`571-272-7822
`
`
`Paper 49
`Entered: March 16, 2017
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`PALO ALTO NETWORKS, INC.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2015-019741
`Patent 7,647,633 B2
`
`____________
`
`
`
`Before, THOMAS L. GIANNETTI, MIRIAM L. QUINN, and
`PATRICK M. BOUCHER Administrative Patent Judges.
`
`QUINN, Administrative Patent Judge.
`
`
`FINAL WRITTEN DECISION
`35 U.S.C. § 318(a) and 37 C.F.R. § 42.73
`
`
`1 Case IPR2016-00480 (filed by Blue Coat Systems, Inc.) has been joined
`with this proceeding.
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`
`Palo Alto Networks, Inc. and Blue Coat Systems, Inc. (“Petitioner”)
`each filed a Petition to institute inter partes review of claims 1−4, 6−8, 13,
`14, 19, 28, and 34 of U.S. Patent No. 7,647,633 B2 (“the ’633 patent”)
`pursuant to 35 U.S.C. § 311−319. IPR2015-01974, Paper 1 (“Pet.”);
`IPR2016-00480, Paper 3. Finjan, Inc. (“Patent Owner”) filed a Preliminary
`Response in both proceedings. IPR2015-01974, Paper 6; IPR2016-00480,
`Paper 8. Upon consideration of the information submitted by the parties at
`the preliminary stage, we instituted trial only as to claims 14 and 19 of the
`’633 patent. Paper 7 (“Dec.”). We also granted Blue Coat Systems, Inc.’s
`motion requesting joinder of IPR2016-00480 with this proceeding.
`Paper 17. We terminated Case IPR2016-00480, and ordered consolidation
`of all Petitioner filings in this proceeding. Id. at 10.
`During trial, Patent Owner filed a Patent Owner Response (Paper 22
`(“PO Resp.”)); and Petitioner filed a Reply (Paper 31 (“Reply”)). Both
`parties filed Motions to Exclude, Oppositions, and Replies in connection
`with those Motions. Papers 35, 36, 39, 40, 42, and 43. We held oral
`argument on January 5, 2017. Paper 48 (“Tr.”).
`We have jurisdiction under 35 U.S.C. § 6. This Final Written
`Decision is issued pursuant to 35 U.S.C. § 318(a). For the reasons discussed
`herein, and in view of the record in this trial, we determine that Petitioner
`has not shown by a preponderance of the evidence that claims 14 and 19 of
`the ’633 patent are unpatentable.
`
`2
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`
`I.
`
`BACKGROUND
`
`A. RELATED MATTERS
`
`Petitioner identifies the ʼ633 patent as the subject of various district
`court cases filed in the U.S. District Court for the Northern District of
`California (Case Nos. 3-14-cv-04908, 13-cv-03133, 13-cv-03999, 5-13-cv-
`04398, 13-cv-05808, and 5-15-cv-01353). Pet. 2. Petitioner also states that
`petitions for inter partes review have been filed regarding other patents
`assigned to Patent Owner. Id.
`The ’633 patent is also the subject of two ex parte reexamination
`proceedings with Control Nos. 90/013,016 and 90/013,652. Paper 46
`(Patent Owner updated mandatory notice pursuant to 37 C.F.R. § 42.8).
`Neither of these ex parte reexamination proceedings involves the claims-at-
`issue in this inter partes review.
`
`B.
`
`THE ’633 PATENT (EX. 1001)
`
`The ’633 patent relates to a system and a method for protecting
`network-connectable devices from undesirable downloadable operation. Ex.
`1001, 1:30−33. The patent describes that “Downloadable information
`comprising program code can include distributable components (e.g. JavaTM
`applets and JavaScript scripts, ActiveXTM controls, Visual Basic, add-ins
`and/or others).” Id. at 1:60−63. Protecting against only some distributable
`components does not protect against application programs, Trojan horses, or
`zip or meta files, which are other types of Downloadable information. Id. at
`1:63−2:2. The ’633 patent “enables more reliable protection.” Id. at
`2:27−28. According to the Summary of the Invention,
`
`3
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`
`In one aspect, embodiments of the invention provide for
`determining, within one or more network “servers” (e.g.
