IPR 2015-01754
`Patent No. 6,158,011
`
`
`Petitioner’s Reply
`
`
`Paper No. __
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`____________
`
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`_____________
`
`
`
`CISCO SYSTEMS, INC.,
`Petitioner
`
`v.
`
`SSL SERVICES, LLC
`Patent Owner
`
`
`
`____________________
`
`Case No. IPR2015-01754
`
`U.S. Patent No. 6,158,011
`
`_____________________
`
`
`
`PETITIONER’S REPLY
`
`
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`TABLE OF CONTENTS
`
`PETITIONER’S EXHIBIT LIST ............................................................................. iv 
`
`I. 
`
`II. 
`
`Summary .......................................................................................................... 1 
`
` document is
`SSL’s hindsight argument based on a
`incorrect. .......................................................................................................... 2 
`
`III.  The combination rationales establish that the challenged claims
`are obvious. ...................................................................................................... 5 
`
`A. 
`
`Takahashi’s techniques reduce Alden’s pre-configuration
`burden. ................................................................................................... 6 
`
`1. 
`
`2. 
`
`3. 
`
`Alden’s pre-configuration burden involves a 10-
`step initialization process. ........................................................... 6 
`
`Takahashi’s preparation of TCP port numbers is
`simple. ......................................................................................... 7 
`
`reduces Alden’s pre-configuration
`Takahashi
`burden. ......................................................................................... 8 
`
`Takahashi’s teachings to avoid modifying the network
`protocol stack provide an additional rationale for the
`combination. .......................................................................................... 9 
`
`Takahashi adds flexibility to Alden. ................................................... 12 
`
`SSL’s argument that a POSITA would have adopted
`Takahashi rather than modify Alden is incorrect ................................ 13 
`
`B. 
`
`C. 
`
`D. 
`
`IV.  The prior art combination and the ’011 patent employ well-
`known socket shim technology. ..................................................................... 15 
`
`The ’011 patent admits that Winsock shims were well-
`known. ................................................................................................. 15 
`
`Others used Winsock interceptors before August 1997. ..................... 16 
`
`Cisco’s
`
` design document confirms
`
`that
`
`the
`
`i
`
`A. 
`
`B. 
`
`C. 
`
`
`
`

`
`Petitioner’s Reply
`IPR 2015-01754
`
`Patent No. 6,158,011
`proposed Winsock shim was obvious. ................................................ 18 
`
`D. 
`
`The prior art enables Petitioner’s proposed Winsock
`Shim ..................................................................................................... 19 
`
`V. 
`
`The challenged claims are obvious notwithstanding SSL’s other
`arguments ....................................................................................................... 20 
`
`A. 
`
`Cisco’s proposed combination does not adversely affect
`Alden’s basic principle, nor does it require substantial
`reconstruction. ..................................................................................... 20 
`
`1. 
`
`2. 
`
`3. 
`
`4. 
`
`Alden admits that packet encryption was known. .................... 20 
`
`the same basic
`Alden and Takahashi share
`principle. ................................................................................... 22 
`
`The combination does not remove a security
`benefit. ....................................................................................... 22 
`
`The combination does not require “substantial
`reconstruction.” ......................................................................... 22 
`
`B. 
`
`C. 
`
`Cisco’s combination rationales are supported by the
`evidence. .............................................................................................. 23 
`
`require unreasonable
`The combination does not
`computing resources. ........................................................................... 24 
`
`D.  One license agreement does not show widespread
`adoption of the claimed technology. ................................................... 24 
`
`VI.  All claim elements of the ’011 patent are disclosed in the prior
`art. .................................................................................................................. 25 
`
`A. 
`
`B. 
`
`The prior art teaches a “shim arranged to intercept . . . in
`order to cause the applications level authentication and
`encryption program to . . . generate said session key.” ....................... 25 
`
`Takahashi teaches the same “shim” technology as the
`’011 patent. .......................................................................................... 26 
`
`VII.  Conclusion ..................................................................................................... 29 
`
`
`
`ii
`
`

`
`Petitioner’s Reply
`IPR 2015-01754
`
`Patent No. 6,158,011
`VIII.  Certificate of Word Count ............................................................................. 30 
`
`
`
`
`
`iii
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`PETITIONER’S EXHIBIT LIST
`
`September 20, 2016
`
`1001
`
`1002
`
`1003
`
`1004
`
`1005
`
`1006
`
`1007
`
`U.S. Patent No. 6,158,011 to Chen et al.
