t
`
` OldSN9102
`
`
`
`PTO/SB/16 (08-03)
`Approvedfor use through 07/31/2006. OMB 0651-0032
`U.S. Patent and Trademark Office; U.S. DEPARTMENT OF COMMERCE
`Under the Paperwork Reduction Act of 1995, no persons ara required to respond to a coltection of information untess it displays a valid OMB contro! number.
`PROVISIONAL APPLICATION FOR PATENT COVER SHEET
`This is a requestforfiling a PROVISIONAL APPLICATION FOR PATENTunder 37 CFR 1.53(c).
`
`Express MailLabel No, EV 167 295 551 US
`
`Given Name(first and middle[if any])
`
`INVENTOR(S)
`Family Name or Surname
`
`Residence
`and either State or Foreign Count:
`
`City
`
`
`
`
`
`separately numbered sheets attached hereto
`Additional inventors are being named on the
`TITLE OF THE INVENTION(500 characters max)
`SERVICE PREFERENCE ARCHITECTURE FOR DATA TRAFFIC AND PROVISIONING CONTROL
`Direct all correspondenceto:
`CORRESPONDENCE ADDRESS
`¥
`:
`Customer Number:
`
`23488
`
`u .
`
`_ ©
`~
`
`012204
`
` 7(
`
`
`
`OR
`
`
`Gerald B. Rosenberg, Esq.
`285 Hamilton Avenue
`
`
`
`
`
`
`
`
`
`pCountyesieternofss0.ses.zvon]Foxeso.zzs207
`
`
`
`ENCLOSED APPLICATION PARTS (checkailthat apply)
`_17
`
`C)
`CD(s), Number
`Specification Number of Pages
`|
`Other (specify)
`Cl Drawing(s) Number of Sheets
`
`
`CO Application Date Sheet. See 37 CFR 1.76
`
`
`METHOD OF PAYMENTOFFILING FEES FOR THIS PROVISIONAL APPLICATION FOR PATENT
`
`
`
`
`Applicant claims small entity status. See 37 CFR 1.27.
`FILING FEE
`
`Amount($)
`
`
`
`
`
`
` OO Paymentby credit card. Form PTO-2038is attached.
` The invention was made by an agencyof the United States Govermentor under a contract with an agency of the
`
`
`C] Yes, the nameof the U.S. Governmentagency and the Governmentcontract numberare:
`
`
`Date January 22, 2004
`Respectfully sui
`
`SIGNATURE
`REGISTRATION NO._30,320
`(if appropriate)
`Docket Number; BRDB3001
`
`A check or moneyorderis enclosedto cover the filing fees.
`
`The Director is herby authorized to chargefiling
`fees or credit any overpayment to Deposit Account Number:
`
`_50-0890
`
`80.00
`,
`
`United States Government.
`
`No.
`
`TYPEDor PRINTED NAME Gerald B. Rosenberg
`
`TELEPHONE 650.325.2100
`
`USE ONLY FORFILING A PROVISIONAL APPLICATION FOR PATENT
`This collection of information is required by 37 CFR 1.51. Theinformation is required to obtain or retain a benefit by the public whichisto file (and by the USPTO
`to process) an application. Confidentiality is governed by 35 U.S.C. 122 and 37 CFR 1.14. This collection is estimated to take 8 hours to complete, including
`gathering, preparing, and submitting the completed application form to the USPTO. Time will vary depending upon the individual case. Any comments on the
`amountof time you require to complete.this form and/or suggestions for reducing this burden, should be sent to the Chief Information Officer, U.S. Patent and
`Trademark Office, U.S, Department of Commerce, P.O. Box 1450, Alexandria, VA 22313-1450. DO NOT SEND FEES OR COMPLETED FORMS TO THIS
`ADORESS. SEND TO: Mail Stop Provisional Application, Commissionerfor Patents, P.O. Box 1450, Alexandria, VA 22313-1450.
`
`lfyou need assistance in completing the form, call 1-800-PTO-9199 and select option 2.
`
`Unified Patents Ex. 1013, pg. 1
`
`Unified Patents Ex. 1013, pg. 1
`
`

