`Patent No. 6,804,780
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`____________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`____________________
`
`Palo Alto Networks, Inc.,
`Petitioner
`
`v.
`
`Finjan, Inc.,
`Patent Owner
`
`
`
`Patent No. 6,804,780
`Filing Date: March 30, 2000
`Issue Date: Oct. 12, 2004
`Title: System and Method for Protecting a Computer and a Network from Hostile
`Downloadables
`
`____________________
`
`Inter Partes Review No. IPR2016-00165
`
`
`
`
`
`PETITION FOR INTER PARTES REVIEW OF U.S. PATENT NO. 6,804,780
`
`
`
`
`
`
`
`TABLE OF CONTENTS
`
`I.
`
`INTRODUCTION .......................................................................................... 1
`
`The ’780 Patent .................................................................................... 1
`A.
`II. MANDATORY NOTICES UNDER 37 C.F.R. § 42.8(A)(1) ....................... 3
`
`Real Parties-In-Interest Under 37 C.F.R. § 42.8(b)(1) ......................... 3
`A.
`Related Matters Under 37 C.F.R. § 42.8(b)(2) .................................... 3
`B.
`Lead and Back-Up Counsel .................................................................. 4
`C.
`III. REQUIREMENTS FOR INTER PARTES REVIEW UNDER 37
`C.F.R. § 42.104 ............................................................................................... 4
`
`A. Grounds for Standing ........................................................................... 4
`B.
`Identification of Challenge Under 37 C.F.R. § 42.104(b) ................... 5
`IV. SUMMARY OF THE ’780 PATENT ............................................................ 5
`
`B.
`
`A.
`
`The ’780 Patent Discloses Specific Embodiments but Claims
`the More Basic Concept of Hashing Downloadables .......................... 5
`The Prosecution History of the ’780 Patent Shows That the
`Claims Were Allowed Based on Limitations Directed to
`Features Previously Known in the Art ................................................. 6
`Priority Date of the ’780 Patent............................................................ 9
`C.
`CLAIM CONSTRUCTION UNDER 37 C.F.R. § 42.104(B)(3) ................. 10
`
`V.
`
`A.
`
`B.
`C.
`D.
`
`“performing a hashing function on the Downloadable and the
`fetched software components to generate a Downloadable ID”
`(all claims) .......................................................................................... 10
`“Downloadable” (all claims) .............................................................. 12
`“Downloadable ID” (all claims) ......................................................... 13
`“means for obtaining a Downloadable,” “means for fetching at
`least one software component,” and “means for performing a
`hashing function” (Claim 17) ............................................................. 13
`VI. THE CHALLENGED CLAIMS OF THE ’780 PATENT ARE
`UNPATENTABLE ....................................................................................... 14
`
`A. Ground 1: Claims 1-18 Are Obvious over Rubin and Waldo ............ 15
`1.
`Independent Claims 1, 9, 17, and 18 ........................................ 18
`2.
`Dependent Claims .................................................................... 38
`VII. SECONDARY CONSIDERATIONS .......................................................... 48
`
`VIII. CONCLUSION ............................................................................................. 48
`
`
`
`sf-3591310
`
`i
`
`
`
`
`CASES
`
`TABLE OF AUTHORITIES
`
`Page(s)
`
`Aristocrat Techs. Austl. Pty Ltd. v. Int’l Game Tech., 521 F.3d 1328
`(Fed. Cir. 2008) ................................................................................................... 15
`
`In re Cuozzo Speed Techs., LLC, 778 F.3d 1271,
`rehearing en banc denied, 793 F.3d 1297 (Fed. Cir. 2015) ............................... 10
`
`In re Zletz, 893 F.2d 319 (Fed. Cir. 1989) .............................................................. 11
`
`KSR Int’l Co. v. Teleflex Inc.,
`550 U.S. 398 (2007) ............................................................................................ 15
`
`Mako Surgical Corp. v. Blue Belt Tech. Inc., Case IPR2015-00629, Paper 6
`(PTAB July 30, 2015) ......................................................................................... 15
`
`Phillips v. AWH Corp., 415 F.3d 1303 .................................................................... 11
`
`Sundance, Inc. v. Demonte Fabricating Ltd., 550 F.3d 1356 (Fed. Cir. 2008) ....... 18
`
`STATUTES
`
`35 U.S.C.