`
`Prosecution File History of U.S. Patent No. 6,158,011.
`
`Prosecution File History of U.S. Patent No. 6,061,796.
`
`Declaration of Dr. Michael Caloyannides Under 37 C.F.R.
`§ 1.68.
`Curriculum Vitae of Dr. Michael Caloyannides.
`
`US Patent No. 6,101,543 to Alden et al.
`
`Yasuhiro Takahashi, et al., “Communication Method with Data
`
`Compression and Encryption for Mobile Computing
`
`Environment,” presented at the Sixth Annual Conference of the
`
`Internet Society (INET ’96) (June 1996).
`
`1008
`
`Bob Quinn & Dave Shute, WINDOWS SOCKETS NETWORK
`
`PROGRAMMING (Addison-Wesley Pub. Co. 1998) (selected
`
`pages).
`
`1009
`
`Bruce Schneier, APPLIED CRYPTOGRAPHY (John Wiley & Sons
`
`1994) (selected pages).
`
`
`
`iv
`
`

`
`Petitioner’s Reply
`IPR 2015-01754
`
`Patent No. 6,158,011
`Memorandum Opinion and Order [on Claim Construction], SSL
`1010
`
`Services, LLC v. Citrix Systems, Inc., no. 2-08-cv-158 (E.D. Tex.
`
`Sept. 20, 2011).
`
`1011
`
`Rule 30(b)(6) Deposition of Internet Society, Gregory M. Kapfer,
`
`SSL Services, LLC, v. Citrix Systems, Inc., No. 2:08-cv-158 (E.D.
`
`Tex. Sept. 15, 2011).
`
`1012
`
`Email from Peter Godwin to Erica D. Wilson, Re: INET96 (Aug.
`
`26, 2011).
`
`1013
`
`The Scout Report, Publication of Internet Scout, Computer
`
`Science Dept., Univ. of Wisc. (Jul. 12, 1996), as archived by
`
`Internet Archive on May 3, 1997.
`
`1014
`
`Declaration of Christopher Butler, SSL Services, LLC, v. Citrix
`
`Systems, Inc., No. 2:08-cv-158, Exhibit No. DTX992 (E.D. Tex.
`
`Sept. 8, 2011).
`
`Copyright registration record for Exhibit 1008 (Quinn).
`
`Copyright registration record for Exhibit 1009 (Schneier).
`
`Declaration of Gregory M. Kapfer.
`
`File History of Ex Parte Reexamination Control No. 90/011242.
`
`File History of Ex Parte Reexamination Control No. 90/020048.
`
`v
`
`1015
`
`1016
`
`1017
`
`1018
`
`1019
`
`
`
`

`
`Petitioner’s Reply
`IPR 2015-01754
`
`Patent No. 6,158,011
`1020
`File History of Ex Parte Reexamination Control No. 90/013253.
`
`1021
`
`Exhibits from Rule 30(b)(6) Deposition of Internet Society,
`
`Gregory M. Kapfer, SSL Services, LLC, v. Citrix Systems, Inc.,
`
`No. 2:08-cv-158 (E.D. Tex. Sept. 15, 2011).
`
`1022
`
`1023
`
`Declaration of George Sadowsky.
`
`Email from George Sadowsky to DEVEL-
`
`L@AMERICAN.EDU, Re: French speakers needed to organize,
`
`staff INET ’96 Workshop track (Oct. 18, 1995).
`
`1024
`
`Picture of INET ’96 CD referenced in Sadowsky Declaration.
`
`(Ex. 1022).
`
`1025
`
`Copy of Takahashi from the INET ’96 CD referenced in
`
`Sadowsky Declaration. (Ex. 1022).
`
`1026
`
`1027
`
`Exhibit A referenced in Declaration of Chris Butler (Ex. 1014).
`
`Declaration of Mia Massicotte regarding public availability of the
`
`INET ’96 CD.
`
`1028
`
`Declaration of Edward Almasy regarding publication of the
`
`Scout Report (Ex. 1013).
`
`1029
`
`Declaration of Riva Laughlin with news articles from
`
`LexisNexis.
