`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`GOOGLE LLC,
`Petitioner,
`
`v.
`
`BLACKBERRY LTD.,
`Patent Owner.
`
`Case No. IPR2017-01620
`U.S. Patent No. 8,489,868 B2
`
`PATENT OWNER'S
`DEMONSTRATIVE EXHIBITS
`
`
`
`Patent Owner BlackBerry Ltd.
`Google LLC v. BlackBerry Ltd.
`IPR2017-01619, -01620
`U.S. Patent No. 8,489,868
`
`September 17, 2018
`
`1
`
`
`
`Garst and Gong
`Garst and Gong
`IPR2017-01619
`lPR2017-O1619
`
`2
`
`
`
`Petitioner’s Asserted Grounds (1619)
`
`Claims (* independent)
`1*, 13, 76*, 78, 81, 84, 85, 87,
`88, 90-93, 95, 98, 100, 104,
`108, 112, 113, 137-39, and
`142-44
`
`77, 79, 80, and 82
`
`83
`
`86
`
`89
`
`94
`
`Basis Reference(s)
`§ 102 Garst (Ex. 1012) and Gong (Ex. 1016)
`
`§ 103 Garst (Ex. 1012), Gong (Ex. 1016) and
`Davis (Ex. 1013)
`§ 103 Garst (Ex. 1012), Gong (Ex. 1016) and
`Chang (Ex. 1014)
`§ 103 Garst (Ex. 1012), Gong (Ex. 1016) and
`Sibert (Ex. 1015)
`§ 103 Garst (Ex. 1012), Gong (Ex. 1016) and
`Wong-Insley (Ex. 1017)
`§ 103 Garst (Ex. 1012), Gong (Ex. 1016) and
`Haddock (Ex. 1018)
`
`3
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`- “Signed Software Application”
`
`-
`
`-
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`4
`
`
`
`‘868 Patent
`-01619, Ex. 1001
`
`Independent Claims 1 and 76
`“signed software application”
`
`1. A mobile device containing software instructions
`which when executed on the mobile device cause the
`mobile device to perform operations for controlling
`access to an application platform of the mobile
`device, the operations comprising:
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a
`digital signature generated using a private
`key of a private key-public key pair, wherein
`the private key is not accessible to the mobile
`device;
`the mobile device using a public key of the private
`key-public key pair to verify the digital
`signature of the software application; and
`based upon verifying the digital signature at the
`mobile device, the mobile device allowing the
`software application access to the sensitive
`API.
`
`76. A method for controlling access to an application
`platform of a mobile device, comprising:
`
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a
`digital signature generated using a private
`key of a private key-public key pair, wherein
`the private key is not accessible to the mobile
`device;
`mobile device using a public key of the private
`key-public key pair to verify of the digital
`signature of the software application; and
`based upon verifying the digital signature at the
`mobile device, the mobile device allowing the
`software application access to the sensitive
`API.
`
`5
`
`
`
`Proposed Claim Constructions
`“signed software application”
`
`Petitioner
`determining, at the mobile device, whether the
`software application is signed, wherein a signed
`software application includes a digital signature
`generated using a private key of a private key-
`public key pair corresponding to an entity with an
`interest in protecting access to the sensitive API,
`such as a mobile device manufacturer or other
`entity that classified the API as sensitive, or from a
`code signing authority acting on behalf of the
`manufacturer
`
`“Petitioner does not argue that the software
`application can include any digital signature, but
`rather argues that the digital signature need not be
`generated using the application code.”
`
`1619 Pet. 7-8, 25 n.10;
`1619 Reply 3
`
`Patent Owner
`determining, at the mobile device, whether the
`software application is signed, wherein a signed
`software application includes a digital signature
`generated using a private key of a private key-
`public key pair
`
`“The claims recite a ‘signed software application,’
`i.e., a software application that is itself signed. …
`this means the signature is generated from the
`software application or a unique transformation of
`the software application, e.g., a hash or the ’868
`patent’s abridging function.”
