U.S. Patent 9,098,685
`Petition for Inter Partes Review
`
`Docket No.: 0100157.00269US1
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`PATENT:
`
`9,098,685
`
`INVENTORS: LAURENCE HAMID
`
`FILED:
`
`ISSUED:
`
`TITLE:
`
`MAY 19, 2004
`
`AUGUST 4, 2015
`
`FLEXIBLE METHOD OF USER AUTHENTICATION
`
`
`
`___________________________________________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________________________________________
`
`EMC Corporation
`Petitioner
`
`v.
`
`ActivIDentity, Inc.
`Patent Owner
`
`
`
`PETITION FOR INTER PARTES REVIEW OF U.S. PATENT NO. 9,098,685
`UNDER 35 U.S.C. § 312 AND 37 C.F.R. § 42.104
`
` &
`
`
`
`
`Intellectual Ventures I, LLC
`Exclusive Licensee
`
`Case IPR2017-00338
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`
`TABLE OF CONTENTS
`
`Introduction .......................................................................................................... 1 
`I. 
`II.  Mandatory Notices ............................................................................................... 2 
`A.  Real Party-in-Interest .................................................................................... 2 
`B.  Related Matters ............................................................................................. 2 
`C.  Counsel .......................................................................................................... 2 
`D.  Service Information ....................................................................................... 2 
`III. Certification of Grounds for Standing ................................................................. 3 
`IV. Overview of Challenge and Relief Requested ..................................................... 3 
`A.  Prior Art Patents and Printed Publications .................................................... 3 
`B.  Level of Ordinary Skill in the Art ................................................................. 4 
`C.  Relief Requested ........................................................................................... 4 
`V.  Overview of the ’685 Patent ................................................................................ 4 
`A.  The Alleged Invention .................................................................................. 4 
`B.  Summary of the Prosecution History ............................................................ 9 
`VI. Claim Construction ............................................................................................ 14 
`A.  “security policy” (claims 1, 9, and 19) ....................................................... 15 
`B.  “authorization method” (claims 1, 9, and 19 ) ............................................ 16 
`VII.  GROUNDS FOR CHALLENGE ............................................................... 16 
`A.  Overview of Prior Art ................................................................................. 18 
`B.  Ground 1: Claims 1, 3, 5, 7-9, 11, 13, 15, 16, and 19 are anticipated by
`Wood ........................................................................................................... 33 
`C.  Ground 2: Claims 1, 3, 5, 7-9, 11, 13, 15, 16, and 19 are obvious over
`Wood in view of the Neuman 1999 IETF Draft ......................................... 54 
`VIII.  Conclusion ................................................................................................... 67 
`
`
`
`
`
`i
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`
`I.
`
`INTRODUCTION
`
`U.S. Pat. No. 9,098,685 (“the ’685 patent,” Ex. 1001) concerns security
`
`policies and authorizations methods. In short, computing conditions, such as the
`
`type of communication link, the user’s geographic location, and/or the time of
`
`access, are used to determine a “security policy,” and an “authorization method” to
`
`flexibly govern access to a workstation or data. For example, if a workstation is
`
`located in a “less than secured location,” a security policy may require a “high
`
`security” authorization method, whereas a workstation at corporate headquarters
`
`may use a more “normal” level of security authorization. (Ex. 1001, 7:30-35.)
`
`However, there was nothing new about the concepts and specific techniques
`
`underlying the ‘685 patent. Indeed, years before the ’685 patent, flexible
`
`approaches to security and authorization were used to govern access to computer
`
`resources. For example, Drs. Neuman and Ryutov described techniques to express
`
`and evaluate security policies, which considered time, type of connection, and
`
`location, among other conditions. (See, e.g., “Neuman 1999 IETF Draft” or
`
`“Neuman”, Ex. 1005, at 8) Similarly, Wood et al., like the ‘685 patent, used the
`
`same computing conditions to determine relevant security policies and
`
`authorization methods to govern access to various types of secure resources,
`
`including workstations. (See, e.g., US 6,691,232 to Wood et al. or “Wood”, Ex.
`
`1011, Abstract.)
`
`1
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`EMC accordingly requests that the Board grant this petition and institute an
`
`inter partes review of the ’685 patent.