`§ 102(a) ............................................................................................................... 15
`§ 102(e) ......................................................................................................... 15, 16
`§ 103(a) ................................................................................................................. 5
`§§ 311-319 ............................................................................................................ 1
`
`OTHER AUTHORITIES
`
`37 C.F.R.
`§ 42.8(a)(1) ........................................................................................................... 3
`§ 42.8(b)(1) ........................................................................................................... 3
`§ 42.8(b)(2) ........................................................................................................... 3
`§ 42.8(b)(4) ........................................................................................................... 4
`§ 42.100(b) .......................................................................................................... 10
`§ 42.100 et seq. ..................................................................................................... 1
`§ 42.104 ................................................................................................................. 4
`§ 42.104(b) ...................................................................................................... 5, 10
`
`
`sf-3591310
`
`ii
`
`
`
`Exhibit
`No.
`
`EXHIBIT LIST
`
`Description
`
`1001 U.S. Patent No. 6,804,780 to Touboul (“the ’780 patent”)
`
`1002 Declaration of Dr. Aviel D. Rubin
`
`1003 U.S. Patent No. 5,638,446 to Rubin (“Rubin”)
`
`1004 U.S. Patent No. 5,815,709 to Waldo (“Waldo”)
`
`1005
`
`File History for U.S. Patent No. 6,804,780 to Touboul (“’780 file
`history”)
`
`1006
`
`Provisional Application No. 60/030,639 (the “’639 provisional”)
`
`1007 U.S. Patent No. 5,978,484 to Apperson (“Apperson”)
`
`1008
`
`“Microsoft Authenticode Analyzed” (“Khare”)
`
`1009 Finjan v. Blue Coat Claim Construction Order
`
`1010 Finjan v. Blue Coat trial transcript excerpt
`
`1011 Finjan v. BlueCoat verdict form
`
`sf-3591310
`
`iii
`
`
`
`Palo Alto Networks, Inc. (“Petitioner”) respectfully submits this Petition for
`
`inter partes review (“Petition”) of claims 1-18 (“Petitioned Claims”) of U.S. Patent
`
`No. 6,804,780 (“the ’780 patent”) under 35 U.S.C. §§ 311-319 and 37 C.F.R.
`
`§ 42.100 et seq.
`
`I.
`
`INTRODUCTION
`
`A. The ’780 Patent
`
`The ’780 patent is entitled “System and Method for Protecting a Computer
`
`and a Network from Hostile Downloadables.” The specification of the ’780 patent
`
`discusses various techniques for analyzing content downloaded from the Internet (a
`
`“Downloadable”) to determine whether it is malicious and should be blocked. (Ex.
`
`1001 at 1:66-2:44.) The claims of the ’780 patent, however, are broadly directed to
`
`the basic concept of receiving a Downloadable and one or more of its fetched
`
`software components and performing mathematical calculations (or “hashing”) on
`
`them to generate an identifier (a so-called “Downloadable ID”). Claim 1 is
`
`representative:
`
`1. A computer-based method for generating a Downloadable ID to identify a
`
`Downloadable, comprising:
`
`obtaining a Downloadable that includes one or more references to software
`
`components required to be executed by the Downloadable;
`
`sf-3591310
`
`1
`
`
`
`fetching at least one software component identified by the one or more
`
`references; and
`
`performing a hashing function on the Downloadable and the fetched
`
`software components to generate a Downloadable ID.
`
`The concept of generating hash identifiers for Downloadables and their
`
`fetched software components was well-known in the field of Internet security
`
`before the earliest effective filing date of the ’780 patent. Indeed, the combination
`
`of U.S. Patent No. 5,638,446 (“Rubin”) and U.S. Patent No. 5,815,709 (“Waldo”)
`
`teaches all the elements of the Petitioned Claims.