`
`1619 Resp. 6-8
`
`6
`
`
`
`’868 Patent’s Specification
`“signed software application”
`
`’868 Patent
`-01619, Ex. 1001
`
`Ex. 1001, 4:36-55;
`1619 Resp. 6-8
`
`7
`
`
`
`Dr. McDaniel’s 5 Requirements of “Signatures”
`
`McDaniel Decl.
`-01619, Ex. 1002
`
`Ex. 1002 (1619), ¶39;
`1619 Resp.
`
`8
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`“Signed Software Application”
`
`- “Abridged”
`
`-
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`9
`
`
`
`‘868 Patent
`-01619, Ex. 1001
`
`Dependent Claim 86
`“abridged version of the software application”
`
`86. The method of claim 76, wherein
`the digital signature is generated by applying the private
`key to a first abridged version of the software application;
`and the digital signature is verified by generating a
`second abridged version of the software application to
`d
`obtain a generated abridged version, applying the public key
`to the digital signature to obtain a recovered abridged
`version, and verifying that the generated abridged version
`and the recovered abridged version are the same.
`
`Petitioner’s Construction
`a shortened version of the software
`application
`
`1619 Reply 9
`
`Patent Owner’s Construction
`a unique transformation of the
`software application that is smaller
`than the software application
`1619 Resp. 21
`
`10
`
`
`
`’868 Patent’s Specification
`“abridged version of the software application”
`
`’868 Patent
`-01619, Ex. 1001
`
`Ex. 1001, 6:26-41;
`1619 Resp. 21
`
`11
`
`
`
`Petitioner’s Reply
`“abridged version of the software application”
`
`Reply -01619
`
`1619 Reply 9
`
`12
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`- “Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`13
`
`
`
`‘868 Patent
`-01619, Ex. 1001
`
`Independent Claims 1 and 76
`“sensitive API”
`
`1. A mobile device containing software instructions
`which when executed on the mobile device cause the
`mobile device to perform operations for controlling
`access to an application platform of the mobile
`device, the operations comprising:
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API
`to which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a digital
`signature generated using a private key of a
`private key-public key pair, wherein the private
`key is not accessible to the mobile device;
`the mobile device using a public key of the private
`key-public key pair to verify the digital
`signature of the software application; and
`based upon verifying the digital signature at the
`mobile device, the mobile device allowing the
`software application access to the sensitive
`API.
`
`76. A method for controlling access to an application
`platform of a mobile device, comprising:
`
`storing a plurality of application programming
`interfaces (APIs) at the mobile device,
`wherein at least one API comprises a
`sensitive API to which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a digital
`signature generated using a private key of a
`private key-public key pair, wherein the private
`key is not accessible to the mobile device;
`mobile device using a public key of the private
`key-public key pair to verify of the digital
`signature of the software application; and
`based upon verifying the digital signature at the
`mobile device, the mobile device allowing the
`software application access to the sensitive
`API.
`
`14
`
`
`
`Claim Construction
`“sensitive API”
`
`Institution Decision
`An API to which access is
`restricted on an application-
`by-application basis
`
`1619 Dec. 11
`
`Ex. 1001, 3:46-61;
`1619 Resp. 16-17
`
`Patent Owner
`An API classified as
`implicating a security concern
`
`1619 Resp. 16
`
`76. A method … comprising …
`based upon verifying the
`digital signature at the mobile
`device, the mobile device
`allowing the software application
`access to the sensitive API.
`
`112. The method of claim 76,
`further comprising: upon
`verifying the digital signature
`at the mobile device, the mobile
`device allowing the software
`application access to at least one
`non-sensitive API.
