and that heuristic flags could be termed “security
`profile data for [a] Downloadable.” Dec. 13. We explained, however, that
`“a suspicious computer operation might result from the execution of
`instructions deemed to be potentially hostile,” but that “instructions are not
`operations.” Id. at 8 (emphasis omitted). Petitioner argues in the Request
`for Rehearing that “[t]his is a distinction without a difference, as no
`
`
`
`4
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`operation can take place without execution of instructions, and the
`instructions dictate the operations that take place when the instructions are
`executed.” Reh’g Req. 5. According to Petitioner, “the Board
`misapprehended or overlooked Petitioner’s arguments that establish TBAV’s
`heuristic flags indicate suspicious operations and that TBAV lists heuristic
`flags in a log file.” Id. at 4–5.
`Petitioner’s arguments are not persuasive. Notwithstanding
`Petitioner’s current assertions, Petition argued in the Petition that TBAV’s
`heuristic flags are assigned to suspicious instructions. See, e.g., Pet. 18–19
`(stating that “[TBAV’s] heuristic scanner . . . searches for suspicious
`instruction sequences” and that “[h]euristic flags are assigned to suspicious
`instructions, such as instructions that are common to viruses but uncommon
`to normal programs” (emphases added)). Notably missing from the Petition
`is any argument that TBAV’s heuristic flags derive a list of suspicious
`operations. We cannot have misapprehended or overlooked an argument not
`raised. Although the Petition did use the word “operations” in several
`parenthetical statements paraphrasing TBAV’s descriptions of certain
`heuristic flags, those references also are provided in the context of
`illustrating that the heuristic flags indicate suspicious instructions, and no
`argument is provided that the flags instead indicate operations:
`TBAV discloses that a heuristic flag is a character indicating a
`specific type of suspicious instruction. For example, the flags
`include “# - Decryptor code found” (indicating that the file
`contains instructions that perform self-decryption operations”,
`“A – Suspicious Memory Allocation” (“indicating the program
`contains instructions that perform non-standard memory search
`and/or allocation operations), “B – Back to entry” (indicating
`the program contains instructions that perform endless loop
`operations), . . . among others.
`
`
`
`5
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`Pet. 19 (emphases added) (citations omitted).
`Accordingly, we are not persuaded that Petitioner has shown that we
`misapprehended or overlooked argument or supporting evidence, or both,
`presented in the Petition, such that it amounted to an abuse of discretion.
`4. “Storing the Downloadable Security Profile Data in a Database”
`Each of independent claims 1 and 10 recites, inter alia, “storing the
`Downloadable security profile data in a database.” Ex. 1001, 21:24–25,
`22:15–16. In our Decision Denying Institution, we agreed with Patent
`Owner that the broadest reasonable construction of “database” on the
`existing record and for purposes of our Decision is “a collection of
`interrelated data organized according to a database schema to serve one or
`more applications,” which is also the construction adopted by the district
`court in related litigation between the parties. Dec. 9–10; Finjan, Inc. v.
`Sophos, Inc., No. 14-cv-01197 (N.D. Cal.), Claim Construction Order at 7
`(Ex. 2003, 7); see Power Integrations, Inc. v. Lee, 797 F.3d 1318, 1326–27
`(Fed. Cir. 2015).
`In its Request for Rehearing, Petitioner asserts that “the Board
`misapprehended or overlooked Petitioner’s arguments that establish not only
`why the Board’s construction is too narrow, but also how the log file is a
`database storing Downloadable security profile data.” Reh’g Req. 8.
`According to Petitioner, “[w]hile the ’494 patent may not explicitly define
`‘database,’ it clearly evidences that a ‘database’ is broader than ‘a collection
`of interrelated data organized according to a database schema to serve one or
`more applications.’” Id. at 9. Petitioner points, in particular, to portions of
`the Petition referring to U.S. Provisional Patent Application No. 60/030,639
`(Ex. 1005, “the ’639 application”), one of several applications from which
`
`
`
`6
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`the ’494 patent purports to claim priority (Ex. 1001, [60]), and argues as
`follows:
`
`As shown in the Petition (Petition at 8 and 10–11), the
`’639 application discloses a security database 240 that “stores
`security policies 305 in a first data storage device 230 portion,
`known Downloadables 307 in a second data storage device 230
`portion and Downloadable Security Profiles (DSPs) data
`corresponding to the known Downloadables 310 in a third-data
`storage device 230 portion.” Ex. 1005 at p. 8, ll. 14–19. Storage
`device 230 is described as a device such as a read only memory
`(ROM) or magnetic disk. Ex. 1005 at p. 7, ll. 14–15. The
`intrinsic evidence thus contemplates a database that is simply
`several separate portions of a storage device, each containing
`different types of data. The plain language of the ’639
`application suggests nothing more than arranging the data in the
`database 240 into separate portions of the ROM or magnetic disc,
`and does not require or suggest a database schema or any type of
`organization.
`Reh’g Req. 9–10.
`We disagree. The fact that a database can be stored in ROM or on a
`magnetic disc does not mean that a database is “simply several separate
`portions of a storage device, each containing different types of data.”
`Moreover, despite Petitioner’s assertions, we do not find any such argument
`in the Petition. Pages 8 and 10–11 of the Petition, cited by Petitioner, do not
`advance any argument concerning construction of the term “database,” but
`are instead directed to a discussion of a process taught by the
`’639 application for examining Downloadables, determining whether they
`are hostile (including determining whether they are known, and, if not,
`disassembling them to look for code containing suspect commands), and
`preventing hostile Downloadables from reaching an inner computer network.