`
`II. MANDATORY NOTICES
`A. Real Party-in-Interest
`EMC Corporation (“EMC” or “Petitioner”) is a real party in interest. Dell
`
`Inc., Denali Intermediate Inc., Dell Technologies Inc., and RSA Security LLC may
`
`also be considered real parties in interest.
`
`B. Related Matters
`According to the USPTO patent assignment database, the ’685 patent is
`
`currently assigned to ActivIDentity, Inc. (hereinafter, “Patent Owner”).
`
`On May 10, 2016, the ’685 patent was asserted against Petitioner by
`
`Intellectual Ventures I, LLC (hereinafter, “Intellectual Ventures” or “IV”) in the
`
`U.S. District Court for the District of Massachusetts. Intellectual Ventures I, LLC
`
`et al. v. Lenovo Group Ltd. et al., Civil Action No. 1:16-cv-10860- IT. In its
`
`complaint, IV asserts that it is the exclusive licensee of the ’685 patent.
`
`C. Counsel
`Lead Counsel:
`Peter M. Dichiara (Registration No. 38,005)
`
`Backup Counsel: Arthur Shum (Registration No. 74,973)
`
`Service Information
`
`D.
`E-mail: peter.dichiara@wilmerhale.com, arthur.shum@wilmerhale.com
`
`Post and Hand Delivery: WilmerHale, 60 State St., Boston MA 02109
`
`2
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`
`Telephone: 617-526-6000
`
`Petitioner consents to service by email.
`
`III. CERTIFICATION OF GROUNDS FOR STANDING
`Petitioner certifies pursuant to Rule 42.104(a) that the ’685 patent is
`
`available for inter partes review and that Petitioner is not barred or estopped from
`
`requesting an inter partes review challenging the patent claims on the grounds
`
`identified in this Petition.
`
`IV. OVERVIEW OF CHALLENGE AND RELIEF REQUESTED
`Pursuant to Rules 42.22(a)(1) and 42.104(b)(1)-(2), Petitioner challenges
`
`claims 1, 3, 5, 7-9, 11, 13, 15, 16, and 19 of the ’685 patent (the “challenged
`
`claims”) and requests that each challenged claim be canceled.
`
`Prior Art Patents and Printed Publications
`
`A.
`Petitioner relies upon the patents and printed publications listed in the Table
`
`of Exhibits, including:
`
`1. U.S. Patent No. 6,691,232 to Wood et al., filed Aug. 5, 1999. (“Wood”, Ex.
`
`1011).
`
`2. Tatyana Ryutov and Clifford Neuman, “Access Control Framework for
`
`Distributed Applications,” Internet-Draft published with the Internet
`
`Engineering Task Force (IETF) on June 23, 1999. (“Neuman 1999 IETF
`
`Draft” or “Neuman”, Ex. 1005).
`
`3
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`
`Level of Ordinary Skill in the Art
`
`B.
`The ’685 patent relates to the field of computer systems security. At the time
`
`the ’685 patent was filed, a person of ordinary skill in this field would have had at
`
`least a bachelor’s degree in computer science or electrical engineering and 3-5
`
`years of professional experience in computer systems security, or a master’s or
`
`doctorate and 1-2 years of professional experience in computer systems security, or
`
`equivalent academic experience. Such a person would have been familiar with
`
`designing and implementing computer systems security, and would have been
`
`aware of design trends relating to selecting and applying security policies, and
`
`methods of authenticating and authorizing users. (Ex. 1002, ¶ 20.)
`
`C. Relief Requested
`Petitioner requests that the Patent Trial and Appeal Board cancel the
`
`challenged claims because they are unpatentable under 35 U.S.C. §§ 102 and 103
`
`as set forth in this Petition. This conclusion is supported by the declaration of
`
`Clifford Neuman, Ph.D. (“Neuman Declaration,” Ex. 1002), filed herewith.
`
`V. OVERVIEW OF THE ’685 PATENT
`A. The Alleged Invention
`The ’685 patent purports to describe an improved method of authorizing a
`
`user to access a workstation or secured data. (Ex. 1001, 1:13-19; id. at 2:64-3:2.)