`
`15
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`16
`
`
`
`Petitioner’s Challenge
`“software application” = Garst’s “program”
`
`Petition -01619
`
`Resp. 23-25; Pet. 21-22;
`Ex. 1012, 5:67-6:6, 6:41-55, 10:3-6
`
`17
`
`
`
`Petitioner’s Challenge
`Garst verifies “license text string 600”
`
`Petition -01619
`
`Garst (Ex. 1012)
`
`1619 Pet. 22-23
`
`Ex. 1012, 6:9-12;
`1619 Pet. 22-23
`
`18
`
`
`
`Garst’s Signed License String
`
`Garst (Ex. 1012)
`
`Ex. 1012, 9:17-21;
`1619 Reply 10
`
`Ex. 1002 (1619), ¶39;
`1619 Resp. 18
`
`19
`
`
`
`Petitioner’s Reply Concessions
`“signed software application”
`
`Reply -01619
`
`1619 Reply 13-14
`
`20
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`21
`
`
`
`Petition -01619
`
`Reply -01619
`
`Petition and Reply Arguments
`Obviousness of Signing Application with API Key
`
`1619 Pet. 25
`
`1619 Reply 15-16
`
`22
`
`
`
`Garst, Gong, and Petitioner’s Combination
`
`Garst
`
`API Private Key
`
`API Vendor
`
`License
`Signed w.
`API Key
`
`Developer
`
`Gong
`
`Garst + Gong
`
`API Private Key
`
`API Vendor
`
`Application
`Program
`(or hash)
`
`Developer Private Key
`
`Developer
`
`Developer
`
`Signature of
`Application
`Program w.
`API Key
`
`Application
`Program incl.
`License Signed
`w. API Key
`
`Application
`Program incl.
`Signature w.
`Dev. Key
`
`Application
`Program incl.
`Signature w.
`API Key
`
`User
`
`1619 Resp. 34;
`Ex. 1012, 9:35-64
`
`User
`
`1619 Resp. 35;
`Ex. 1016, 143-46
`
`User
`
`Pet. 25-27;
`Ex. 1002, ¶147-150
`
`1619 Resp. 33-38
`
`23
`
`
`
`’868 Patent and Petitioner’s Combination
`
`868 Patent
`
`1619 Resp. 33-38
`
`Ex. 1001, Fig. 1;
`1619 Resp. 38
`
`Garst + Gong
`
`API Private Key
`
`API Vendor
`
`Application
`Program
`(or hash)
`
`Signature of
`Application
`Program w.
`API Key
`
`Developer
`
`Application
`Program incl.
`Signature w.
`API Key
`
`User
`
`Pet. 25-27;
`Ex. 1002, ¶147-150
`
`24
`
`
`
`Dr. McDaniel’s Footnote Implementation
`
`McDaniel Decl.
`-01619, Ex. 1002
`
`Ligler Decl.
`-01619, Ex. 2002
`
`1619 Ex. 1002, ¶150 n.7
`
`Ex. 2002, ¶96;
`1619 Resp. 37
`
`25
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`26
`
`
`
`Petitioner’s Challenge
`Garst’s “sensitive API”
`
`Petition -01619
`
`1619 Pet. 21
`
`27
`
`
`
`Petitioner’s Reply Argument
`Garst’s “sensitive API”
`
`Reply -01619
`
`1619 Reply 16
`
`28
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`29
`
`
`
`Prior Art Status of Gong – Petition and Reply
`
`Petition -01619
`
`Reply -01619
`
`1619 Pet. 4
`
`1619 Reply 24
`
`30
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`31
`
`
`
`Dependent Claim 112
`“upon verifying … allowing … access to the non-sensitive API”
`
`‘868 Patent
`-01619, Ex. 1001
`
`76. A method … comprising… based upon verifying
`the digital signature at the mobile device, the
`mobile device allowing the software application
`access to the sensitive API.
`d
`112. The method of claim 76, further comprising:
`upon verifying the digital signature at the mobile
`device, the mobile device allowing the software
`application access to at least one non-sensitive
`API.
`
`32
`
`
`
`Petitioner’s Challenge
`“upon verifying … allowing … access to the non-sensitive API”
`
`Petition -01619
`
`1619 Pet. 47
`
`1619 Pet. 48
`
`33
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`34
`
`
`
`Petitioner’s Challenge
`Davis Combination
`
`Petition -01619
`
`1619 Pet. 52
`
`35
`
`
`
`The Parties’ Primary Disputes (1619)
`
`• Claim Construction
`
`-
`
`-
`
`-
`
`“Signed Software Application”
`
`“Abridged”
`
`“Sensitive API”
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Garst’s disclosure of a “Signed Software Application”
`
`- Obviousness of signing Garst’s “Software Application” with an API Key
`
`- Garst’s disclosure of “Sensitive API”
`
`- Prior Art Status of Gong
`
`• Claim 112: Non-sensitive APIs
`
`• Claims 77, 79, 80, and 82: Combination with Davis
`
`• Claim 86: Combination with Sibert
`
`36
`
`
`
`Petitioner’s Challenge
`Sibert Combination
`
`Petition -01619
`
`1619 Pet. 57-58
`
`1619 Pet. 58-59
`
`37
`
`
`
`Dr. Ligler on Sibert Combination
`“abridged” = a unique, shorter transformation
`
`Ligler Decl.