`
`
`
`vi
`
`

`
`Petitioner’s Reply
`IPR 2015-01754
`
`Patent No. 6,158,011
`1030
`Declaration of Chris Butler (March 21, 2016).
`
`1031
`
`1032
`
`1033
`
`1034
`
`1035
`
`Supplemental Declaration of George Sadowsky. (Not Filed).
`
`Declaration of Christopher Butler (Ex. 1014 and Ex. 1026) as
`
`filed on February 7, 2013, as Exhibit I in Ex Parte Reexamination
`
`Control No. 90/020048. (Not Filed).
`
`Acknowledgments for Access to Protective Order Material.
`
`Deposition of Dr. John A. “Drew” Hamilton, Aug. 16, 2016.
`
`J.A. “Drew” Hamilton, Jr., Ph.D., “Lecture 13 – IPSec/VPNs
`
`(Comm. Basics),” Auburn University.
`
`1036
`
`R. Atkinson, “IP Encapsulating Security Payload (ESP),” IETF
`
`Request for Comments 1827 (Aug. 1995).
`
`1037
`
`W. Richard Stevens, TCP/IP ILLUSTRATED, VOLUME 1: THE
`
`1038
`
`1039
`
`PROTOCOLS (Addison-Wesley 1994) (selected pages).
`
`Declaration of Chris Butler (Sept. 20, 2016).
`
`Takeshi Kondo et al., “Method of Adaptation to WinSock API of
`
`a Communication Method with Compression/Encryption Suitable
`
`for a Mobile Environment,” presented at the 54th National
`
`Conference of the Information Processing Society of Japan
`
`(1997).
`
`
`
`vii
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`1040
`U.S. Patent No. 6,085,224 to Wagner.
`
`Petitioner’s Reply
`
`
`1041
`
`Matt Pietrek, WINDOWS 95 SYSTEM PROGRAMMING SECRETS
`
`(IDG Books Worldwide 1995) (selected pages).
`
`1042
`
`Robert Cowart, et al., WINDOWS NT 3.51 UNLEASHED 3D ED.
`
`(SAMS Publishing 1996) (selected pages).
`
`1043
`
`Declaration of Riva Laughlin with news articles from
`
`LexisNexis. (Sept. 19, 2016).
`
`1044
`
`Order [Document No. 74], Juniper Networks, Inc. v. SSL Servs.,
`
`LLC, No. 08-5758 (N.D. Cal. Nov. 16, 2009).
`
`1045
`
`1046
`
`Copyright registration record for Exhibit 1037 (Stevens).
`
`Judgment [Document No. 294], SSL Services, LLC v. Citrix
`
`Systems, Inc., No. 2:08-cv-158-JRG (E.D. Tex. Sept. 17, 2012).
`
`1047
`
`Bob Quinn & Dave Shute, Windows Sockets Network
`
`Programming (Addison-Wesley Pub. Co. 1998) (selected
`
`supplemental pages).
`
`1048
`
`“Windows 98 Has Arrived; Microsoft’s Newest Operating
`
`System Debuts,” PR Newswire, Financial News section (Jun. 25,
`
`1998).
`
`
`
`viii
`
`

`
`Petitioner’s Reply
`IPR 2015-01754
`
`Patent No. 6,158,011
`1049
`“Microsoft rollout Windows 2000,” The Associated Press,
`
`Domestic News section (Feb. 13, 2000).
`
`1050
`
`“Microsoft Announces Immediate Availability of Windows
`
`Millennium Edition (Windows Me); OEM Partners Including
`
`Compaq, Hewlett-Packard and IBM Offering Windows Me On
`
`New PCs; Also Available at Retail Locations Worldwide,” PR
`
`Newswire, Financial News section (Sept. 15, 2000).
`
`1051
`
`“Microsoft Says Windows .Net Server 2003 Set to Ship in April;
`
`Long-awaited OS availability announced amid other Comdex
`
`product releases,” Computerworld, News – High section, p. 12
`
`(Nov. 22, 2002).
`
`1052
`
`“Windows XP Comes Out Tomorrow,” Associated Press Online,
`
`Financial News section (Oct. 24, 2001).
`
`1053
`
`“Test version of Windows Vista released to programmers,” The
`
`Associated Press, Business News section (Jul. 28, 2005).