`
`The patent recognizes that security systems based on pre-set codes, passwords,
`
`biometric identification, and “predetermined combinations” of these measures
`
`4
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`were well known in the art. (Ex. 1001, 1:22-53; 2:48-50.) The ’685 patent also
`
`admits that organizations typically included additional security processes for
`
`remote access to their sites. (Ex. 1001, 2:54-63.) However, the patent criticizes
`
`these prior art systems as being “fixed.” (Ex. 1001, 2:46-63; see also 1:40-45 and
`
`2:22-29.) (Ex. 1002, ¶ 21.)
`
`The ’685 patent purports to solve these shortcomings by using a “flexible”
`
`approach to authorization that varies based on “computing conditions,” including
`
`any one or more of: (1) the type of communication link being used, (2) the
`
`geographical location of the workstation, and/or (3) the time of access. According
`
`to the patent, a “security policy” is determined from a set of predetermined security
`
`policies based on previously stored policy data and the computing conditions. And
`
`an authorization method is then determined from this security policy and the
`
`computing conditions. (Ex. 1001, claim 1; 3:19-34; 5:55-6:2.) (Ex. 1002, ¶ 22.)
`
`Figure 3A and 3B of the ’685 patent provide examples of the relevant
`
`components. In Figure 3A, reproduced below, a workstation 10 is connected to a
`
`security server 13 though a communication link 15. (Ex. 1001, 5:18-22.) The
`
`security server 13 stores policy data and also controls access to secured data on
`
`data server 19. Workstation 10 is also connected to a user data input device 14
`
`(e.g., smart card reader or a biometric sampling device), and to keyboard 12. (Ex.
`
`1001, 5:22-28.) Figure 3B is similar to Figure 3A but concerns a mobile
`
`5
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`workstation 10a that is connected to the security server using an unsecured
`
`communication link 15a. (Ex. 1001, 5:33-45) (Ex. 1002, ¶¶ 24-25.)
`
`’685 Patent (Ex. 1001), Fig. 3A
`
`
`
`A user requesting access to secured data stored in data server 19 provides
`
`user information (e.g., a password or fingerprint scan) to the user input device 14
`
`of workstation 10, which forwards this user information to the security server 13.
`
`(Ex. 1001, 5:46-54; 7:35-46; 6:63-65.) The workstation 10 also provides
`
`“workstation data” (also referred to as “computing conditions”) to security server
`
`13, such as “the geographical location of the workstation, the time the request for
`
`access is being performed, the type of the request, and so forth.” (Ex. 1001, 7:43-
`
`46; see also 6:3-4.) (Ex. 1002, ¶ 26.)
`
`After receiving the data indicating the computing conditions, the security
`
`server then determines an applicable security policy. The security server
`
`6
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`determines the applicable security policy based on previously stored policy data
`
`and “computing conditions” such as the type of user data input device, the
`
`geographic location of the workstation, the type of communication link between
`
`the workstation and the security server, user ID, the data being accessed, the type
`
`of data being accessed, and the country. (Ex. 1001, 5:64-6:2; 6:29-33; 7:17-30.)
`
`(Ex. 1002, ¶ 27.)
`
`Some of these security policies can be very simple conditional policies that
`
`vary based on time or location. For example, the patent discusses a security policy
`
`where a user requesting access to information is automatically denied between the
`
`hours of midnight and 6 a.m. (Ex. 1001, 7:55-58.) The patent also describes
`
`different security policies for military personnel, including policies that vary based
`
`on location (Ex. 1001, 9:55-62.) (Ex. 1002, ¶ 27.)
`
`Once it determines the applicable security policy, the security server 13
`
`determines an authorization method (Ex. 1001, 5:55-58) from the determined
`
`security policy and the computing conditions. (Ex. 1001, 5:64-6:2.) In this regard,
`
`the ’685 patent discloses several examples of different authorization methods,
`
`including methods that use a “smart card reader” (Ex. 1001, 5:24-27), a “biometric
`
`sampling device such as a fingerprint imager, a voice recognition system, a retinal
`
`imager or the like” (id.), “password[s]” (id. at 4:63-65), and “card based user
`
`authentication” (id.; see also 6:49-65 (“Granting the user access 23 to the secured
`
`7
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`data is in accordance with the determined at least an authorization method…. [T]he
`
`previously stored policy data determines the type of user data that is required from
`
`the security device…. Examples of user data are biometric data and password data,
`
`but are not limited thereto.”) (Ex. 1002, ¶ 28.)