`-01619, Ex. 2002
`
`Ex. 2002, ¶119; Resp. 56
`
`Ex. 1001, 6:32-41;
`1619 Resp. 56-57
`
`38
`
`
`
`Lin
`
`Lin
`IPR2017-01620
`
`lPR2017-01620
`
`39
`
`39
`
`
`
`Petitioner’s Asserted Grounds (1620)
`
`Claims (* independent)
`1*, 76*, 78, 81, 84, 85, 90-92,
`95, 104, 113, 137, and 142
`13, 88, and 98
`
`77, 79, 80, and 82
`
`83
`
`86
`
`89
`
`94
`
`93, 100, 112, and 139
`
`Basis Reference(s)
`§ 102 Lin (Ex. 1011)
`
`§ 103 Lin (Ex. 1011)
`Garst (Ex. 1012)
`§ 103 Lin (Ex. 1011)
`Davis (Ex. 1013)
`§ 103 Lin (Ex. 1011)
`Chang (Ex. 1014)
`§ 103 Lin (Ex. 1011)
`Sibert (Ex. 1015)
`§ 103 Lin (Ex. 1011)
`Wong-Insley (Ex. 1017)
`§ 103 Lin (Ex. 1011)
`Haddock (Ex. 1018)
`§ 103 Lin (Ex. 1011)
`Gong (Ex. 1016)
`
`40
`
`
`
`1620 Ground 1 (§ 102 – Lin): The Parties’ Primary Disputes
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Lin does not anticipate “based upon verifying the digital signature at the
`mobile device, the mobile device allowing the software application access
`to the sensitive API.”
`
`- Petitioner Improperly Combines Lin’s Distinct Embodiments
`
`- Lin does not anticipate “wherein the private key is not accessible to the
`mobile device.”
`
`41
`
`
`
`1620 Ground 1 (§ 102 – Lin): The Parties’ Primary Disputes
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Lin does not anticipate “based upon verifying the digital signature at the
`mobile device, the mobile device allowing the software application access
`to the sensitive API.”
`
`- Petitioner Improperly Combines Lin’s Distinct Embodiments
`
`- Lin does not anticipate “wherein the private key is not accessible to the
`mobile device.”
`
`42
`
`
`
`‘868 Patent
`-01620, Ex. 1001
`
`‘868 Patent Independent Claims 1 and 76
`
`1. A mobile device containing software instructions
`which when executed on the mobile device cause the
`mobile device to perform operations for controlling
`access to an application platform of the mobile
`device, the operations comprising:
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a digital
`signature generated using a private key of a
`private key-public key pair, wherein the private
`key is not accessible to the mobile device;
`the mobile device using a public key of the private
`key-public key pair to verify the digital
`signature of the software application; and
`based upon verifying the digital signature at
`the mobile device, the mobile device
`allowing the software application access to
`the sensitive API.
`
`76. A method for controlling access to an application
`platform of a mobile device, comprising:
`
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a digital
`signature generated using a private key of a
`private key-public key pair, wherein the private
`key is not accessible to the mobile device;
`mobile device using a public key of the private
`key-public key pair to verify of the digital
`signature of the software application; and
`based upon verifying the digital signature at
`the mobile device, the mobile device
`allowing the software application access to
`the sensitive API.
`
`43
`
`
`
`Lin Does Not Disclose that Access to Device Resources Is Based Upon
`Verifying Signature 312
`Lin (Ex. 1011):
`
`Petitioner:
`
`1620 Petition at 28-29.