`
`Rubin discloses a method for secure distribution of files (i.e.,
`
`Downloadables) over the Internet, including executable software programs and
`
`software updates. In Rubin, the computer receiving the file performs a hashing
`
`function on the file to generate a hash value that acts as a unique identifier of the
`
`file. (Ex. 1003 at 1:26-28, 2:27-29, 3:60-64, 6:5-14, Claim 3.) Waldo discloses a
`
`system that uses hashing functions to generate unique fingerprints for identifying
`
`objects (i.e., software components) referenced in software program code. (Ex. 1004
`
`at Abstract, 1:29-35, 2:30-33.) Waldo also teaches that when the software program
`
`executes, any referenced objects not locally available are fetched and that these
`
`fetched objects, too, are hashed for proper identification. (Ex. 1004 at 2:39-50; see
`
`also id. at Abstract.) It would have been obvious to combine these teachings to
`
`sf-3591310
`
`2
`
`
`
`allow for the identification of the entire Downloadable with its fetched software
`
`components using one or more hashes. (Ex. 1002 ¶¶ 77-83.)
`
`Waldo was never disclosed to the Examiner, and while Rubin was cited
`
`during prosecution, the Examiner never addressed it in an office action. (See
`
`generally Ex. 1005.) The Patent Office has therefore not considered the
`
`combination of Rubin and Waldo. This combination renders obvious each of the
`
`Petitioned Claims.
`
`II. MANDATORY NOTICES UNDER 37 C.F.R. § 42.8(A)(1)
`
`A. Real Parties-In-Interest Under 37 C.F.R. § 42.8(b)(1)
`
`Petitioner Palo Alto Networks, Inc. is the real party-in-interest.
`
`B. Related Matters Under 37 C.F.R. § 42.8(b)(2)
`
`Finjan, Inc. (“Patent Owner” or “Finjan”) has asserted the ’780 patent in
`
`Finjan Software Ltd. v. Secure Computing Corp., 1:06-cv-00369 (D. Del. June 5,
`
`2006); Finjan Software Ltd. v. Aladdin Knowledge Systems Inc., No. 1:08-cv-
`
`00300, (D. Del. May 21, 2008); Finjan, Inc. v. FireEye, Inc., 4:13-cv-03133 (N.D.
`
`Cal. July 8, 2013); Finjan, Inc. v. Blue Coat Systems, Inc., No. 5:13-cv-03999
`
`(N.D. Cal. August 28, 2013); Finjan, Inc. v. Sophos, Inc., 3:14-cv-01197 (N.D.
`
`Cal. Mar. 14, 2014); and Finjan, Inc. v. Palo Alto Networks, Inc., No. 4:14-cv-
`
`04908, (N.D. Cal. November 4, 2014). Petitioner is not aware of any reexamination
`
`certificates for the ’780 patent. Petitioner has also filed, or is filing, petitions for
`
`inter partes review of U.S. Patent Nos. 6,965,968; 7,058,822; 7,418,731;
`
`sf-3591310
`
`3
`
`
`
`7,613,918; 7,613,926; 7,647,633; 8,141,154; 8,225,408; and 8,677,494, which are
`
`assigned to Patent Owner.
`
`C. Lead and Back-Up Counsel
`
`Lead Counsel
`
`Back-Up Counsel
`
`Back-Up Counsel
`
`Matthew I. Kreeger
`Reg. No. 56,398
`MORRISON &
`FOERSTER LLP
`425 Market Street
`San Francisco, CA 94105
`MKreeger@mofo.com
`Tel: (415) 268-6467
`Fax: (415) 268-7522
`
`Jonathan Bockman
`Reg. No. 45,640
`MORRISON &
`FOERSTER LLP
`1650 Tysons Boulevard
`McLean, VA 22102
`JBockman@mofo.com
`Tel: (703) 760-7769
`Fax: (703) 760-7777
`
`Matthew Chivvis
`Reg. No. 61,256
`MORRISON &
`FOERSTER LLP
`425 Market Street
`San Francisco, CA 94105
`MChivvis@mofo.com
`Tel: (415) 268-7307
`Fax: (415) 268-7522
`
`
`
`Pursuant to 37 C.F.R. § 42.8(b)(4), service information for lead and back-up
`
`counsel is provided above. Petitioner consents to electronic service by email to
`
`FinjanPANMofoTeam@mofo.com.
`
`III. REQUIREMENTS FOR INTER PARTES REVIEW UNDER 37 C.F.R.