`

`.
`
`he
`
`IbOcelo
`
`i)
`
`: F
`
`
`
`PTO/SB/17 (10-03)
`Approved for use through 07/31/2006. OMB 0651-0032
`U.S. Patent and Trademark Office; U.S. DEPARTMENT OF COMMERCE
`Under the Paperwork Reduction Act of 1995, no persons are required to respond to a collection of information unless it displays
`a valid OMB contro! number.
`
`
`EE TRANSMITTAL
`
`Effective,antOrFY2004 ist -
`
`
`pee ae
`
`TOTAL AMOUNT OF PAYMENT
`($) 80.00
`
`First Named Inventor
`
`|Burke, Robert M.
`
`
`
`
`
`
`
`BRDB3001
`
`
`METHODOF PAYMENT(checkailthat apply)
`FEE CALCULATION(continued)
`
`
`
`Check [~] Creditcard [_] Money[Jotner [_]None|3. ADDITIONAL FEES
`
`
`
`
`
`D
`tA
`Large Enti
`Small Enti
`
`eposit
`Account:
`Fee
`Fee
`
`Fee Description
`.
`Fee
`Fee
`Deposit
`Code ($)
`|Cede ($)
`
`Account
`50-0890
`Number
`1051 65 Surcharge-latefiling fee or oath130 |2051
`
`
`
`
`
`D
`it
`
`
`1052 50|2052 25 Surcharge- late provisionalfiling fee or
`
`
`Account
`|NewTechLaw
`cover sheet
`Name
`130 Non-English specification
`|1053
`130
`1053
`
`
`The Director is authorized to: (check all that apply)
`
`
`1812 2,520 |1812 2,520 Forfiling a request for ex parte reexamination
`Chargefee(s) indicated below
`Credit any overpayments
`
`
`
`1804
`920°] 1804
`920° Requesting publication of SIR prior to
`Charge any additional fee(s) or any underpaymentof fee(s)
`.
`Examiner action
`
`
`1805 1,840*] 1805 1,840° Requesting publication of SIR after
`[_]charge fee(s) indicated below, except for the fillng fee
`
`Examineraction
`to the above-identified deposit account.
`2251
`110]
`1251
`55 Extension for reply within first month
`
`FEE CALCULATION
`
`2252
`420]
`4252
`210 Extension for reply within second month
`1. BASIC FILING FEE
`
`
`2253
`950]
`1253
`475 Extension for reply within third month
`arge Entity Small Entity
`
`
`Fee Description
`Fee Paid
`
`1254 1,480|2254 740 Extension for reply within fourth month
`
`
`1255 2,010|2255 1,005 Extensionfor reply within fifth month
`Utility filing fee
`1401
`330}
`2401
`165 Notice of Appeal
`Designfiling fee
`1402 165 Filingabrief in support of an appeal330] 2402
`
`
`
`Plantfiling fee
`
`”
`1403
`290]
`2403
`145 Request for oral hearing
`Reissuefiling fee
`
`1451 1,510|1451 1,510 Petition to institute a public use proceeding
`Provisionalfiling fee
`
`
`
`1452 110|2452 55 Petition to revive - unavoidable
`
`
`
`SUBTOTAL (1)
`
`1453 1,330|2453 665 Petition to revive - unintentional
`2. EXTRA CLAIM FEES FOR UTILITY AND REISSUE
`
`1501 1,330|2501 665 Utility issue fee (or reissue)