`firewalls,
`resources, gateways, email
`relays or other
`devices/processes that are capable of receiving-and-transferring
`a Downloadable) whether received
`information
`includes
`executable code (and is a “Downloadable”). Embodiments also
`provide for delivering static, configurable and/or extensible
`remotely operable protection policies to a Downloadable-
`destination, more typically as a sandboxed package including
`the mobile protection code, downloadable policies and one or
`more received Downloadables. Further client-based or remote
`protection code/policies can also be utilized in a distributed
`manner. Embodiments also provide for causing the mobile
`protection code to be executed within a Downloadable-
`destination in a manner that enables various Downloadable
`operations to be detected, intercepted or further responded to
`via protection operations. Additional server/information-
`destination device security or other protection is also enabled,
`among still further aspects.
`
`Id. at 2:39−57.
`
`
`C.
`
`CHALLENGED CLAIMS
`
`Challenged claims 14 and 19 are reproduced below.
`14. A computer program product, comprising a
`computer usable medium having a computer readable program
`code therein, the computer readable program code adapted to be
`executed for computer security, the method comprising:
`providing a system, wherein the system comprises
`distinct software modules, and wherein the distinct software
`modules comprise an information re-communicator and a
`mobile code executor;
`receiving, at the information re-communicator,
`downloadable-information including executable code; and
`causing mobile protection code to be executed by the
`mobile code executor at a downloadable-information
`destination such that one or more operations of the executable
`
`4
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`
`code at the destination, if attempted, will be processed by the
`mobile protection code.
`
`19. The method of claim 14, wherein the re-
`communicator is at least one of a firewall and a network server.
`
`Id. at 21:58–22:5, 22:15−16.
`
`
`INSTITUTED GROUNDS
`
`D.
`We instituted inter partes review of claims 14 and 19 based on the
`following grounds (Dec. 13−16):
`Reference(s)
`
`Shin2
`Poison Java3 and Brown4
`
`Basis
`§ 103
`§ 103
`
`Claims
`14 and 19
`14 and 19
`
`Petitioner supports its contentions of unpatentability with a
`declaration from Dr. Aviel Rubin. Ex. 1002. Patent Owner supports its
`contentions of patentability with a declaration from Dr. Michael Goodrich.
`Ex. 2019. Patent Owner also proffers as support a declaration from Dr.
`Harry Bims (Ex. 2020) and Michael Kim (Ex. 2021). The
`cross-examinations of Drs. Rubin, Goodrich, and Bim are in the record as
`Exhibits 2022, 1097, and 1098, respectively.
`
`
`2 Insik Shin, et al., Java Bytecode Modification and Applet Security
`(Technical Report, Computer Science Dept., Stanford University, 1998),
`https://web.archive.org/web/19980418130342/http://www-cs-
`students.stanford.edu/~ishin/reserach.html (Ex. 1009) (”Shin”).
`3 Eva Chen, Poison Java, IEEE SPECTRUM, August 1999 at 38 (Ex. 1004).
`4 Mark W. Brown, et al., SPECIAL EDITION USING NETSCAPE 3, (Que Corp.
`1996) (Ex. 1041) (“Brown”).
`
`5
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`
`II. ANALYSIS
`A. CLAIM INTERPRETATION
`In an inter partes review, claim terms in an unexpired patent are
`interpreted according to their broadest reasonable construction in light of the
`specification of the patent in which they appear. 37 C.F.R. § 42.100(b);
`Cuozzo Speed Techs., LLC v. Lee, 136 S. Ct. 2131, 2142–46 (2016).
`Consistent with that standard, claim terms also are given their ordinary and
`customary meaning, as would be understood by one of ordinary skill in the
`art in the context of the entire disclosure. See In re Translogic Tech., Inc.,
`504 F.3d 1249, 1257 (Fed. Cir. 2007). Although it is improper to read a
`limitation from the specification into the claims, In re Van Geuns, 988 F.2d
`1181, 1184 (Fed. Cir. 1993), claims still must be read in view of the
`specification of which they are a part. Microsoft Corp. v. Multi-Tech Sys.,
`Inc., 357 F.3d 1340, 1347 (Fed. Cir. 2004).