`
`Ex. 1011,
`4:60-5:30;
`see also
`1620 Resp.
`at 14-17, 26.
`44
`
`
`
`Petitioner’s Expert’s Testimony Regarding Lin’s Figure 6 Is Inconsistent
`
`Lin (Ex. 1011):
`
`Petitioner’s Expert (McDaniel), ¶ 87:
`
`Ex. 1011, 5:16-30, Fig. 6; see also 1620 Resp. at 28-29 n.7.
`
`Petitioner’s Expert (McDaniel), ¶ 172:
`
`1620 Ex. 1002, ¶87; see also 1620 Resp. at 28-29 n.7.
`
`1620 Ex. 1002, ¶172; see also 1620 Resp. at 28-29 n.7.
`
`45
`
`
`
`Petitioner’s and Its Expert’s Position Is Contrary to
`Lin’s Express Disclosure
`
`Petitioner’s Reply:
`
`Lin (Ex. 1011):
`
`Petitioner’s Expert (McDaniel):
`
`1620 Reply at 10.
`
`Ex. 1011, 5:31-52;
`see also 1620 Resp. at 26-27.
`
`Ex. 2004, 230:24-231:10;
`see also 1620 Resp. at 26-27 n.6.
`
`46
`
`
`
`Developer Signature 312 Does Not Have to be Verified to
`Verify File Hash 304
`Lin (Ex. 1011):
`
`Petitioner’s Reply:
`
`*
`
`*
`
`*
`
`Patent Owner’s Expert (Ligler):
`
`Ex. 1011, 5:31-52;
`see also 1620 Resp. at 29-30.
`
`*
`
`*
`
`*
`
`1620 Reply at 8-9, 11.
`
`Ex. 2002, ¶71; see also 1620 Resp. at 30-31.
`
`47
`
`
`
`Verification of Time Stamp 310 Does Not Validate Any Information
`Regarding Developer Signature 312
`Lin (Ex. 1011):
`
`Petitioner’s Reply:
`
`*
`
`*
`
`*
`
`1620 Reply at 9, 10.
`
`Ex. 1011, 3:67-4:20;
`see also 1620 Resp. at 13-14, 39-40.
`
`48
`
`
`
`Lin Does Not Disclose that Access to Device Resources Is Based Upon
`Verifying Developer Signature 312
`Patent Owner’s Expert (Ligler):
`
`*
`
`*
`
`*
`
`1620 Ex. 2002, ¶¶67, 70; see also
`1620 Resp. at 40-43.
`
`49
`
`
`
`1620 Ground 1 (§ 102 – Lin): The Parties’ Primary Disputes
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Lin does not anticipate “based upon verifying the digital signature at the
`mobile device, the mobile device allowing the software application access
`to the sensitive API.”
`
`- Petitioner Improperly Combines Lin’s Distinct Embodiments
`
`- Lin does not anticipate “wherein the private key is not accessible to the
`mobile device.”
`
`50
`
`
`
`‘868 Patent
`-01620, Ex. 1001
`
`‘868 Patent Independent Claims 1 and 76
`
`1. A mobile device containing software instructions
`which when executed on the mobile device cause the
`mobile device to perform operations for controlling
`access to an application platform of the mobile
`device, the operations comprising:
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a
`digital signature generated using a private
`key of a private key-public key pair, wherein
`the private key is not accessible to the mobile
`device;
`the mobile device using a public key of the private
`key-public key pair to verify the digital
`signature of the software application; and
`based upon verifying the digital signature at
`the mobile device, the mobile device
`allowing the software application access to
`the sensitive API.
`
`76. A method for controlling access to an application
`platform of a mobile device, comprising:
`
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a
`digital signature generated using a private
`key of a private key-public key pair, wherein
`the private key is not accessible to the mobile
`device;
`mobile device using a public key of the private
`key-public key pair to verify of the digital
`signature of the software application; and
`based upon verifying the digital signature at
`the mobile device, the mobile device
`allowing the software application access to
`the sensitive API.