`fe rom Fee Paid
`Extra Claims
`1502
`480]
`2502
`240 Design issue fee
`1503
`640]
`2503
`320 Plantissue fee
`iaepercent [oexd
`1460
`130]
`1460
`130 Petitions to the Commissioner
`Multiple Dependent
`C_jiL__]
`1807
`50]. 1807
`50 Processing fee under 37 CFR 1.17(q)
`ILE
`Large Enti
`1806
`180]
`1806
`180 Submission of Information Disctosure Stmt
`
`
`
`Fee Fee
`Fee
`Fee
`
`
`Code ($)
`Code ($)
`aot
`40]
`ans
`40 Recedingapatmoet
`
`
`9 Claims in excess of 20
`2202
`1202
`18
`1809
`770|
`2809
`385 Filing a submissionafterfinal rejection
`43
`independent claims in excess of 3
`2201
`1201
`&6
`(37 CFR 1.129(a))
`
`
`1203 290
`1810
`770]
`2810
`385 For each additional invention to be
`2203 145 Multiple dependentclaim,if not paid
`examined (37 CFR 1.129(b))
`1204
`86
`
`2204 43=** Reissue independent claims
`
`
`
`
`1801 770|2801 385 Request for Continued Examination (RCE)
`_ overoriginal patent
`** Reissue claims in excess of 20
`1205
`18
`2205
`9
`1802
`900
`1802
`900 Request for expedited examination
`
`
`of a design application
`and over original patent
`Otherfee (specify)
`
`
`“Reduced by Basic Filing Fee Paid
`
`
`
`
`
`Fee Description
`
`
`
`
`
`SUBTOTAL (2)
`“or number previously paid, if greater; For Reissues, see above
`
`SUBMITTED BY
`
`
`
`
`
`SUBTOTAL (3)
`(Complete (i applicable))
`
`
`
`
`
`
`& public. Credit card information should not
`WARNING: Information on this form maybe
`
`
`
`ation and auth rization n PTO-2038.
`be included nthisf mm.Provide credit card
`This collection of information is required by 37 CFR 1.17 and 1.27. The information is required to obtain or retain a benefit by the public which is to file (and by the
`USPTO to process) an application. Confidentiality is governed by 35 U.S.C. 122 and 37 CFR 1.14. This collection is estimated to take 12 minutes to complete,
`including gathering, preparing, and submitting the completed application form to the USPTO. Timewill vary depending uponthe individual case. Any comments on
`the amountof time you require to compiete this form and/or suggestions for reducing this burden, should be sent to the Chief Information Officer, U.S. Patent and
`Trademark Office, U.S. Department of Commerce, P.O. Box 1450, Alexandria, VA 22313-1450. DO NOT SEND FEES OR COMPLETED FORMS TO THIS ADDRESS.
`SEND TO: Commissionerfor Patents, P.O. Box 1450, Alexandria, VA 22313-1450.
`if you need assistance in completing the form, call 1-800-PTO-9199 and select option 2.
`
`
`
`Unified Patents Ex. 1013, pg. 2
`
`Unified Patents Ex. 1013, pg. 2
`
`