`In our Decision on Institution, we did not construe expressly any
`claim terms. During trial, Patent Owner proposed a construction for the
`following phrase: “causing mobile protection code to be executed by the
`mobile code executor at a downloadable-information destination such that
`one or more operations of the executable code at the destination, if
`attempted, will be processed by the mobile protection code.” PO Resp.
`12−13. Patent Owner urges the Board to construe the phrase according to its
`plain and ordinary meaning, with the explanation that “the mobile protection
`code was communicated to the downloadable-information destination
`without modifying the executable code.” Id. Patent Owner argues that a
`District Court has construed the phrase and concluded that “[i]t is clear from
`the specification that the MPC [(mobile protection code)], does not modify
`
`6
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`the executable code.” Id. at 13 (citing Ex. 1036, 9). In particular, Patent
`Owner points out the District Court’s reliance on a stated advantage of the
`’633 patent invention: protecting against malicious operations without
`modifying the mobile code and the specification’s statements distinguishing
`the invention from the prior art on this basis. Id. at 13−14 (citing Ex. 1001
`at 4:12−16, 10:39−44). Patent Owner also relies on various expert
`declarations submitted in connection with the District Court litigation. Id. at
`15−16.
`Petitioner counters that the Board should construe the phrase under
`the broadest reasonable interpretation, and that under that interpretation the
`claim language should be given its plain and ordinary meaning. Reply 2−3.
`Petitioner, however, argues that the “without modification” aspect of Patent
`Owner’s proposed construction is supported by neither the claim language
`nor the specification. Id. at 3−5. Moreover, Petitioner argues that a Finjan
`expert, Dr. Harry Bims, although opining on issues of secondary
`considerations of nonobviousness (Ex. 2020), confirms that Patent Owner’s
`proposed construction is at odds with the plain and ordinary meaning of the
`phrase. Id. at 5−7.
`Claim 14 is directed to a computer program product adapted to
`execute three steps. The first step is directed to providing a system of
`software modules, one of which is a re-communicator, the other being a
`mobile code executor. In the second step, the re-communicator receives
`“downloadable-information including executable code.” In the third and
`final step, the executable code is processed at the destination by the mobile
`protection code, if one or more operations in that code are attempted. The
`issue before us is whether the executable code at the destination could be a
`
`7
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`modified code, in comparison to the executable code that the
`re-communicator received. Having reviewed the evidence and arguments
`proffered by both parties on this issue, we determine that the claimed
`“executable code” is not modified prior to being processed by the mobile
`protection code at the destination.
`First, we note that the claim language, itself, is silent regarding the
`modified or unmodified status of the “executable code” at the destination.
`The omission, however, is not dispositive because the language of claim 14
`focuses on the functionality of the mobile protection code vis-à-vis the
`executable code. For example, the claim focuses on execution of the mobile
`protection code at a downloadable-information destination to process the
`“one or more operations of the executable code at the destination, if
`attempted.” Ex. 1001, 22:1−4. The claim language, therefore, implies that
`the protection from malicious code is provided by the mobile protection
`code processing the attempted operations of the downloaded executable
`code. Considering the objective of the invention is to protect a computer
`from “malicious” operations, we understand claim 14 to require processing
`the executable code which may result in malicious operations, as received, at
`the intended computer destination via the mobile protection code. In other
`words, the claim language may be understood to require that the “executable
`code” received at the re-communicator is the same code whose “one or more
`operations” are being processed at the destination by the mobile protection
`code. See PO Resp. 14−15 (citing Ex. 2019, the Goodrich Declaration,
`¶ 36).