`
`For example, the ’685 patent explains that a mobile workstation 10a located
`
`in a less than secured location preferably uses a “high” security authentication
`
`process, whereas the same workstation at corporate headquarters uses a more
`
`“normal” level of security authentication. (Ex. 1001, 7:30-35.) Therefore, a general
`
`that requests access to a protected resource from an allied country might be
`
`subjected to one authorization method, whereas the same general may be subjected
`
`to another, more rigorous authorization method when requesting access from a
`
`non-allied country. (Ex. 1001, 8:26-45; 9:8-15.) (Ex. 1002, ¶ 29.)
`
`After the authorization method is determined, the security server then uses
`
`the determined authorization method to authorize the user’s request to access the
`
`protected resource. This involves receiving user identification data (e.g., a
`
`password or fingerprint) (Ex. 1001, 6:63-65), and comparing the user identification
`
`data with previously stored user data (e.g., a previously stored password or
`
`fingerprint corresponding to an authorized user) (Ex. 1001, 5:57-61.) The specific
`
`type of user identification data that the security server asks for and compares will
`
`depend on the determined authorization method. (Ex. 1001, 6:40-54.) If the
`
`8
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`received user identification data matches the previously stored user data, the
`
`security server identifies the user and can authorize the user to access secured data.
`
`(Ex. 1001, 5:61-63.) (Ex. 1002, ¶ 30.)
`
`Summary of the Prosecution History
`
`B.
`The ’685 patent (Ex. 1001) issued from U.S. Patent Appl. No. 10/847,884,
`
`filed on May 19, 2004, and is a continuation-in-part of U.S. Patent Appl. No.
`
`09/625,548 (now U.S. Patent No. 7,137,008 (the ’008 patent), Ex. 1031).1
`
`The applicants initially sought claims directed to determining an
`
`authorization method to apply to a particular access request based on “data relating
`
`to a workstation of the user,” without any further limitations regarding what the
`
`workstation data had to include, or how this determination was to be done. (Ex.
`
`1025 (Preliminary Amendment dated 8/4/2006), claim 25.) The Patent Office
`
`
` 1
`
` The ’685 patent (Ex. 1001) claims new subject matter that was not present in its
`
`parent, the ’008 patent (Ex. 1031). For example, the ’008 patent lacks written
`
`description of determining a security policy or an authorization method based on a
`
`type of communication link between a workstation and a security server, a
`
`geographic location of the workstation, or a time of access. As a result, the ’685
`
`patent is entitled to a priority date no earlier than May 19, 2004. (Ex. 1002, ¶
`
`34n.2.)
`
`9
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`properly recognized that the subject matter was old, and rejected those claims (as
`
`well as other similar claims) multiple times. (Ex. 1021-1025 (representative
`
`rejections dated 5/21/2007, 2/19/2008, 12/18/2008, and 1/20/2010.)
`
`The applicants eventually appealed to the PTAB on Mar. 31, 2011. (Ex.
`
`1026 (Notice of Appeal dated 3/31/2011), Ex. 1013 (Appeal Brief dated
`
`5/20/2011).) A representative claim under appeal was claim 4:
`
`4. (Previously Presented) A method of authorizing a user
`to access a workstation using a security server, the
`method comprising:
`
`receiving security data relating to at least one of a type of
`communication link between the workstation and the
`security server, a geographic location of the workstation,
`or a time of access of the workstation by the user;
`
`determining a security policy from a plurality of
`predetermined security policies based on previously
`stored policy data and the received security data;
`
`determining an authorization method for authorizing the
`user, wherein the authorization method is determined
`from the determined security policy in accordance with
`the received security data;
`
`receiving user identification data; and
`
`10
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`registering the user identification data against stored user
`data in accordance with the determined authorization
`method, wherein different authorization methods for
`authorizing the user are determined upon receipt of
`different security data.