`
`1054
`
`“Juniper Networks Positioned in Leaders Quadrant of Leading
`
`Analyst Firm’s SSL VPN Magic Quadrant; Evaluation Based on
`
`Completeness of Vision and Ability to Execute,” Business Wire
`
`(Dec. 19, 2008).
`
`
`
`ix
`
`

`
`Petitioner’s Reply
`IPR 2015-01754
`
`Patent No. 6,158,011
`1055
`Source Information from LexisNexis’ Customer Service Center
`
`regarding source databases publicly available through
`
`LexisNexis.
`
`1056
`
`Information from LexisNexis’ Support Center providing
`
`descriptions of segments included in LexisNexis documents.
`
`1057
`
`Copyright registration record for Exhibit 1042 (Cowart).
`
`
`
`x
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`I.
`
`Summary
`
`Petitioner’s Reply
`
`
`The Petition provides detailed reasons, based on the prior art evidence, for
`
`why a person of skill in the art would have been motivated to enhance Alden’s
`
`system using Takahashi’s techniques. These reasons include reducing Alden’s pre-
`
`configuration burden, avoiding Alden’s modification of the TCP/IP protocol stack,
`
`and adding the flexibility of on-demand connections. None of SSL’s arguments
`
`rebuts the evidence or analysis showing a motivation to combine Alden and
`
`Takahashi.
`
`SSL’s core argument is that the rationales for combining the prior art
`
`references are based on hindsight. SSL relies on an internal Cisco document from
`
` after the 1997 priority date—to assert that a person of skill in
`
`the art (“POSITA”) would not have chosen, or could not have implemented, a
`
`Winsock interceptor like that described in Takahashi. But the Cisco document
`
`refers to
`
`
`
`. At least five fewer versions of Windows existed in
`
`1997. These commercial concerns in
`
` do not reflect the state of technology or
`
`the perspective of a POSITA in the relevant timeframe. If anything, the Cisco
`
`document confirms that Winsock interceptors were a known technique in the art,
`
`just as the ’011 patent and prior art confirm.
`
`Indeed, it is indisputable that the ’011 patent itself embraces a Winsock
`
`
`
`1
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`interceptor in its “especially preferred embodiment” and admits that such
`
`techniques were well-known and in use during the relevant timeframe. Additional
`
`evidence confirms that other individuals used Winsock interceptors in the relevant
`
`timeframe, and even shows that commercial Winsock interceptors were offered for
`
`sale.
`
`SSL also asserts that Petitioner’s combination rationales are conclusory and
`
`unsupported by evidence. In fact, the combination rationales are supported by both
`
`documentary evidence and the testimony of Dr. Caloyannides, who cites Alden and
`
`Takahashi over 20 times in his detailed analysis of combination rationales.
`
`Finally, SSL’s claim of “commercial acquiescence” based on a single post-
`
`judgment settlement agreement is meritless because it fails to show the requisite
`
`“industry acceptance” and “widespread adoption.”
`
`In summary, none of SSL’s arguments undermines the conclusion of
`
`obviousness. For the reasons shown in the Petition, claims 1-7 of the ’011 patent
`
`would have been obvious and are unpatentable.
`
`II.
`
`SSL’s hindsight argument based on a
`
` document is incorrect.
`
`SSL argues that the Petition relies on improper hindsight analysis. Resp. at
`
`16-17. SSL bases its argument on a Cisco design document (“Exhibit 2015”)
`
`written
`
`meritless.
`
`
`
` after the claimed 1997 priority date. SSL’s position is
`
`2
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`SSL fails to show that the concerns expressed in Exhibit 2015—written
`
`while designing a commercial product in
`
`—relate in any way to the
`
`obviousness of the claims in 1997. As Exhibit 2015 notes,
`
`
`
` Ex. 2015
`
`at 9. Between 1997 and
`
`, Microsoft introduced five new versions of Windows
`
`and began advertising an upcoming sixth version:
`
` Windows98 (Ex. 1048);
` Windows 2000 (Ex. 1049);
` Windows ME (Ex. 1050);
` Windows 2003 Server (Ex. 1051);
` Windows XP (Ex. 1052);
` Windows Vista (Ex. 1053).