`Petitioner argues that the broader interpretation consistent with a plain
`and ordinary meaning may not require that the entire “executable code”
`
`8
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`received at the re-communicator is the same executable code processed at
`the destination. Reply 3. At oral argument, Petitioner agreed that the
`claimed “executable code” at the destination recites an antecedent that refers
`back to the received executable code, and is the same code. Tr. 9:8−14. The
`claim language, according to Petitioner, although referring to the same code,
`does not resolve the issue whether some of the executable code processed at
`the destination may be modified. Id. at 9:15−25; 10:22−11:10 (Petitioner
`arguing that the claimed “one or more operations” of the executable code at
`the destination “could refer to either modified or unmodified.”). We agree
`with Petitioner that although the claim language refers to the executable
`code being received at the destination, the question of whether operations of
`the code may be modified is unanswered by the claim language alone. Our
`inquiry, however, is not based on the claim language in a vacuum, as the
`appropriate meaning of the claim language emerges when viewing the claim
`in the context of the specification. See Innova/Pure Water, Inc. v. Safari
`Water Filtration Sys., Inc., 381 F.3d 1111, 1116 (Fed. Cir. 2004) (stating
`that the specification provides context and may be relied on to understand
`the meaning of the claim).
`We acknowledge that the specification does not define “executable
`code” or any of the words of the disputed claim phrase. With regard to the
`executable code and its processing, we note that the background of the
`invention fairly describes it as “program code”: “It is observed by this
`inventor for example, that Downloadable information comprising program
`code can include distributable components . . . .” Ex.1001, 1:60−63. There
`is also a reference in the specification to “application programs,” and
`programs in various forms: “[Downloadable information] can also include,
`
`9
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`for example, application programs, Trojan horses, multiple compressed
`programs such as zip or meta files, among others.” Id. 1:63−66; see also
`2:29−33 (“remotely operable code that is protectable against can include
`downloadable application programs, Trojan horses and program code
`groupings, as well as software ‘components,’ such as JavaTM applets,
`ActiveXTM controls, JavaScriptTM/Visual Basic scripts, add-ins, etc., among
`others.”). From these descriptions, we conclude that it would be apparent to
`a person of ordinary skill that the claimed “executable code” was meant to
`include programs or computer instructions that are executed by a computer.
`The executable nature of the “executable code” is essential to the nature of
`the problem addressed by the ’633 patent claims, i.e., virus protection.
`According to the background of the invention, a virus is “potentially system-
`fatal or otherwise damaging computer code.” Id. at 1:40−44 (emphasis
`added).
`In describing the problems with the virus protection systems in the
`prior art, the inventors recognized known techniques for protecting a sub-set
`of executable code, namely only Java applets and ActiveX controls. Id. at
`1:65−2:2. But more importantly, the inventors disclosed that this prior art,
`specifically U.S. Patent No. 5,983,348 to Shuang, Ji (Ex. 2006,
`“Shuang-Ji”), was resource intensive, used high bandwidth static and
`operational analysis of the downloadable content, and modified the
`Downloadable component. Id. at 2:2−4.5 According to the inventors,
`
`
`5 Shuang-Ji is directed to scanning an applet at a server to identify
`problematic instructions, which are then instrumented by inserting special
`code before and after each problematic instruction. Ex. 2006, 3:16−31.
`Alternatively, the problematic instruction may be replaced. Id.
`
`10
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`Shuang-Ji also lacked the efficiency and flexibility afforded by the
`invention. Id. at 2:10−13. The embodiments of the ’633 patent all involve
`receiving at, or sending to, a downloadable destination, a mobile protection
`code and the downloadable information that includes the executable code.
`Id. at 2:39−3:62.
`The mobile protection code is installed at the user device
`(downloadable destination) and monitors resource access attempts by the
`executable code in the downloadable information, such that those attempts
`may be dealt with in a variety of ways. Id. at 3:63−4:10. One of those ways
`includes the option of “modifying the Downloadable operation.” Id.
`However, it is important to note that the mobile protection code, being
`executed at the client, is not described as modifying the executable code
`itself before or after the executable code is received at the destination. The
`relevance of this passage is that, notwithstanding the threat of the malicious
`operations, the destination executes the instructions in the executable code.
`The mobile protection code intercepts the potentially malicious operations
`resulting from the execution of those instructions. In sum, all the
`embodiments described in the ’633 patent defer the processing of the
`malicious operations to the destination, with one of those processing options
`being the modification of the operation. However, no embodiment describes
`modification of the executable code itself.