`

`BNS Intellectual Property Description
`
`BROADBAND NETWORKSYSTEMS, INC.
`Intellectual Property
`
`Service Preference Architecture
`(SPA)
`Description & Technology
`
`January 14, 2004
`
`BNSProprietary
`1/22/2004
`
`Page 1
`
`Unified Patents Ex. 1013, pg. 3
`
`Unified Patents Ex. 1013, pg. 3
`
`

`

`BNS Intellectual Property Description
`
`l.
`
`Ul.
`
`Ul.
`A.
`
`Service Preference Architecture ............eccceccseseeseeseeeseeeceseecsscecsaneesnsesensensneraneusetesenersunersueeras 4
`A. High Level Description oo... cececscscsesessecetseesseecceesecsesaseesarsereasecsesseesenarstceeassesasnesenbeneeraes 4
`B. Service Control and Copyright Protection ..............cccceccccscscesseseseeeeesseeasscececoeceseseeseaeaeeteesaes 4
`C. Flexibility to add new Service Control and Copyright Techniques ..........0... eee ceeeereeeteneee 5
`SPA - Network & Product Architecture ...........ccecceeecesestseseeeneeseeseresnesseescreteeseesneeeneereeenates 5
`A. General D@SCription .........cccccccsssessesceseescscesssessessssessessesessestevsessesssesesseenscsesausssessseseesaesascasensaes 5
`Figure 1. Service Preference Architecture... ccc ceccescccenseceeeeeeeeseaeeeneeneeseereesaenseaennenevaes 6
`B. The ICP Controls Communication GatewayS ...............cccccesesscsecseseeseneseesenseesessecersereecnrsteeseaes 6
`C. The ICP Controls ISP, BNS & EDC Service Deliveries ..0.......... cc cecesssccececscssssecesssreenssesceesens 7
`D. The ICP Controls are determined by Regular and Active Human Intervention .................0 7
`E. ICPs Updated by Active Intervention & Multiple [CPs Deliver High Availability.............0....... 7
`Figure 2. Active Intervention Updates and Backup ICPS.............0..cceccecccceceeeeceeeeceeceeeeeeeeeeeeee 7
`BNS Internet Control Techniques .............c:ccscceccssessecsssesscssesneeesessnsessesesaessrssseeseesetsrsnesens 8
`Digital Rights Management ............ cc ccescscsssseteteesssssseeteeseeensecneensescneceestaevsesseseceetaeteesnnees 8
`1. Conditional Denial ...........0.. ccc cccececceeneceseeeeeseeceseceneeseecaeeeneeecsneesnaeceneeseeneeescenaeseseeeeateenareeeees 8
`Figure 3. DRM — Conditional Demial ...0..... eee ce ceceeeneecenseeencesnseessacenseeerseenaeessaeeeentesnartees 8
`3. Packet INSPOCHION. 0... cece cececseteereeteterseceaneserarenenssecinesaestansoeseasecatenssasevsesetsensenneenentarseeeans 8
`4. E-Mail Server & Client SpOofing .........cceccseeecersesseeessensesssesseseeenecsenserereetessetsneneaeesreeseeeees 9
`Figure 4. DRM — Blocking E-Mail of Copyrighted Files 2.0.00... cece eseccnseenneteseeoeseeeennerees 9
`5. Denial of Service Attacks on Unlicensed “Pirate” Copyright Material Sites... 9
`6. Copyright Registry ........ cc ccc cceceessestecenseseeseeeecsessecnsseeasesseaeeseeeseseanenesesassaesaenaaesaeenisenatsaes 9
`7. Copyrighted File Deletion oo... cscs csseesecneseresesesascaeesseeseccnsesaeensesseersessseseeeseeeeneetereraees 9
`B. Event Notification ...... 0... cece cccecessceeesenaecesseseeceneeeeeseceeseueecnaeeeeseaeeeseeeeeeceiseseaneeeasenneeess 10
`Service Initialization 2.0.00... ccc ceececeeeeeeennceeceneeesesecessncceceaeeesseaeeesenaeeecnueeeecinesessuneeeas 10