`
`The PTAB likewise determined that these claims recited old subject matter,
`
`and affirmed the rejection. In particular, the PTAB determined that the prior art
`
`taught “determining a security policy from a plurality of security policies based on
`
`previously stored policy data and the received security data,” as well as
`
`determining an “authorization method . . . from the determined security policy in
`
`accordance with the received security data.” (PTAB Decision at 4 (Ex. 1014.)
`
` After the PTAB’s decision, the applicants narrowed the claims to recite
`
`exactly what factors the choice of security policy and authorization method had to
`
`be based on. Instead of being based merely on undefined “received security data”,
`
`the applicants amended the claims to require that the security policy and
`
`authorization method be determined based on at least one of three specific
`
`“computing conditions”:
`
`1. “a received indication of the type of communication link between the
`
`workstation and the security server,”
`
`2. “the geographic location of the workstation,” or
`
`3. “the time of access of the workstation.”
`
`11
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`They also required that “the security data does not include identification
`
`information for a particular user.” (Ex. 1016 at 3, 16 (amended claim reproduced
`
`below) (emphasis added).) Thus, this meant that the choice of which security
`
`policy and authorization method to use for a specific access attempt is made
`
`independent of identification information for a particular user. (Ex. 1002, ¶ 36.)
`
`4. (Currently Amended) A method of authorizing a user
`to access a workstation using a security server, the
`method comprising:
`
`receiving security data relating to computing conditions
`in which an authorization will be performed, wherein the
`security data comprises at least one indication of a type
`of communication link between the workstation and the
`security server, a geographic location of the workstation,
`or a time of access of the workstation by the user;
`
`determining a security policy from a plurality of
`predetermined security policies based on previously
`stored policy data and the received indication of the type
`of communication link between the workstation and the
`security server, the geographic location of the
`workstation, or the time of access of the workstation
`security data;
`
`determining an authorization method for authorizing the
`user, wherein the authorization method is determined
`
`12
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`from the determined security policy in accordance with
`the received indication of the type of communication link
`between the workstation and the security server, the
`geographic location of the workstation, or the time of
`access of the workstation security data;
`
`receiving user identification data; and
`
`registering the user identification data against stored user
`data in accordance with the determined authorization
`method, wherein different authorization methods for
`authorizing the user are determined upon receipt of
`different security data, and wherein the security data does
`not include identification information for a particular
`user.
`
`The claims were then allowed in response. (Ex. 1027 (Notice of Allowance).)
`
`Since the claims were allowed only after this amendment, the record is clear that
`
`the added language described above was the purported distinction over the prior art
`
`in the rejection. However, these features and the system as a whole were well
`
`known in the art. Furthermore, since this added language is not described in the
`
`parent ’008 patent’s specification, the challenged claims of the ’685 patent are not
`
`entitled to the priority date of the parent ’008 patent. (Ex. 1002, ¶ 37.)
`
`In sum, the ’685 patent claims as its novel concept the use of different
`
`security policies and authorization methods that vary based on computing
`
`13
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`conditions, specifically, one or more of: (1) the type of communication link being
`
`used, (2) the geographic location of the workstation, and/or (3) the time of access.
`
`(Ex. 1001, claim 1). (Ex. 1002, ¶ 38.)
`
`In the ’685 patent, the choice of which security policy and authorization
`
`method to use for a specific access attempt is made independent of identification
`
`information for a particular user. (Ex. 1001, claim 1 (“wherein different
`
`authorization methods for authorizing the user are determined upon receipt of
`
`different security data, and wherein the security data does not include
`
`identification information for a particular user.”) Instead, as discussed above,
`
`the choice of security policy and authorization method is based on computing
`
`conditions, such as type of communication link, geographic location of the
`
`workstation, and/or the time of access. (Ex. 1002, ¶ 39.)
`
`VI. CLAIM CONSTRUCTION
`In IPR proceedings, claims are given their “broadest reasonable construction
`
`in light of the specification.” 37 C.F.R. § 42.100(b.). Terms not specifically
`
`discussed in this section should have their ordinary and customary meaning in light
`
`of the specification, as commonly understood by those of ordinary skill in the art.
`
`14
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`“security policy” (claims 1, 9, and 19)
`
`A.
`The broadest reasonable interpretation of a “security policy,” in the context
`
`of the ’685 specification and claims, is “rules specifying conditions for accessing
`
`a secure resource.” (Ex. 1002, ¶ 41.)