`
`During the
`
` after the relevant timeframe for evaluating the prior
`
`art combination, these new versions of Windows introduced new variants of the
`
`Winsock protocol,
`
`. In 1997
`
`there were far fewer versions of Windows and variants of Winsock. SSL’s expert,
`
`Dr. Hamilton, initially asserted that “Winsock was the same in 1997 as it was in
`
`.” Ex. 2011, ¶ 76. But Dr. Hamilton later admitted that the opposite was true,
`
`because “around 1997, Winsock itself [] was changing quite a bit.” Ex. 1034,
`
`164:22-23. Because the differences in Windows over time
`
`
`
`, the comments in Exhibit 2015 cannot be applied to an earlier time
`
`when the Windows universe was far simpler. As even the ’011 patent admits with
`
`
`
`3
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`its preferred embodiment, in 1997 Winsock interceptors were well-known.
`
`Exhibit 2015 presumes a business need to
`
`
`
`, but that goal is unrelated to any claim language or the scope of the ’011
`
`patent. It is not necessary for the combination of Alden and Takahashi to
`
`Because Exhibit 2015 reflects business-driven concerns that existed later, in
`
`.
`
`
`
`,
`
`it is not relevant to the issue of obviousness in 1997. See Orthopedic Equip. Co. v.
`
`United States, 702 F.2d 1005, 1013 (Fed. Cir. 1983) (where prior art “would not be
`
`combined by businessmen for economic reasons,” that fact is not “telling on the
`
`issue of nonobviousness.”).
`
`SSL relies on the testimony of Vincent Parla taken in 2016—nearly two
`
`decades after the claimed priority date. Resp. at 20-21. However, SSL ignores the
`
`fact that Mr. Parla emphasizes further business-driven considerations for the design
`
`choices reflected in Exhibit 2015. For example, Mr. Parla notes that Exhibit 2015
`
` Ex. 2016, 353:4-7. The ability
`
`, however, is not necessary
`
`
`
`
`
`for the combination of Alden and Takahashi, and not related to any claim language
`
`of the ’011 patent.
`
`Thus, Mr. Parla’s testimony relates to
`
` today and to the
`
`
`
`4
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`desire for
`
`Petitioner’s Reply
`
`
`
`
`technologies. Ex. 2016, 353:4-7 & 353:22-354:2 (employing present tense verb).
`
`SSL provides no justification for applying Mr. Parla’s present-day commercial
`
`concerns to a POSITA of 1997.
`
`In summary, Exhibit 2015 and Mr. Parla’s testimony reflect commercial
`
`considerations that existed only years after the relevant timeframe, reflecting
`
`
`
` of windows development and a
`
`
`
` technologies. Neither is evidence of “the then-accepted wisdom in the field,”
`
`and they are therefore not relevant to the obviousness of the challenged claims.
`
`See In re Kotzab, 217 F.3d 1365, 1369 (Fed. Cir. 2000). If anything, the evidence
`
`confirms that Winsock interceptors were known in the art and would have been
`
`considered for the petitioner’s prior art combination given the state of the art in
`
`1997. See Section IV C, infra.
`
`III. The combination rationales establish that the challenged claims are
`obvious.
`
`Cisco’s Petition provides reasons why a POSITA would have been
`
`motivated to modify Alden’s system by using Takahashi’s techniques. Pet. at 12-
`
`16. These include reducing pre-configuration burdens, avoiding protocol stack
`
`modifications, and adding flexibility. See id. None of SSL’s arguments rebuts
`
`Cisco’s showing of a motivation to combine.
`
`
`
`5
`
`
`
`

`
`IPR 2015-01754
`Petitioner’s Reply
`Patent No. 6,158,011
`
`A. Takahashi’s techniques reduce Alden’s pre-configuration burden.
`Alden employs a pre-configuration process before any secure
`
`communications can occur. Pet. at 13-15. Alden’s pre-configuration burden
`
`includes a multistep process for pre-identifying destinations, forming a secure
`
`connection with a pre-identified destination, and updating a routing table with
`
`routing information. Id. All of these steps must be completed before a client
`
`application can request a connection or send data. Id.
`
`In contrast, Takahashi includes no such pre-configuration burden because it
`
`can initiate a secure connection, upon request, with any compatible target. Id.
`
`Ignoring Alden’s multistep pre-configuration process, SSL erroneously
`
`suggests that Alden’s pre-configuration burden is limited to updating the routing
`
`table. SSL then argues that Takahashi also requires a routing table, and therefore
`
`that Takahashi would have the same pre-configuration burden as Alden. Resp. at
`
`27-31.