`§ 42.104
`
`A. Grounds for Standing
`
`Petitioner certifies that the ’780 patent is available for inter partes review, as
`
`Petitioner was first served with a complaint alleging infringement of the ’780
`
`patent on November 7, 2014, less than one year before the filing of this Petition.
`
`Petitioner further certifies that it has not filed a civil action challenging the validity
`
`of the ’780 patent, and that it is not otherwise barred or estopped from requesting
`
`sf-3591310
`
`4
`
`
`
`inter partes review of the ’780 patent claims on the grounds identified in this
`
`Petition. Finjan, Inc. is listed as the current and sole assignee of the ’780 patent.
`
`B.
`
`Identification of Challenge Under 37 C.F.R. § 42.104(b)
`
`Petitioner requests inter partes review of claims 1-18 of the ’780 patent as
`
`obvious over Rubin in view of Waldo under 35 U.S.C. § 103(a).
`
`IV. SUMMARY OF THE ’780 PATENT
`
`A. The ’780 Patent Discloses Specific Embodiments but Claims the
`More Basic Concept of Hashing Downloadables
`
`The ’780 patent discloses a system and method for protecting against hostile
`
`Downloadables by analyzing their content to determine whether they are malicious
`
`and should be blocked. (Ex. 1001 at 1:50-55, 1:66-2:35; Ex. 1002 at ¶¶ 37-39.) The
`
`claims of the ’780 patent, however, are directed to the more far-reaching concept
`
`of generating an identifier for a Downloadable and its fetched software
`
`components. Indeed, the independent claims of the ’780 patent are broad enough to
`
`cover the simple steps of obtaining software over the Internet (i.e., a
`
`Downloadable) that includes calls to common objects or class libraries required by
`
`the software for proper execution (i.e., fetched software components) and hashing
`
`them to create an identifier (i.e., a Downloadable ID). Thus, while the disclosures
`
`of the ’780 patent may describe a system and method for protecting computers
`
`from hostile Downloadables, none of the Petitioned Claims recite using the
`
`Downloadable ID for any specific purpose.
`
`sf-3591310
`
`5
`
`
`
`The use of a “hashing” to create file identifiers was well-known to persons
`
`of ordinary skill in the art (POSA) at the time of the alleged invention of the ’780
`
`patent. Hashing refers to mathematical calculations that can be used to create
`
`unique strings of numbers that represent digital information. (Ex. 1002 ¶¶ 40-41,
`
`63-66.) This technique was commonly used for digital signing and authentication
`
`of Internet content before the filing date of the ’780 patent. (Id. ¶¶ 41, 66.)
`
`In addition to hashing, it was also well known to a POSA that Internet
`
`content often includes references to other software components that need to be
`
`fetched for proper execution. (Id. ¶ 42.) One such example was the Java
`
`programming language, which had mechanisms for fetching and downloading
`
`class libraries as required for execution. (Id. ¶ 69.) It would have been obvious to a
`
`POSA to hash not only downloaded Internet content, but also its referenced
`
`software components. (Id. ¶¶ 43, 83, 115.) Moreover, a POSA would have been
`
`able to develop a system that uses one or more hashes that collectively identify the
`
`content and its components with a reasonable expectation of success, as explained
`
`in more detail below. (Ex. 1002 ¶ 82.)
`
`B.
`
`The Prosecution History of the ’780 Patent Shows That the
`Claims Were Allowed Based on Limitations Directed to Features
`Previously Known in the Art
`
`The ’780 patent issued from U.S. Patent Application No. 09/539,667 (“the
`
`’667 application”), which was filed on March 30, 2000. The ’667 application is a
`
`sf-3591310
`
`6
`
`
`
`continuation of Patent Application No. 08/964,388 filed on November 6, 1997. It
`
`claims priority to Provisional Application No. 60/030,639, (the “’639 provisional,”
`
`Ex. 1006) filed on November 8, 1996. The Petitioned Claims are entitled to a
`
`priority date of no earlier than November 6, 1997, however, for the reasons stated
`
`below in Section IV.C.