`
`
`
`
`
`Nevertheless, the instrumentation occurs at a server, and the instrumented
`applet is downloaded to the client. Id. at 3:32−35. In other words, the
`applet, or executable code, is modified at the server before delivery to the
`client.
`
`11
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`
`In addition to providing the above descriptions of the executable code,
`we find that the specification expressly describes an advantage of
`non-modification of the executable code as follows:
`Advantageously, systems and methods according
`to embodiments of the invention enable potentially
`damaging, undesirable or otherwise malicious operations
`by even unknown mobile code to be detected, prevented,
`modified and/or otherwise protected against without
`modifying the mobile code. Such protection is further
`enabled in a manner that is capable of minimizing server
`and client resource requirements, does not require pre-
`installation of security code within a Downloadable-
`destination, and provides for client specific or generic
`and readily updateable security measures to be flexibly
`and efficiently implemented.
`
`Ex. 1001, 4:11−21 (emphasis added). This passage uses the phrase “mobile
`code” not “executable code.” We find, however, that the “mobile code”
`being referred to here is the code that may result in the potentially malicious
`operations sought to be prevented. Id. (referring to enabling detection of
`“potentially damaging, undesirable or otherwise malicious operations by
`even unknown mobile code”) (emphasis added). Thus, this passage is
`consistent with the statements regarding the difference between Shuang-Ji’s
`modification of the downloadable component, i.e. executable code. See e.g.,
`id. at 1:63−2:6 (referring to Shuang-Ji requiring modification of the
`“Downloadable component,” which is a Java applet or ActiveX controls
`components included in the Downloadable information). In sum, while the
`prior art modifies the downloadable component, the claimed invention does
`not. And this is an advantage touted by the inventors in describing that
`communicating the mobile protection code separate from the downloadable
`that includes executable code is more accurate and “far less resource
`
`12
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`intensive than, for example, performing content and operation scanning,
`modifying a Downloadable, or providing completely
`Downloadable-destination based security.” Id. at 10:39−45.
`Notwithstanding the specification passages analyzed above, Petitioner
`asserts that embodiments of the ’633 patent specification disclose
`modification of the executable code. Reply 4−5. Specifically, Petitioner
`points out the following passage: “[T]he IAT [(API Import Address Table)]
`can be modified so that any call to an API can be redirected to a function
`within the MPC [mobile protection code].” Id. at 4 (citing Ex. 1001,
`17:51−53); Tr. 12:11−13:8. As further evidence of modification of
`executable code embodiments, Petitioner argues the description of
`compression, encryption, or encoding of executable code discloses modified
`executable code. Id. (citing Ex. 1001, 13:29−30). As support, Petitioner
`alleges that Patent Owner’s expert agrees that compression comprises
`modification. Id. at 5 (citing Ex. 1100, 173:22−174:16).
`We are not persuaded by Petitioner’s arguments. First, we find that
`the embodiment concerning the IAT table modification does not disclose
`modification of executable code. The embodiment Petitioner refers to
`describes the functionality of the mobile protection code after installation at
`the destination. Ex. 1001, 17:13−19 (describing an embodiment shown in
`Figure 7a of the client receiving a sandbox package and initiating a mobile
`code installer, which initiates the mobile protection code); 17:28−42
`(describing that the mobile protection code intercepts an operation, and, as
`one example, limits access to resources, such as address space, in the event
`the operation is malicious). As explained above, the specification does
`describe modification of operations performed at the destination when the
`
`13
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`mobile protection code detects malicious code. But the modifications are (1)
`to the operation resulting from execution of the executable code; and (2) at
`the destination, after the executable code has been received at the
`destination. The IAT embodiment Petitioner points to is one such
`embodiment, where the mobile protection code modifies an operation at the
`destination. For instance, the mobile protection code loads in memory the
`executable code, shown in Figure 7a as “XEQ” 343. Id. at 17:43−47. The
`IAT, illustrated as “API” 731 in Figure 7b, is loaded in memory also so that
`the mobile protection code can access the table and divert the access
`attempts of the executable code to an analyzer. See id. at 17:58−63 (stating
`that initial access to the IAT provides for diverting, evaluating, and
`responding to attempts by the downloadable to utilize system APIs);
`18:20−24 (describing that a resource access diverter modifies that IAT
`entries causing access attempts to be diverted to the resource access
`analyzer). In short, the ’633 patent specification describes modification of
`the IAT after the executable code in the downloadable has been received and
`as part of the processing of the malicious operations by the mobile
`protection code.