`
`51
`
`
`
`Lin Discloses Two Distinct Embodiments for Transferring Signed ADF and
`Software Application to Client Device
`
`Lin’s Figure 2 Embodiment:
`
`Lin’s Figure 6 Embodiment:
`
`Petitioner’s Expert (McDaniel):
`
`Ex. 1011, Fig. 6;
`see also 1620 Resp. at 19.
`
`Ex. 1011, 2:66-3:5, Fig. 2;
`see also 1620 Resp. at 18.
`
`1620 Ex. 1002, ¶87.
`
`52
`
`
`
`Both Parties’ Experts Agree: Lin Discloses Two Distinct Embodiments for
`Transferring Signed ADF and Software Application to Client Device
`Petitioner’s Expert (McDaniel):
`
`1620 Ex. 1002, ¶87.
`
`Ex. 2004, 240:12-241:7; see
`also 1620 Resp. at 18-19.
`
`53
`
`
`
`Both Parties’ Experts Agree: Lin Discloses Two Distinct Embodiments for
`Transferring Signed ADF and Software Application to Client Device
`Patent Owner’s Expert (Ligler):
`
`*
`
`*
`
`*
`
`1620 Ex. 2002, ¶¶ 53-55; see also 1620 Resp. at 18-19.
`
`54
`
`
`
`Petitioner Improperly Relies on Lin’s Distinct Embodiments for
`Transferring Signed ADF and Software Application to Client Device
`’868 patent claims:
`determining, at the mobile device, whether the software
`application is signed, wherein a signed software
`application includes a digital signature generated
`using a private key of a private key-public key pair,
`wherein the private key is not accessible to the mobile
`device
`
`based upon verifying the digital signature at the
`mobile device, the mobile device allowing the
`software application access to the sensitive API.
`
`Lin’s Figure 2 Embodiment:
`
`Petitioner’s Expert (McDaniel):
`
`Petitioner’s Expert (McDaniel):
`
`Ex. 1011, 2:66-3:5, Fig. 2;
`see also 1620 Resp. at 18.
`
`1620 Ex. 1002, ¶182.
`
`1620 Ex. 1002, ¶163.
`
`55
`
`
`
`Petitioner Mischaracterizes Dr. Ligler’s Testimony to
`Gap-Fill Missing Disclosure in Lin
`
`Petitioner’s characterization of Dr. Ligler’s
`testimony:
`
`But Dr. Ligler actually testified:
`
`1620 Reply at 6.
`
`Ex. 1046, 222:5-16.
`
`1620 Ex. 2002, ¶57;
`see also 1620 Resp. at 20-21.
`56
`
`
`
`Petitioner Mischaracterizes Lin’s Disclosures To
`Gap-Fill Missing Disclosure
`
`Petitioner’s Reply:
`
`Patent Owner’s Expert (Ligler):
`
`1620 Reply at 5.
`
`1620 Ex. 2002, ¶58;
`see also 1620 Resp. at 24-25.
`
`57
`
`
`
`Unrebutted Expert Testimony Shows How a POSA Would Have Understood
`Lin’s Disclosures Regarding Figure 6
`Patent Owner’s Expert (Ligler):
`
`Lin (Ex. 1011):
`
`Ex. 1011, 5:12-30;
`see also 1620 Resp. at 14-17,
`26.
`
`Petitioner’s Expert (McDaniel):
`
`1620 Ex. 2002, ¶57 n.5.
`
`[
`[NONE]
`
`58
`
`
`
`1620 Ground 1 (§ 102 – Lin): The Parties’ Primary Disputes
`
`• Independent Claims 1 and 76 (and all dependent claims):
`
`- Lin does not anticipate “based upon verifying the digital signature at the
`mobile device, the mobile device allowing the software application access
`to the sensitive API.”
`
`- Petitioner Improperly Combines Lin’s Distinct Embodiments
`
`- Lin does not anticipate “wherein the private key is not accessible to the
`mobile device.”