`
`The claims of the ’667 application were twice rejected by the Examiner in
`
`prosecution. In the first, non-final rejection, the Examiner found certain claims
`
`anticipated by U.S. Patent No. 5,978,484 (“Apperson”) and the remaining claims
`
`rendered obvious by Apperson in view of “Microsoft Authenticode Analyzed”
`
`(“Khare”). Apperson discloses a method and system for distributing and executing
`
`code, wherein the executable code references privileges that may be exercised
`
`during execution. (Ex. 1007 at Abstract.) Apperson also discusses the creation of
`
`digital signatures using a hash function. (Id.) Khare discloses the 1996 launch of
`
`Microsoft’s Authenticode, a tool for digitally signing code to guarantee it is free
`
`from alterations. (Ex. 1008 at 1.)
`
`In response to the rejection, the Patent Owner amended the independent
`
`claims to add “includes one or more references to software components required
`
`by the Downloadable.” (Ex. 1005 at 97.) The Patent Owner stated that “[i]n
`
`distinction to the present invention, Apperson and Khare do not teach fetching
`
`software components of executable code.” (Id. at 102.)
`
`sf-3591310
`
`7
`
`
`
`Yet the Examiner again rejected all the claims, issuing a final rejection in
`
`view of the same two references. (Id. at 107.) Importantly, the Examiner dismissed
`
`the Patent Owner’s arguments that Apperson and Khare failed to teach fetching
`
`software components of the executable code, finding that it would have been
`
`obvious to add this limitation. (Id. at 109-112.) Thereafter, the Patent Owner
`
`conducted an interview with the Examiner, and later amended the claims further to
`
`require that the software components “be executed” by the Downloadable. (Id. at
`
`126.) The Examiner also proposed amending the claims to require the use of a
`
`“hashing” function rather than any function that could be used to generate an
`
`identifier. (Id. at 129.)
`
`But neither of these limitations added anything new to the claims. For
`
`example, before the effective filing date of the ’780 patent, a POSA would have
`
`known that the Java programming language included a well-known set of loadable
`
`libraries that downloaded Java applications would fetch as needed. (Ex. 1002
`
`¶¶ 42, 47.) The basic concept of hashing itself was also well-known. (Id. ¶ 49.)
`
`Indeed, Rubin discloses “hashing” a Downloadable to generate an identifier. (See,
`
`e.g., Ex. 1003 at Abstract.) And Waldo expressly teaches performing hashing
`
`functions on software components referenced by a Downloadable and required to
`
`be executed by the Downloadable. (See, e.g., Ex. 1004 at Abstract.) While Rubin
`
`was submitted in an IDS, the Examiner did not rely on Rubin in any office actions.
`
`sf-3591310
`
`8
`
`
`
`Waldo was not even before the Examiner. Thus, the combination of the two
`
`references was not previously considered by the Patent Office.
`
`As shown in this petition, the Rubin and Waldo references disclose all the
`
`elements of the Petitioned Claims. Rubin teaches obtaining downloadable content,
`
`such as a software program, and performing a hashing function on the content to
`
`generate an identifier. (Ex. 1003 at 1:26-28, 2:27-29, 3:60-64, 6:5-14, Claim 3.)
`
`Waldo teaches that downloaded software programs can reference objects (software
`
`components) required for their execution, and further teaches fetching any objects
`
`that are not part of the software program code. (Ex. 1004 at 1:29-35, 2:30-33,
`
`Abstract.) As in Rubin, moreover, Waldo teaches the use of hashing functions on
`
`the software components to generate unique identifiers. (Ex. 1004 at 2:39-50,
`
`Abstract.)
`
`Because the Examiner never considered the combination of Rubin and
`
`Waldo, there has been no previous determination of whether they render obvious
`
`the Petitioned Claims.
`
`C.
`
`Priority Date of the ’780 Patent
`
`While the ’780 patent claims priority to the ’639 provisional, as noted above,
`
`that earlier application lacks written description support for key elements of the
`
`Petitioned Claims. For example, the ’639 provisional fails to disclose “a
`
`Downloadable that includes one or more references to software components
`
`sf-3591310
`
`9
`
`
`
`required to be executed by the Downloadable,” “fetching at least one software
`
`component,” and “performing a hashing function on the Downloadable and the
`
`fetched software components to generate a Downloadable ID.” (See Ex. 1006.)