`Given the above disclosure, arguments by the parties regarding
`whether the IAT is executable and whether the IAT is part of the
`downloadable are not germane to our determination. See Tr. 14:13−15:5
`(Petitioner asserting that the IAT is part of the downloadable); 43:6−13
`(Patent Owner arguing that the IAT is not executable code and the
`modification occurs at the client once the mobile protection code has access
`to it). As stated above, we find that the IAT disclosure in the ’633 patent
`describes the claimed processing by the mobile protection code of the
`
`14
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`attempted operations of the executable code. This disclosure does not
`support Petitioner’s assertion that the specification contemplates
`modification of the executable code prior to sending it to the client for
`processing there.6 Indeed, such a disclosure would be contrary to the stated
`advantages and distinctions discussed above of mobile protection code that
`detects, prevents, and modifies malicious operations of executable code,
`without modifying such executable code.
`Finally, we address whether the alleged disclosure of compression,
`encryption, and encoding supports Petitioner’s contention that the ’633
`patent specification discloses modification of executable code. Reply 4−5
`(citing Ex. 1001 at 13:29−30). Patent Owner contends that the disclosure of
`compression, encryption, and encoding does not disclose modification of the
`executable code. Tr. 39:3−40:15. One of the confusing aspects of this case
`is that evidence proffered by Petitioner as supporting its claim construction
`position is taken from Patent Owner’s evidence submitted during the District
`Court litigation, before the Court there ruled against Patent Owner on this
`issue. For instance, Petitioner points to Dr. Rubin’s testimony during
`cross-examination as supporting the contention that compression constitutes
`modification. Reply 4−5 (citing Ex. 2022, 108:4−11). Upon close
`inspection, however, we understand that Dr. Rubin read into the record
`portions of Finjan’s brief on claim construction submitted in the District
`Court litigation. Ex. 2022, 107:4−108:11 (referring to Plaintiff Finjan, Inc.’s
`
`
`6 We also disagree with Petitioner that Dr. Goodrich’s testimony supports
`Petitioner’s position on this issue. Dr. Goodrich testified that although the
`’633 patent describes modifying the IAT, that modification does not
`constitute modifying the downloadable. Ex. 1097, 25:7−27:19.
`
`15
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`Opening Claim Construction Brief (Exhibit 1039), page 17 (Petitioner’s
`pagination in the footer of the exhibit), sentence starting at line 15).7 The
`reality here is that Patent Owner was not successful in persuading the
`District Court that the disputed ’633 patent claims (including claim 14) are
`broad enough to encompass communicating both un-modified and modified
`executable code to a client. See Ex. 1036, 8−15; Tr. 41:10−42:14 (Patent
`Owner explaining that Finjan adopted the district court’s construction, did
`not object to it even though it was not the construction it proffered, and that
`it has not raised this issue on appeal). The intrinsic record is sufficiently
`clear that we have no need to rely on expert testimony presented in District
`Court.8 And the intrinsic record does not show that operations of
`compression, encryption, and encoding constitute a modification of
`executable code. The ’633 patent discloses “restoring” the downloadable,
`not modifying it. Ex. 1001, 13:29−32. That is, if a downloadable is
`received in a compressed format, it is decompressed to detect whether there
`is executable code. Id. The downloadable then is restored to its compressed
`format for transmission and subsequent processing at the client. Id. This is
`not teaching modification of executable code because the code itself remains
`unchanged.
`To conclude, our determination is based on the plain and ordinary
`meaning of the claims within the context of the specification. First,
`
`7 Similarly, Petitioner relies on testimony from the deposition of Finjan’s
`expert in the District Court litigation, Dr. Nenad Medvidovic, Exhibit 1100.
`Reply 5 (citing Ex. 1100).