`Figure 5. Service ImitialiZation. ......... cece cecesseteseecseeeeetnerenscceeseeseneseeseaeeesessesesseassvessanenseeonse 10
`Active and Inactive Gateway Processing Control..............:cccccscccsscesseeteseeceseeseeesseensuaeeeues 10
`Figure 6. Active and Inactive CG processing ............ececccccecesseeeeceeeeeeeseeeeneaeeeaseaseseeeaneeenaees 11
`First Portal Visibility (“First Portal’) 0.0.0.0... cececccececceccereeceeeceeeeacaceseeceeeeoeeaevaenaesareeeeiteas 11
`Figure 7. First Portal Visibility. 0.0.0... ce esecseneeeceeeeenesessecetseseeseatenecnaesressessasenseaeeneneenesaees 11
`AVErTISING occ ete cecereererrecer cesses crnetensecasecsesenessesascaseasassessessensssenessnieseasesseseens 12
`Figure 8. Advertising INS@rtion. .......0f.. cece ee seeeeceeeeeeeceenaeeeeceerecnecesnenaecaeeeaesaeetaaetenenenieess 12
`F. Browser, Program Communications & URL or IP Address Access Blocking....................05 12
`Figure 9. URL or IP address BIOCKING ........... ee eeececceeeeeesesteeseenteeseceesessaeeseesatenseeetaeenererseenees 13
`G. Service Applet Downloads..........ccccccccccsssssccesssscerssessessaecacaesossecuceuseasecseaneceseeeeseeasssscauseesennaesss 13
`Figure 10. Service Applet Downloads... ce ececcceeenecensenecsenensecneecasesseessaeererenieessaassnnenee 13
`H. Virus tnitiated Denial of Service Traffic BlOCKING «0.0.0.0... cc eeceseeseeeeteteeeeteecetsatseseneeteeeeseeretss 13
`Figure 11. Virus Initiated Traffic BIOCKING «0.00... eee ceeeceeseeeeeeneeseeeeseeeeenecaesaeseesneeeseeeeeenees® 14
`Law Enforcement Monitoring 20.0.0... ccc csescessseeceenerseceessnsessscnasenesensenatersssseeesseseneeeateneters 14
`Figure 12. Law Enforcement Monitoring... ccc eeeceeseesssesseeeeseceerseesseesassasesseseesneseaeease 14
`J. VOIP BIOCKING «0.2.2... cee ceeccesecceececeeesceeteeeeseeseeeencesseeensaeerescnevaneeceseesncaseesesaaensaaeennessaseenaenttaeenae 15
`Figure 13. VoIP BIOCKING. ............ cee ceccnsesesnenseseesasceersaceesaerensersitessanersasecsecenaesneceracsesserenaees 15
`K. Real Time Video or Audio Streaming BIOCKING occ ecceesecesseserseeeersecstevsessasenseneeseseessats 15
`Figure 14. RT Video or Audio Blocking..............eenevaeeaceesesnesestesseseneesesearerssieecassaranseneesenens 16
`Peer to Peer (P2P) Resource Address Server Blocking and False P2P Resource Address
`L.
`SPOOFING... eee eee ec cceceeeeeeceesensuneeeeaeeeseaaeseeseseeceneaececaesesnaeeessaeeeracaeeeneensenenaaeeesnesaeenieeteseigers 16
`Figure 15. P2P Resource Address Server BIOCKING. ...........c:ccccccsccsscescesesestecsesesensescerseenteeeas 16
`Figure 16. P2P Resource False Address Spoofing.............::cccccssssseessesteteseeteseaesenersaeterenens 17
`M.—Internet Access Pre-Authentication................:ccccccccessececeecsateceeseceeneaneeeeeeceenacaeteseeseaeeeeentes 17
`Figure 17. Internet Access Pre-Authenticationoe ees seceeseecesrerseetereccereeseesersecenanseeeeee 17
`
`B.
`
`C.
`
`D.
`
`EF
`
`I.
`
`BNS Proprietary
`1/22/2004
`
`Page 2
`
`Unified Patents Ex. 1013, pg. 4
`
`Unified Patents Ex. 1013, pg. 4
`
`