`
`Indeed, the concept of a “Downloadable ID” is completely absent from the ’639
`
`provisional. (Id.) Furthermore, the provisional never once refers to either a “hash”
`
`of or “hashing” a Downloadable. (Id.) Accordingly, the ’780 patent should be
`
`accorded a filing date of no earlier than November 6, 1997.
`
`V. CLAIM CONSTRUCTION UNDER 37 C.F.R. § 42.104(B)(3)
`
`The claims of the ’780 patent are presumed to take on the “broadest
`
`reasonable construction in light of the specification of the patent in which it
`
`appears.” 37 C.F.R. § 42.100(b); see also In re Cuozzo Speed Techs., LLC, 778
`
`F.3d 1271, rehearing en banc denied, 793 F.3d 1297 (Fed. Cir. 2015) (affirming
`
`the application of the broadest reasonable construction standard in inter partes
`
`review). Petitioners reserve the right to advocate a different construction in district
`
`court or any other forum if necessary. In re Zletz, 893 F.2d 319, 321 (Fed. Cir.
`
`1989).
`
`A.
`
`“performing a hashing function on the Downloadable and the
`fetched software components to generate a Downloadable ID” (all
`claims)
`
`The broadcast reasonable interpretation (BRI) is: “generating a hash value
`
`for the Downloadable and one or more hash values for its fetched software
`
`sf-3591310
`
`10
`
`
`
`components, wherein the hash values collectively identify the Downloadable and
`
`its fetched software components, whether or not combined into a single hash
`
`value.” In related litigation between Patent Owner and Blue Coat Systems, Inc.,
`
`the Northern District of California construed part of this claim term, “performing a
`
`hashing function on the Downloadable and the fetched software components,” in
`
`accordance with Phillips v. AWH Corp., 415 F.3d 1303 (Fed. Cir. 2005), to mean
`
`“performing a hashing function on the Downloadable together with its fetched
`
`software components.” (Ex. 1009 at 4.) The BRI of this term, however, is broader
`
`than the court’s Phillips construction. Indeed, a POSA would have understood that
`
`“hashing” could refer to a series of mathematical operations performed on each of
`
`a Downloadable and its fetched software components separately. (Ex. 1002 ¶¶ 41,
`
`65.) Furthermore, a POSA would have understood that the resulting series of
`
`separate hashes could collectively comprise a unique identifier (or ID) for the
`
`Downloadable and its fetched software components. (Id. ¶ 43.)
`
`The BRI is consistent, moreover, with positions taken by the Patent Owner
`
`in the recent Finjan v. Blue Coat trial. There, the Patent Owner asserted through its
`
`expert that the Downloadable ID recited in the Petitioned Claims comprises a hash
`
`of the Downloadable and separate hashes of each of its fetched software
`
`components. (Ex. 1010 at 894:1-11; see also id. 847:22-848:3 (“each of those
`
`pieces[,the Downloadable and the fetched software components] is hashed . . .[and]
`
`sf-3591310
`
`11
`
`
`
`the I.D. is the combination of those hashes together”), 853:2-5, 854:12-17.) The
`
`jury found literal infringement based on this argument. (Ex. 1011 at 3.) Hence,
`
`under the Patent Owner’s interpretation of this term, the claim does not require
`
`combining the Downloadable with the fetched software components before
`
`performing a single hashing function. Rather, as Finjan’s expert explained, the
`
`limitation can be met by performing a series of separate hashing functions on each
`
`of the Downloadable and its fetched software components.
`
`The Board should adopt Patent Owner’s own interpretation of this claim
`
`term as within the BRI for purposes of this Petition.1
`
`B.
`
`“Downloadable” (all claims)
`
`The BRI includes at least: “an executable application program, which is
`
`downloaded from a source computer and run on the destination computer.” The
`
`’780 patent expressly defines this term. (Ex. 1001 at 1:50-53.) Moreover the
`
`
`1 Alternatively, if the Board finds that Patent Owner’s interpretation is outside of
`
`the BRI, it should make a clear record that performing a hash on a Downloadable
`
`and one or more separate hashes on its fetched software components does not
`
`generate a Downloadable ID, but rather separate IDs for the Downloadable and for
`
`each of its fetched software components.