`
`1.
`
`Alden’s pre-configuration burden involves a 10-step
`initialization process.
`
`By ignoring most of Alden’s initialization process, SSL argues a false
`
`equivalency between Alden and Takahashi. Additionally, SSL mischaracterizes
`
`Dr. Caloyannides’ testimony to inaccurately limit Alden’s pre-configuration
`
`burden to updating the routing table. Resp. at 28. Consistent with Dr.
`
`Caloyannides’ testimony, Alden’s pre-configuration burden involves more than
`6
`
`
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`merely updating the routing table. Ex. 2014, 23:12-25:5 & 83:12-21. Updating the
`
`routing table is only the final step of Alden’s long pre-configuration process.
`
`SSL’s expert, Dr. Hamilton, confirmed that only “after Step 10 of this process”
`
`does secure communication becomes possible. Ex. 1034, 123:5-9. Thus, Alden’s
`
`pre-configuration burden involves more than simply updating the routing table, and
`
`SSL wrongly ignores the earlier steps that provide values for the routing table. See
`
`id., 115:19-116:1.
`
`Takahashi’s preparation of TCP port numbers is simple.
`
`2.
`SSL next argues that Alden’s pre-identification of unknown IP addresses is
`
`comparable to Takahashi’s preparation of secure TCP ports because both are
`
`“addressing data” that are “represented by numbers.” Resp. at 31, 35-36. Once
`
`again, SSL posits a false equivalency by ignoring important differences between IP
`
`addresses and TCP ports.
`
`Unlike Alden’s pre-identification of unknown IP addresses (Ex. 1034,
`
`112:19-25), there is no burden attached to Takahashi’s preparation of secure ports.
`
`The trivial “preparation” is already complete in Takahashi’s paper, which assigns
`
`secure port numbers for two common network services, FTP1 and Telnet:
`
`
`1 The Petition identifies an FTP application as the claimed “applications program.”
`
`Pet. at 44-45.
`
`
`
`7
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`
`
`Ex. 1007, Fig. 3 (detail).
`
`Furthermore, Takahashi’s secure port number assignments are constant,
`
`since port numbers do not change, even when a device changes its IP address in the
`
`mobile environment. Ex. 1034 at 223:7-10 & 223:23-224:6. In contrast, Alden’s
`
`routing table requires updating when an IP address changes—potentially repeating
`
`Alden’s 10-step pre-configuration process.
`
`In summary, IP addresses and port numbers are distinct concepts, and
`
`Takahashi’s fixed assignments are simpler than Alden’s 10-step pre-configuration
`
`process.
`
`Takahashi reduces Alden’s pre-configuration burden.
`
`3.
`Takahashi dynamically establishes a secure connection in response to an
`
`intercepted Winsock function call. See Pet. at 15. A POSITA would have been
`
`motivated to use Takahashi’s Winsock interception and dynamic connection
`
`techniques with Alden, thereby eliminating Alden’s requirement that a secure
`
`connection be formed before any application requests it. Ex. 1004 ¶140.
`
`In summary, SSL’s arguments about Alden’s pre-configuration burden are
`
`based on false equivalencies and disregard for the complexity of Alden’s
`
`
`
`8
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`initialization process. Accordingly, the arguments are unsupported by the evidence
`
`and without merit.
`
`B.
`
`Takahashi’s teachings to avoid modifying the network protocol
`stack provide an additional rationale for the combination.
`
`A second rationale for the proposed combination is to avoid Alden’s
`
`undesirable modifications to the communications protocol stack. Pet. at 14-16.
`
`SSL argues that (1) Alden modifies the routing table, not the communications
`
`protocol stack, and (2) Takahashi makes comparable modifications as Alden.
`
`Resp. at 32-36. SSL is wrong on both counts.
`
`SSL argues that Alden only modifies the routing table, which SSL further
`
`argues is outside the TCP/IP stack. Resp. at 34-35. SSL’s argument
`
`mischaracterizes Dr. Caloyannides’ testimony, and relies on faulty analysis by Dr.
`
`Hamilton.
`
`First, Dr. Caloyannides testified that Alden’s modifications include addition
`
`of the pseudo network adapter to the protocol stack and related updating of the
`
`routing table. Ex. 2014, 56:20-57:3. SSL ignores these modifications.