`

`BNS Intellectual Property Description
`
`ABOUT THIS DOCUMENT
`This document describes BNS Product Features, Intellectual Property and Product Architecture.
`
`'
`
`CONFIDENTIAL INFORMATION
`This Intellectual Property Description document is the property of Broadband Network Systems.
`It is proprietary information andis strictly confidential.
`It contains information intended only for the
`person(s) to whom it
`is transmitted. With receipt of this Intellectual Property Description
`document , Recipient acknowledges and agreesthat:
`1) in the event that the recipient does not
`wish to pursue this matter, this documentwill be returned, at the addresslisted below as soon as
`possible; the recipient will not copy, fax, email, reproduce, divulge, or distribute this confidential
`Inteliectual Property Description document
`,
`in whole or in part, without the express written
`consent of Broadband Network Systems; and
`Ill) all of the information contained in this
`document will be treated as confidential material with no less care than that afforded to your
`companyor personal confidential material.
`.
`
`TRADEMARK NOTICE
`BROADBAND NETWORK SYSTEMS, BROADBAND NETWORK SERVICESand the Broadband
`Network Logos are Trademarks of Broadband Network Systems.
`
`CONTACT INFORMATION
`Robert Burke
`C.E.0.
`21103 Old Well Road
`Los Gatos, CA 95033
`U.S.A.
`* (408) 353-3573
`
`URL: www.bbns.us
`
`BNS Proprietary
`1/22/2004
`
`Page 3
`
`Unified Patents Ex. 1013, pg. 5
`
`Unified Patents Ex. 1013, pg. 5
`
`

`

`BNSIntellectual Property Description
`
`I.
`
`S rvic Pr fer nc Archit cture
`
`A. High Level Description
`
`Broadband Network Systems (BNS) plans to develop and to sell Broadband (high-speed)
`Residential and Business Communication Gateways (CGs) and Internet Control Points (ICPs) to
`Telecommunication Carriers such as the Regional Bell Operating Companies (RBOCs), other
`Telephone companies,
`ISPs and Cable TV companies.
`ICPs are network based routers or
`computers that control the operation of CGs. CGs, installed at a Subscriber's site and ICPs,
`installed in the Carriers’ network are designed to enable Carriers to provide the so-called ‘Triple
`Play’ services (Voice+ Broadband Internet + Video) to their Subscribers using the Carrier's
`existing distribution network.
`In addition, new revenue generating Content Services (music,
`video, games, and software services) can be offered by BNS.
`
`With BNS’s unique Service Preference Architecture (SPA), several new data traffic control
`techniques are available to Carriers, ISPs, Enterprises and Cable TV companiesfor their Internet
`Accessnetworks.
`
`they provide an important new feature- Digital Rights
`BNS products are unique in that
`Management,
`i.e., the assurance to both the Service Provider and the Content Provider that
`intellectual Property (music, video, games, software, etc.) will be secure from illegal downloading
`and transmission over the internet, a major source of lost revenues and the basis for hundreds of
`lawsuits. Service Providers will want this feature to halt the legal onslaught launched by music
`companies and because they want to offer Video/DSL and the Motion Picture Industry will not
`license the content for distribution over the unsecured Internet, having seen the negative impact
`piracy has already had on the Music Recording Industry. Content Providers will demand this
`feature to stop the illegal downloading and transmission of Intellectual Property over the Internet
`which has cost the music and movie industriesbillions of dollars annually.
`
`B. Service Contro! and Copyright Protection
`
`BNS’ Service Preference Architecture (SPA) is a collection of BNS software routines executed by
`BNS CGsin conjunction with SPA-based Internet Servers under the contro! of BNS Internet
`Control Points.
`
`The software routines perform thirteen functions:
`
`from being illegally
`
`rights management- SPA protects copyrighted material
`1. Digital
`downloaded and distributed over the Internet.
`2. First portal visibility- SPA enables Consumers to receive the Carrier/BNS home page or
`video menu system every time their Computer or TV is turned on or wheneverthey re-initiate
`activity after an extendedidle period.
`3. Advertising- SPA allows desired advertisements to be delivered by the Carrier and/or by BNS
`to the Customers.
`4. Web site blocking- SPA enables Web Sites to be blocked by the Carrier,
`corporate customers as required by Law or by the Subscriber’s ownPolicy.
`5. Services download- SPA allows Consumer and Business customers to download applets that
`facilitate their use of the BNS/Carrier Services portfolio.
`6. Virus — Initiated traffic BI cking— SPA prevents infected user machines from repeatedly
`sendingtraffic at high data rates to sites which are the subject of Denial of Service attacks.
`7. Law enf rcement monitoring — SPA allows data passing through a CG to be copied to law
`enforcementor national security agencies.
`
`ISP or their
`
`BNS Proprietary
`1/22/2004
`
`Page 4
`
`Unified Patents Ex. 1013, pg. 6
`
`Unified Patents Ex. 1013, pg. 6
`
`