`8 We do not rely on expert testimony also because extrinsic evidence may not
`be used to contradict claim meaning that is unambiguous in light of the intrinsic
`record. Summit 6, LLC v. Samsung Elecs. Co., 802 F.3d 1283, 1290 (Fed. Cir.
`2015).
`
`16
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`according to the entire disclosure of the ’633 patent specification the
`executable code is received at the destination without modification. See
`Vitronics Corp. v. Conceptronic, Inc., 90 F.3d 1576, 1582 (Fed. Cir. 1996)
`(the specification is “the single best guide to the meaning of a disputed
`term,” and “acts as a dictionary when it expressly defines terms used in the
`claims or when it defines terms by implication.”). “The specification may
`define claim terms ‘by implication’ such that the meaning may be ‘found in
`or ascertained by a reading of the patent documents.’” Bell Atl. Network
`Servs., Inc. v. Covad Communications Group, Inc., 262 F.3d 1258, 1268
`(Fed.Cir.2001) (quoting Vitronics, 90 F.3d at 1582, 1584 n. 6). We also
`confirm the scope of the “executable code” in light of the advantage of the
`invention, e.g., to protect against malicious code without modifying the
`executable code, thereby minimizing resources. See Toro Co. v. White
`Consol. Indus., Inc., 199 F.3d 1295, 1301 (Fed. Cir. 1999) (construing a ring
`as permanently attached to the cover because all embodiments read together
`suggest this relationship and the specification describes the advantages of
`the unitary structure). Although the specification describes additional
`advantages, such as not requiring pre-installation of security code within the
`destination, the claims need not encompass all stated advantages. See
`Golight, Inc. v. Wal-Mart Stores, Inc., 355 F.3d 1327, 1331 (Fed. Cir. 2004)
`(“[P]atentees [are] not required to include within each of their claims all of
`[the] advantages or features described as significant or important in the
`written description.”). Finally, all the embodiments are consistent with and
`support the inventors’ characterization of the problem solved: avoiding the
`resource intensive modification by communicating to the destination the
`mobile protection code and the detected executable code. See Ex. 1001,
`
`17
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`10:39−45; 1:63−3:6; see also O.I. Corp. v. Tekmar Co., 115 F.3d 1576, 1581
`(Fed. Cir. 1997) (relying on the consistent disclosure of structures as being
`either non-smooth or conical and the statements distinguishing prior art
`where structures were smooth). In light of the disclosure, the plain and
`ordinary meaning of the disputed claim language emerges: the executable
`code whose operations are processed by the mobile protection code at the
`destination is the same as the executable code received, i.e., it undergoes no
`modification.
`In sum, we determine that the “executable code” at the destination is
`not modified.
`
`B.
`
`PRINTED PUBLICATION ISSUES
`
`The three asserted references are non-patent documents. Shin (Ex.
`
`1009) is an article that Petitioner alleges was publicly available via the
`Internet in 1998. Pet. 29. Poison Java (Ex. 1004) is an article that Petitioner
`asserts was published in the August 1999 issue of the IEEE Spectrum
`magazine. Pet. 25. And Brown (Ex. 1041) is a guide to the Netscape
`browser and appears to be a book that Petitioner asserts was published in
`1996. Pet. 27. Patent Owner argues that Petitioner did not meet its burden
`in showing that the three references are printed publications. Based on our
`review of the evidence of record, we determine that Shin, Poison Java, and
`Brown are printed publications as described further below.
`1. Shin
`On the face of this article, we note that there are no indicia of
`
`publication or dissemination. See Ex. 1009. Petitioner, however, has
`provided other evidence establishing that Shin was publicly available no
`later than April 1998. A printout of the website directed to Mr. Shin’s
`
`18
`
`
`
`IPR2015-01974
`Patent 7,647,633 B2
`
`research at Stanford, and archived by archive.org, shows that the article’s
`title was listed and that the article was publicly available through the Internet
`as of April 14, 1998. Ex. 1095. As explained in the affidavit proffered by
`Christopher Butler, Office Manager of Internet Archive, the URL format for
`captured website, “19980418130342/http://www-cs-
`students.stanford.edu/~ishin/research.html,” establishes that the website
`posting the abstract