`
`Second, Dr. Hamilton’s analysis is unreliable because it does not reflect the
`
`teachings of Alden or the structure of the TCP/IP stack. Contrary to Dr.
`
`Hamilton’s assertion that routing “tables themselves are not part of the TCP/IP
`
`protocol stack” (Ex. 2011, ¶37), Alden explicitly states that it “modifies the routing
`
`
`
`9
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`tables within the tunnel client TCP/IP stack.” Ex. 1006, 19:60-61 (emphasis
`
`added). Alden’s statement is consistent with a prior art TCP/IP reference that
`
`illustrates the routing table within the IP layer:
`
`Routing table
`within IP layer
`of TCP/IP stack
`
`IP layer of
`TCP/IP stack
`
`Ex. 1037 at 112, Fig. 9.1 (annotated).
`
`
`
`Dr. Hamilton also mistakenly asserts that in Alden, “the entire protocol
`
`stack—remains unchanged” and “no network drivers are modified.” Ex. 2011, ¶
`
`37. As shown in Fig. 21 below, Alden modifies the NDIS MAC layer with a “new
`
`pseudo network adapter” including “a virtual device driver interface 460, an ARP
`10
`
`
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`server emulator 462, and a DHCP server emulator 464.” Ex. 1006, 3:50 & 18:33-
`
`35. The pseudo network adapter also “register[s] with the routing layer (IP).” Ex.
`
`1006, 18:28. The pseudo network adapter is part of the NDIS layer itself, and thus
`
`represents a modification to the TCP/IP stack. SSL previously argued that “Alden
`
`implements the virtual network [adapter] as an NDIS device driver within the
`
`NDIS layer....” Ex. 1018 at 187; Ex. 1006: 3:6-8, 3:55-57, and 15:19-26. Contrary
`
`to Dr. Hamilton’s understanding, Alden’s use of a pseudo network adapter
`
`involves multiple changes to the NDIS MAC and IP layers, including adding the
`
`pseudo network adapter and registering with the IP layer.
`
`Pseudo network
`adapter, included
`in Alden’s NDIS
`MAC layer.
`
`
`
`Ex. 1006, Fig. 21 (annotated).
`
`Dr. Hamilton’s misunderstandings about TCP/IP and Alden render his
`
`analysis, and SSL’s argument, factually unsupported. Since the routing table is
`
`
`
`11
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`part of Alden’s IP layer, Alden’s routing table updates—and Alden’s addition of a
`
`pseudo network adapter—result in modifications to the protocol stack. See Ex.
`
`1006, 19:60-61. As explained in the Petition (with support from Takahashi and Dr.
`
`Caloyannides), a POSITA would have been motivated to employ Takahashi’s
`
`Winsock interception techniques, thereby avoiding such protocol stack
`
`modifications. See Ex. 1004, ¶¶ 136 & 142; Ex. 1007 at 1 (“Our method can be
`
`used without modifying network equipment, communication control software, or
`
`application software.”).
`
`C. Takahashi adds flexibility to Alden.
`The Petition explains that Alden’s system is “rigid” because the pre-
`
`configuration steps must be completed before an application requests a connection
`
`or sends data. Pet. at 15-16. Consequently, Alden’s secure connections are
`
`established regardless of whether they are ever used, and connections are restricted
`
`to destinations included in the pre-configuration process. Ex. 1034, 112:19-25 &
`
`122:24-123:9. Takahashi’s techniques allow for greater flexibility. See Pet. at 13-
`
`16.
`
`Ignoring Alden’s rigidity, SSL simply argues that “a POSITA would not
`
`have looked to add flexibility to Alden’s ‘rigid’ system” because, in SSL’s view,
`
`Alden’s negotiation sequence offers the same benefits of flexibility as Takahashi’s
`
`negotiation sequence. Resp. at 36-37.
`
`
`
`12
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`SSL’s argument ignores the fact that Takahashi initiates a negotiation
`
`sequence upon interception of a connection request. Id., Ex. 1007, Fig. 3. That is,
`
`unlike Alden, Takahashi conducts a negotiation sequence only after an application
`
`has requested a connection. Pet. at 15-16. Moreover, Takahashi allows
`
`establishment of a secure connection with any compatible destination. Ex. 1007 at
`
`3. Takahashi is not limited to establishing secure connections with a fixed list of
`
`pre-identified destinations. Unlike Alden, Takahashi provides flexibility by
`
`establishing secure connections (1) when an application requests a connection; and
`
`(2) with any compatible destination, not just pre-identified destinations. Ex. 1004,
`
`¶¶139-140. As such, a POSITA would have recognized Takahashi’s greater
`
`flexibility and would have been motivated to improve Alden with the proposed
`
`combination. Id.; Pet. at 15-16.