`
`59
`
`
`
`‘868 Patent
`-01620, Ex. 1001
`
`‘868 Patent Independent Claims 1 and 76
`
`1. A mobile device containing software instructions
`which when executed on the mobile device cause the
`mobile device to perform operations for controlling
`access to an application platform of the mobile
`device, the operations comprising:
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a
`digital signature generated using a private
`key of a private key-public key pair, wherein
`the private key is not accessible to the
`mobile device;
`the mobile device using a public key of the private
`key-public key pair to verify the digital
`signature of the software application; and
`based upon verifying the digital signature at the
`mobile device, the mobile device allowing the
`software application access to the sensitive
`API.
`
`76. A method for controlling access to an application
`platform of a mobile device, comprising:
`
`storing a plurality of application programming
`interfaces (APIs) at the mobile device, wherein
`at least one API comprises a sensitive API to
`which access is restricted;
`receiving, at the mobile device, an indication that
`a software application on the mobile device is
`requesting access to the sensitive API stored
`at the mobile device;
`d
`determining, at the mobile device, whether the
`software application is signed, wherein a
`signed software application includes a
`digital signature generated using a private
`key of a private key-public key pair,
`wherein the private key is not accessible to
`the mobile device;
`mobile device using a public key of the private
`key-public key pair to verify of the digital
`signature of the software application; and
`based upon verifying the digital signature at the
`mobile device, the mobile device allowing the
`software application access to the sensitive
`API.
`
`60
`
`
`
`Petitioner’s Inherency Argument Is Based on the Incorrect Assumption
`that the Client Device Is Not Trusted by the Developer
`Petition:
`
`Petitioner’s Expert (McDaniel):
`
`1620 Petition at 27.
`
`1620 Ex. 1002, ¶168.
`
`61
`
`
`
`Lin’s Client Device Could Have Access to the Private Key Without
`Compromising the Propriety of the Developer’s Signature
`Petitioner’s Expert (McDaniel):
`Patent Owner’s Expert (Ligler):
`
`Ex. 2004, 204:18-205:3; see also 1620 Resp. at 33.
`
`1620 Ex. 2002, ¶79; see also 1620 Resp. at 34.
`
`Ex. 2004, 210:17-211:5; see also 1620 Resp. at 33.
`
`62
`
`
`
`Lin Would Serve Same Purpose Where Client Device Is Trusted
`
`Petitioner’s Reply:
`
`Patent Owner’s Expert (Ligler):
`
`1620 Reply at 12.
`
`1620 Ex. 2002, ¶80; see also 1620 Resp. at 35-36.
`
`63
`
`
`
`1620 Ground 1 (§ 102 – Lin): The Parties’ Primary Disputes
`
`• Dependent Claims 78, 81, 85, 95, and 104:
`
`-
`
`-
`
`-
`
`(claim 78 or 81) Lin does not anticipate “the software . . . does not include a
`signature” (claim 78), “the digital signature is not successfully verified”
`(claim 81), or “denying the software application access to the sensitive API”
`(claims 78 and 81)
`
`(claims 85 and 104) Lin does not anticipate “the digital signature is generated
`by applying the private key to a first hash of the software application” (claim
`85) or “hash[ing of] the software application to obtain a generated hash”
`(claims 85 and 104)
`
`(claim 95) Lin does not anticipate “the digital signature provides an audit trail
`identifying a developer of the software application”
`
`64
`
`
`
`1620 Ground 1 (§ 102 – Lin): The Parties’ Primary Disputes
`
`• Dependent Claims 78, 81, 85, 95, and 104 :
`
`-
`
`-
`
`-
`
`(claim 78 or 81) Lin does not anticipate “the software . . . does not include a
`signature” (claim 78), “the digital signature is not successfully verified”
`(claim 81), or “denying the software application access to the sensitive API”
`(claims 78 and 81)
`
`(claims 85 and 104) Lin does not anticipate “the digital signature is generated
`by applying the private key to a first hash of the software application” (claim
`85) or “hash[ing of] the software application to obtain a generated hash”
`(claims 85 and 104)
`
`(claim 95) Lin does not anticipate “the digital signature provides an audit trail
`identifying a developer of the software application”
`
`65
`
`
`
`‘868 Patent Dependent Claims 78 and 81
`
`‘868 Patent
`-01620, Ex. 1001
`
`78. The method of claim 76, wherein based upon a
`determination that the software