`

`BNS Intellectual Property Description
`
`ice over Internet Prot c | (VoIP) traffic bl cking — SPA allows Carriers to restrict the use
`8. V_
`of th Internet Access Service they offer Subscribers to “data transport only,” blocking VoIP and
`thereby protecting their voice revenue stream from encroachment and preserving their ability to
`migrate their voice customers from the Public Switched Telephone Network (PSTN) when they
`upgradetheir Internet Access Networksto offer Real Time Quality of Service.
`
`9. P2P Resource Address Server Blocking and False P2P Resource Address Spoofing ~
`Requests by software programs or browsers to connect to P2P Resource Address servers are
`blocked. With SPA Active Intervention, false addresses are sent to the P2P Resource Servers.
`This foils access to unlicensed Copyrighted Materials.
`
`10. Internet Access Pre-Authentication — SPA prevents the use of non-SPA Gateways that
`would fail to enforce SPA features by delivering a Gateway Authentication to Carrier/ISP Remote
`Access/ Authentication Servers that must precede any request for Authentication by a User. Only
`after receiving a Pre-Authentication from a Gateway would a User be allowed to successfully
`Authenticate and accessthe Internet.
`
`11. Real Time Audio or Video traffic blocking — SPA allows Carriers to restrict the use of the
`internet Access Service they offer Subscribers to “data transport only,” blocking Real Time
`packets, normally used for Audio or Video and thereby delivering the ability to bill for traffic
`delivered from Internet Portal sites to their Subscribers in a manner similar to today’s “calling
`party pays” method used for Voice Calls.
`
`12. Core Network Router & Firewall Processing Control — SPA can control the implementation
`of Routing and Firewall rules used by Core Network Routers to open and close paths to or from
`specific URL/IP addresses or as otherwise neededto block virus and unwantedtraffic.
`
`13. Copyrighted File identifier Computation — Every Copyrighted File known to BNS hasa File
`Identifier (FID) computed for it. The FID is computed using a complex Boolean algorithm and
`creates a result that is up to 2K bytes long. During Packet Inspection of traffic flowing through the
`CG, SPA Gatewayswill compute a FID for files as they are transferring. The FID is forwarded to
`the ICP controlling the Gateway and a “Stop” commandis returned to the Gateway by the ICPif
`there is a match. Any FID that matches onein the BNS FID data baseis stopped by the Gateway.
`
`In Sections II and Ill, we describe how the software routines work.
`
`C. Flexibility to add new Service Control and Copyright Techniques
`
`BNS has created SPA to be highly flexible, adaptable and to deliver a high degree of availability
`and security. The BNS SPA Architecture allows new Internet Contro! techniques to be added as
`BNS, Content Providers or Service providers need them. More techniques will be added by BNS
`as it creates them to deliver value to BNS,
`its customers and partners. This flexibility to add
`techniques is a key feature of SPA and BNS Intellectual Property. This flexibility can be extended
`to National Security Agencies to conduct Electronic Internet Warfare against enemies during
`conflict.
`
`il.
`
`SPA-Network & Product Architecture
`
`A. General Description
`
`Telecommunication Carriers, Cable TV companies and Internet Service Providers can be
`equipped to deliver the BNS suite of features only by using a network service based system. This
`system is based on an architecture that employs an Internet Control Point (ICP) to control the
`
`BNS Proprietary
`1/22/2004
`
`,
`
`Page 5
`
`Unified Patents Ex. 1013, pg. 7
`
`Unified Patents Ex. 1013, pg. 7
`
`