`
`D.
`
`SSL’s argument that a POSITA would have adopted Takahashi
`rather than modify Alden is incorrect
`
`SSL argues that a POSITA would have chosen to adopt Takahashi rather
`
`than to modify Alden and that a combination is not obvious “where one of the prior
`
`art references provides the benefits sought by the proffered reasons to combine.”
`
`Resp. at 23.
`
`SSL’s statement of the law is incorrect. A prototypical case of obviousness
`
`is when “a technique has been used to improve one device, and . . . would improve
`
`
`
`13
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`similar devices in the same way.” KSR v. Teleflex, 550 U.S. 398, 401 (2007).
`
`SSL’s assertion ignores the Supreme Court’s guidance that it is obvious to apply
`
`features from “similar devices.”
`
`As analyzed in detail above and in the Petition, a POSITA would have been
`
`motivated to improve Alden by incorporating features from Takahashi for multiple
`
`reasons. SSL attempts to distract from these reasons with alternate design choices
`
`a POSITA could have made. SSL’s argument speaks to the wrong question, as a
`
`combination need not “be the preferred, or the most desirable, combination
`
`described in the prior art in order to provide motivation for the current invention.”
`
`In re Fulton, 391 F.3d 1195, 1200 (Fed. Cir. 2004). As Cisco and Dr.
`
`Caloyannides have explained, a POSITA would have been motivated to improve
`
`Alden. Pet. at 12-16; Ex. 1004 at 65-72. Those motivations existed regardless of
`
`whether Takahashi alone might have been suitable for some needs.
`
`SSL’s argument also disregards the testimony of SSL’s own expert, Dr.
`
`Hamilton, who explained that the use of application-level encryption (like that in
`
`Alden) includes multiple benefits. See Ex. 1034, 97:2-98:7. By implementing
`
`Takahashi alone, a POSITA would forgo Alden’s advantages.
`
`Finally, SSL’s cited authority is not to the contrary. Square v. Cooper is a
`
`non-precedential Board decision involving a proposed combination to incorporate
`
`universal credit card technology into a telephone. IPR2014-158, Paper No. 10 at
`
`
`
`14
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,158,011
`
`Petitioner’s Reply
`
`
`29-30 (P.T.A.B. 2014). Square did not involve a combination of features from
`
`similar devices, but rather the combination of highly dissimilar products without a
`
`good reason for the combination. Thus, Square is plainly distinguished on its
`
`facts.
`
`IV. The prior art combination and the ’011 patent employ well-known
`socket shim technology.
`A. The ’011 patent admits that Winsock shims were well-known.
`The prior art combination leverages the benefits of Takahashi’s Winsock
`
`shim to intercept function calls above Winsock in Alden’s system. See, e.g., Pet. at
`
`38. The ’011 patent explicitly admits that this approach was known in the prior art.
`
`Winsock itself was “a commonly used non-proprietary socket” in Windows. Ex.
`
`1001 at 3:53-54. And in “one especially preferred embodiment” of the ’011 patent,
`
`a “Winsock shim arranged to intercept function calls to the Winsock library” is
`
`inserted above that non-proprietary socket. Id. at 7:1-3. The ’011 patent plainly
`
`explains that the Winsock shim in that embodiment was nothing new, as “it [was]
`
`appreciated that the use of socket shims [was] well known.” Id. at 10:16-17.
`
`SSL asserts now that “the Winsock interceptor that Cisco proposes would
`
`have been an unfamiliar element to a POSITA in 1997.” Resp. at 22. But that
`
`assertion is directly contradicted by the ’011 patent’s admission that the use of
`
`such a socket shim was “well-known,” and SSL cannot disavow the truth of its
`
`prior statements to the Office. See In re Morsa, 803 F.3d 1374, 1377 (Fed. Cir.
`15
`
`
`
`
`
`

`
`IPR 2015-01754
`Patent No. 6,15