`
`sf-3591310
`
`12
`
`
`
`district court in the Blue Coat case adopted this construction of “Downloadable.”
`
`(Ex. 1006 at 4.)
`
`C.
`
`“Downloadable ID” (all claims)
`
`The BRI is: “one or more hash values that collectively identify a
`
`Downloadable and its fetched software components.” The reasons discussed above
`
`in Section V.A with respect to the BRI of “performing a hashing function on the
`
`Downloadable and the fetched software components to generate a Downloadable
`
`ID” apply also to this term.
`
`D.
`
`“means for obtaining a Downloadable,” “means for fetching at
`least one software component,” and “means for performing a
`hashing function” (Claim 17)
`
`The terms of Claim 17 use the words “means for,” raising the presumption
`
`that they are to be construed according to 35 U.S.C. § 112(f). There is no reason to
`
`deviate from the presumption in this case. Thus, these terms are means-plus-
`
`function terms under 35 U.S.C. § 112(f).
`
`The first step in construing a means-plus-function limitation is to identify the
`
`function. Here, associated functions are explicitly recited in the claim terms as
`
`presented above. The next step is to identify corresponding structures in the
`
`specification for performing these functions. The Patent Owner has not identified
`
`corresponding structure for these claim terms to Petitioner. Nevertheless, the
`
`specification appears to provide “external communications interface 210” as
`
`sf-3591310
`
`13
`
`
`
`corresponding structure for the “means for obtaining a Downloadable.” (Ex. 1001
`
`at 3:44-50.) The BRI for this term, then, is an “external communications interface
`
`and equivalents.”
`
`In contrast, the specification does not link any appropriate physical structure
`
`to the functions for the “means for fetching at least one software component” and
`
`“means for performing a hashing function” terms in any clear way. The
`
`specification mentions an “ID generator” that “may fetch some or all components
`
`referenced” in a Downloadable and hash them. (Id. at 9:60-65; see also id. at 4:50-
`
`5:3.) Yet the ID generator appears to be a software component, thus necessitating
`
`the disclosure of an algorithm for these claim terms to be definite under section
`
`112. See, e.g., Aristocrat Techs. Austl. Pty Ltd. v. Int’l Game Tech., 521 F.3d 1328,
`
`1333 (Fed. Cir. 2008). The specification, however, includes no algorithms for
`
`performing these functions. (Ex. 1001 at 9:60-65; see also id. at 4:50-5:3.) Rather,
`
`it includes only restatements of the functions themselves. (Id.) Accordingly, these
`
`claim terms lack corresponding structure and are indefinite. Mako Surgical Corp.
`
`v. Blue Belt Tech. Inc., Case IPR2015-00629, Paper 6 at 8 (PTAB July 30, 2015).
`
`VI. THE CHALLENGED CLAIMS OF THE ’780 PATENT ARE
`UNPATENTABLE
`
`Rubin and Waldo disclose all of the limitations of claims 1-18 of the ’780
`
`patent. At most, these claims merely recite predictable uses of prior art elements,
`
`and thus are obvious. KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398 417 (2007) (“[A]
`
`sf-3591310
`
`14
`
`
`
`court must ask whether the improvement is more than the predictable use of prior
`
`art elements according to their established functions.”). Thus, Petitioner has
`
`demonstrated a reasonable likelihood of prevailing with respect to one or more of
`
`the Petitioned Claims.
`
`A. Ground 1: Claims 1-18 Are Obvious over Rubin and Waldo
`
`Rubin was filed on August 28, 1995 and issued on June 10, 1997. Rubin is
`
`therefore prior art to the ’780 patent under 35 U.S.C. § 102(a) or (e), depending on
`
`the priority date accorded to the claims. Waldo was filed on April 23, 1996 and is
`
`therefore prior art to the ’780 patent under 35 U.S.C. § 102(e).
`
`Rubin discloses a system for secure distribution of content over the Internet,
`
`including executable software program downloads, where the computer receiving
`
`the content performs a hashing function to generate a unique identifier of the
`
`content. (Ex. 1003 at 1:26-28, 2:27-29, 3:60-64, 6:5-14, Claim 3; Ex. 1002 ¶¶ 71-
`
`73.) Rubin further discloses that the receiving computer relies on this identifier to
`
`confirm the authenticity of the downloadable. (Ex. 1003 at 6:10-14.)