`Pet. 8, 10–11. Indeed, apart from a single statement that “[t]he security
`
`
`
`7
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`database 240 in the data storage device 230 stores Downloadable security
`profiles (DSPs)”—regarding the location, rather than the construction, of
`security database 230 of the ’639 patent—the word “database” does not even
`appear on the cited pages of the Petition. The discussion of the construction
`of “database” appears at pages 13–14 of the Petition and states, in its totality,
`the following:
`3. “database” (claims 1 and 10): Under the BRI, this
`limitation should be understood to mean “any structured store of
`data”. The ’639 application does not define “database”, but one
`of ordinary skill in the art would understand the term “database”
`to have this meaning. See, e.g., Ex. 1020, p. 29 (wherein database
`files are given as examples of structured stores of data). This
`construction is consistent with the disclosure in the ’639
`application of a data storage device 230 that stores a security
`database 240. Ex. 1005, p. 7, ll. 16-20; Ex. 1002 ¶64. This
`construction is also consistent with the ’494 patent, which
`teaches “[a]ny suitable explicit or referencing list, database or
`other storage structure(s) or storage structure configuration(s)
`can also be utilized to implement a suitable user/device based
`protection scheme” Ex. 1001, col. 17, ll. 10-14; Ex. 1002 ¶64.
`Pet. 13–14.
`In our Decision Denying Institution, we addressed and disagreed with
`Petitioner’s unreasonably broad interpretation of “database” as “any
`structured store of data.” Dec. 9–10. As we explained, Petitioner cited as
`evidence that one of ordinary skill in the art would understand “database” to
`have that meaning a claim construction order from an unrelated district court
`action, concerning claims of an unrelated patent, which did not construe the
`term “database” at all. Id.; see also Mangosoft, Inc. v. Oracle Corp., No. 02-
`545-SM (D.N.H.), Claim Construction Order at 29 (Ex. 1020, 29)
`(construing the phrase “structured store of data”). Although that claim
`
`
`
`8
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`construction order provided database files “as examples of structured stores
`of data,” as Petitioner contends (Pet. 13), we discern no basis in Petitioner’s
`cited evidence to conclude that all structured stores of data are, therefore,
`databases. Indeed, the cited claim construction order construed “structured
`store of data” as “data that are organized in some recognized fashion (e.g.,
`database files, word processing document files, or Web pages) and stored in
`the volatile and/or non-volatile memory of the various nodes participating in
`the shared memory system.” Ex. 1020, 29. Thus, if we were to adopt
`Petitioner’s interpretation of database as “any structured store of data,” that
`would lead to the conclusion in view of Petitioner’s cited evidence that a
`database is “any [data that are organized in some recognized fashion (e.g.,
`database files, word processing document files, or Web pages) and stored in
`the volatile and/or non-volatile memory of the various nodes participating in
`the shared memory system].” We are not persuaded that “word processing
`document files” and “Web pages” are databases, although they presumably
`may be “organized in some recognized fashion” and “stored in volatile
`and/or non-volatile memory”; nor would it be helpful to interpret database
`circularly as “any . . . database files.”
`Petitioner’s arguments that its proposed construction is consistent with
`the disclosure in the ’639 application and the ’424 patent are also
`unpersuasive. First, the fact that security database 240 of the ’639
`application is stored in data storage device 230 does not broaden the scope
`of the term “database” beyond its ordinary and customary meaning. Second,
`the reference to “database or other storage structure(s)” in the passage of the
`’494 patent cited by Petitioner does not imply that “any structured store of
`data” is a database.
`
`
`
`9
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`
`In its Request for Rehearing, Petitioner contends that “Patent Owner’s
`own evidence provides additional reasonable definitions for ‘database’ that
`are broader than the Board’s construction.” Reh’g Req. 10 (citing Ex. 2002,
`3). According to Petitioner, one such definition, “a collection of data
`fundamental to a system,” is the broadest reasonable definition of
`“database.” Id. Petitioner asserts that, by construing “database” as “a
`collection of interrelated data organized according to a database schema to
`serve one or more applications,” the Board misapprehended or overlooked
`the Petitioner’s evidence as laid out in the Petition. Reh’g Req. 13. As
`explained above, however, we could not have misapprehended or
`overlooked evidence that was not presented in the Petition.
`Having considered Petitioner’s Request for Rehearing in its entirety,
`we remain unpersuaded by the evidence cited in the Petition for Petitioner’s
`assertions that TBAV and the combination of TBAV and Ji teach or suggest
`storing security profile data in a database.
`For the foregoing reasons, Petitioner has not demonstrated that we
`abused our discretion by not instituting inter partes review of claims 1, 10,
`14, and 18 of the ’494 patent.
`
`IV. ORDER
`
`For the reasons given, it is
`ORDERED that Petitioner’s Request for Rehearing is denied.
`
`
`
`10
`
`
`
`IPR2015-01022
`Patent 8,677,494 B2
`
`For PETITIONER:
`
`James Heintz
`Nicholas J. Panno
`DLA PIPER (US) LLP
`Sophos-Finjan-494IPR@dlapiper.com
`
`
`
`For PATENT OWNER:
`
`James Hannah
`Michael H. Lee
`Paul J. Andre
`KRAMER LEVIN NAFTALIS & FRANKEL LLP
`jhannah@kramerlevin.com
`mhlee@kramerlevin.com
`pandre@kramerlevin.com
`
`
`
`
`11
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