`
`The ’685 specification describes a “security policy,” consistent with the
`
`ordinary meaning of the term, as something that “determin[es]…at least an
`
`authorization method for the user.” (Ex. 1001, 5:64-6:2; see also 7:50-54 (“In
`
`dependence upon the security policy…an authorization method…is selected.”);
`
`6:3-7 (“[T]he authorization method is varied because a security policy…is
`
`different.”).) As discussed above, the patent discusses a few examples of security
`
`policies. For example, a security policy may indicate that no access is to be
`
`provided between the hours of midnight and 6:00 a.m. (Ex. 1001, 7:55-58.) A
`
`security policy may also require the use of different user authentication devices.
`
`(Ex. 1001, 8:23-45; 9:8-15; 9:28-37.)2 (Ex. 1002, ¶ 42.)
`
`
`
` 2
`
` This construction is also consistent with the well understood meaning in the art.
`
`(See, e.g., Neuman 1999 IETF Draft (Ex. 1005), 3 (defining “SECURITY
`
`POLICY” as “the set of rules that govern access to objects.”) (Ex. 1002, ¶ 42n.3.)
`
`15
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`“authorization method” (claims 1, 9, and 19 )
`
`B.
`The broadest reasonable interpretation of an “authorization method,” in the
`
`context of the ’685 patent specification and claims, is a “method of identifying
`
`and/or authorizing a user to access a resource.” (Ex. 1002, ¶ 43.)
`
`The ’685 patent specification describes an “authorization method” as a
`
`method of identifying and/or authorizing the user. (Ex. 1001, Abstract (“In the
`
`authorization method, the user is first identified with the security server and then
`
`optionally authorized thereby.”); see also 6:42-45 (“an authorization method to
`
`perform at least one of identifying and authorizing the user.”).) The ’685 patent
`
`describes various methods for identifying and authenticating users, including “a
`
`smart card reader” (id. at 5:24-27), a “biometric sampling device such as a
`
`fingerprint imager, a voice recognition system, a retinal imager or the like” (id.),
`
`“password[s]” (id. at 4:63-65), and “card based user authentication” (id.). (See also
`
`id. at 6:49-65.) (Ex. 1002, ¶ 44.)
`
`VII. GROUNDS FOR CHALLENGE
`This Petition, supported by the Declaration of Dr. Clifford Neuman filed
`
`herewith, demonstrates that there is a reasonable likelihood that Petitioner will
`
`prevail with respect to at least one challenged claim and that each of the challenged
`
`claims is not patentable. See 35 U.S.C. § 314(a.)
`
`16
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`Dr. Neuman is the Director of University of Southern California’s Center for
`
`Computer Systems Security at the Information Sciences Institute and a faculty
`
`member in the Computer Science Department. Dr. Neuman received an S.B.
`
`Degree in Computer Science and Engineering from the Massachusetts Institute of
`
`Technology in 1985, and a Ph.D in Computer Science from the University of
`
`Washington in 1992. He was one of the principal authors of the widely used
`
`Kerberos authentication system, which provides real-time authentication of users
`
`(or processes acting on behalf of users) to service providers. Kerberos can be used
`
`to establish an authenticated communication channel between parties, protect the
`
`integrity of the channel, and optionally protect the privacy of the communication.
`
`As further explained in his Declaration as well as in this Petition, Dr. Neuman was
`
`also one of the principal authors of a series of draft proposals to the Internet
`
`Engineering Task Force (“IETF”) proposing a flexible access control framework
`
`that supported multiple security policies and authorization mechanisms, and that
`
`could be used in a wide array of applications. (Ex. 1002, ¶¶ 2-10.)
`
`Pursuant to Rule 42.104(b)(4)-(5), specific grounds for finding the
`
`challenged claims invalid are identified below and discussed in the Neuman
`
`Declaration.