`
`Waldo discloses a system for generating unique fingerprints using hashing
`
`functions to identify objects referenced in the program code of an executable
`
`software program. (Ex. 1004 at Abstract, 1:29-35, 2:30-33; Ex. 1002 ¶¶ 74-76.)
`
`Waldo teaches that when the software program executes, the referenced objects are
`
`loaded and hashed. (Ex. 1004 at 2:39-50; see also id. at Abstract.) Waldo further
`
`sf-3591310
`
`15
`
`
`
`discloses that a object referenced in program code (“referencing object”) may itself
`
`include a reference to one or more additional objects (“referenced objects”) that
`
`may be fetched and hashed. (Id. at Abstract, 7:57-61, 8:41-53, 9:12-17.)
`
`Rubin was cited during prosecution, but Waldo was not. The combination of
`
`Rubin and Waldo was therefore never previously considered by the Patent Office.
`
`As shown in this petition, the combination of Rubin and Waldo teaches or suggests
`
`all the elements of the claims of the ’780 patent, and thus renders obvious the
`
`Petitioned Claims.
`
`It would have been obvious to combine the teachings of Rubin and Waldo
`
`for a number of reasons. When Rubin was filed in 1995, two years before the
`
`effective filing date of the ’780 patent, Java had just been released. (Ex. 1002
`
`¶ 48.) By 1997, Java had become a primary programming tool for providing
`
`Internet content in small browser-viewable applications called “applets” and other
`
`software programs. (Id. ¶¶ 70, 77.) Thus, as of the ’780 patent’s effective filing
`
`date, a POSA would have understood that software programs downloaded in
`
`accordance with Rubin’s teachings would include programs written in Java. (Id.
`
`¶¶ 79, 88.) A POSA would also have known, based on the way Java is structured,
`
`that such programs would include references to class libraries (or objects) that are
`
`fetched and loaded for execution as required. (Id. ¶¶ 67-70,78-80.)
`
`sf-3591310
`
`16
`
`
`
`To achieve the purpose of Rubin—identifying downloaded software
`
`programs for authentication purposes—when dealing with a program written in
`
`Java, a POSA would naturally have looked to Waldo. (Id. ¶ 79.) Indeed, Waldo’s
`
`objects are Java class libraries that would be necessary for the execution of any
`
`Java content downloaded in accordance with Rubin. (Id.) By combining Waldo’s
`
`disclosure of hashing objects with Rubin’s disclosure of hashing downloads, a
`
`POSA would have a system capable of identifying not only a downloaded software
`
`program but also its referenced Java classes (i.e., its fetched software components).
`
`(Id. ¶ 80.) This is exactly the combination that the ’780 patent contemplates.
`
`(Ex. 1001 at 4:59-61 (“ID generator 315 may prefetch all classes embodied or
`
`identified by the Java™ applet bytecode to generate the Downloadable ID.”).
`
`A POSA would not have had difficulty implementing a combined system.
`
`Sundance, Inc. v. Demonte Fabricating Ltd., 550 F.3d 1356, 1367 (Fed. Cir. 2008).
`
`Rubin and Waldo both teach the well-known concept of hashing to generate unique
`
`identifiers for downloaded content. (Ex. 1002 ¶¶ 81-82.) While Rubin teaches the
`
`use of hashing functions to identify downloaded programs, Waldo teaches the use
`
`of hashing functions to identify their software components. (Id. ¶ 82.) Thus, Rubin
`
`and Waldo both address a common problem: how to accurately identify
`
`downloaded content. (Id.) And they provide the same solution: the use of hashing
`
`functions to generate identifiers. (Id.) Waldo’s more granular approach improves
`
`sf-3591310
`
`17
`
`
`
`upon Rubin’s by allowing more complete identification of not only a downloaded
`
`program itself but also any of its components that need to be fetched. (Id.) A POSA
`
`would have understood that Rubin’s system would benefit from hashing the
`
`software components that a downloaded program references because that would
`
`ensure accurate authentication of the e