`
`17
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`
`A. Overview of Prior Art
`1. Background
`
`Computer security is almost as old as computers themselves. The primary
`
`purpose of computer security is to limit access to computer systems and data to
`
`only those users that are supposed to have such access. As Dr. Neuman explains,
`
`implementation of security policies – i.e., rules specifying conditions for accessing
`
`a secure resource – has been important for computers for many decades, with
`
`seminal works on policy models in both the commercial and military contexts
`
`gaining wide acceptance in the 1970s and 1980s. See, e.g., Jerome H. Saltzer,
`
`“Protection and the Control of Information Sharing in Multics”, Communications
`
`of the ACM (1974) (Ex. 1028); Clark and Wilson, “A Comparison of Commercial
`
`and Military Computer Security Policies”, Proc. of the 1987 IEEE Symposium on
`
`Security and Privacy (1987) (Ex. 1019.) With the wider adoption of distributed
`
`computing in the 1980s, work on policy languages that could express security
`
`policies in a clear and uniform way gained importance. See, e.g., Landwehr,
`
`“Formal Models for Computer Security”, ACM Computing Surveys Vol. 13, Issue
`
`3 (Sept. 1981) (Ex. 1020) (Ex. 1002, ¶ 51.)
`
`Although the ’685 patent claims that its “flexible” method of user
`
`authentication was novel in 2004, the computer security field had in fact
`
`recognized by the late 1990s that analyzing the circumstances of a particular
`
`18
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`access attempt could help security systems identify potential security risks or
`
`intrusion attempts, and allow security systems to adapt accordingly. (See, e.g.,
`
`Furnell et al. (Ex. 1029), 232.) As a result, the computer security field developed
`
`“flexible” approaches to computer security that incorporated multiple security
`
`policies and authorization methods to dynamically adapt to various environments,
`
`depending both on the connection (e.g., type of communication link, geographic
`
`location of the workstation), and the system or global state (e.g., whether a
`
`threatened state is perceived, time of access of the request). For example, by the
`
`mid-1990s, it was common for access to systems from a remote location to require
`
`a stronger security authorization method (e.g., use of token such as Secure ID) than
`
`those at a more secure location, such as a local workstation at corporate
`
`headquarters (e.g., use of passwords). By at least 1998, the computer security
`
`literature had begun describing examples of “adaptive security,” such as a bank
`
`that enforces one security policy during business hours, and another policy after
`
`hours, or a military organization that “hardens” confidentiality rules and security
`
`measures following detection of a possible intrusion. (Ex. 1018 (Carney and Loe),
`
`3.) Similarly, in 1997, Furnell et al. described an Intrusion Monitoring System
`
`(IMS) that integrated multiple authentication and supervision techniques into a
`
`single architecture (Ex. 1029, 227; see also id. at 228-231), and also discussed
`
`increasing an “alert status” (which required stronger authentication) in response to
`
`19
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`“out of hours access” that might indicate unauthorized activity (id. at 233, 235.)
`
`(Ex. 1002, ¶ 52.)
`
`As explained below and in the accompanying declaration of Dr. Neuman,
`
`there is nothing novel in the concepts and techniques underlying the ’685 claims.
`
`The alleged invention of the ’685 patent consists of little more than using different
`
`security policies and authorization methods based on the specific computing
`
`conditions of time, location, and network connection-type. These concepts were
`
`well-known by persons of ordinary skill in the art before the ’685 patent. (Ex.
`
`1002, ¶ 53.)
`
`Although there is a wealth of relevant prior art, in the interest of expediency,
`
`Petitioner’s challenge focuses primarily on two references: Wood and the Neuman
`
`1999 IETF Draft. As discussed in further detail below, these two references
`
`disclose every limitation of the alleged invention of the ’685 patent.
`
`2. Overview of Wood
`
`The Wood patent was filed in 1999 and assigned to Sun Microsystems.
`
`Wood describes a flexible approach to security policies and authorization methods
`
`that varies based on the same computing conditions as the ‘685 patent: (1) the type
`
`of communication link being used, (2) the geographical location of the workstation,
`
`and/or (3) the time of access. (Ex. 1002, ¶ 55.) For example, Wood is explicit:
`
`20
`
`

`

`U.S. Patent 9,098,685
`Petition for Inter Partes Review
`”By including environment information in a security
`policy, facilities in accordance with some embodiments
`of the present invention advantageously allow temporal,
`locational, connection type and/or client capabilities-
`related information to affect the sufficiency of a given
`credential type (and associated authentication scheme)
`for access to a particular information resource.” (Ex.
`1011, 2:49-55)
`