`

`BNS Intellectual Property Description
`
`access to websites and to deliver data to Subscribers. The ICP controls the processing of data
`sent between Customers (client PCs or LAN servers) using the BNS Communication Gateway
`(CG) and the ISPs, Enterprise Data Centers or Content Servers with which they are exchanging
`information. The architecture is completed with a hardware/software implementation in the
`Communication Gateways that Carriers/ISPs use at their customers premises to deliver the
`service. The Communication Gateways cannot be tampered with by Users. Users are given no
`access to unload or modify the CG operating software by design and all ICP-CG communications
`takes place within the Carrier side of the network (DSL uplink),
`ICP-CG communications are
`secured with encryption and hashing. Furthermore, the ICP will not enable any service to an un-
`registered CG and an un-registered CG will not operate in an experimental environmentatall.
`
`This ensures secure contro! of the data flow between both the ICP and the CG. This secure flow
`of data then enables Carriers, ISPs, Enterprise data Centers or Cable TV Companies to control
`the services their Users have accessto. Figure 1 illustrates the overall Network Architecture.
`
`Service
`
`Providers
`
`
`
`Content Owners
`Music, Movies, Books,
`
`Software, Games, Gaming, etc.
`
`BNS Communication Gateway
`Single CG Processing Data Base
`
`D
`Fl
`toffr:
`Cc.
`a
`
`As Directed by
`ICP
`
`y
`
` BNSContent Servers
`BNSInternet. Control
`
`
`
`Secure Services
`Points
`
`
`Subscriber Data Base
`
`Service Controls:
`
`Intemet BasedDRM
`Blocked Sites
`
`First Portal
`
`
`
`Advertising
`
`Virus Traffic Blocking!
`VoIP Blocking
`
`
`Active CG Process-Control
`
`
`Inactive CG process Control
`Law Enforcement Monitoring
`
`Rata Floorsolemnecueaties: 4 XX Network-based SPA
`
`
`
`
`
`
`
`
`
`°
`preempts piracy
`and controls Services
`
`Consumer
`
`Figure 1. Service Preference Architecture
`
`B. The ICP Controls Communication Gateways
`The Communication Gateway (CG) may be either: 1) a Gateway that combines TV, Video,
`Internet and Voice, 2) a dial-up Remote Access Server, 3) an ADSL Modem/Router, 4) a Satellite
`TV Gateway, 5) a Cable TV Modem, or 6) a convergedset top + Internet Gateway.
`
`The ICP is the source of Internet Service Control and Conditional Denial of Users access to
`Service Provider selected URLs or IP addresses. The ICP controls the CG to determine what web
`site data is allowed through to Subscribers browsers. The ICP also controls the CGs packet
`inspection processing to determine which data can be allowed to flow through the CG to and from
`the Subscriber, specifically when e-mail orfile transfers are initiated. The ICP also controls what’
`‘activities are engaged in by idle CGs when Consumers are inactive.
`Idle CGs may receive
`
`BNSProprietary
`1/22/2004
`
`Page 6
`
`Unified Patents Ex. 1013, pg. 8
`
`Unified Patents Ex. 1013, pg. 8
`
`

`

`BNS Intellectual Property Description
`
`software downloads from the ICP, may be usedto collect data and to initiate communications
`activities that are disruptive to Content Servers that offer unauthorized copyrighted materials for
`illegal download by Consumers.
`
`Multiple 1CPs are deployed geographically in the Carrier's network to support the Gateway
`managementcapacity of the ICP and the number of Broadband Usersin its service area.
`
`C. The ICP Controls ISP, BNS & EDC Service Deliveries
`Next is the interaction of the ICP with the BNS Content Server (BCS), Service Provider’s Internet
`Portal or Carrier (ISP) and Enterprise Data Centers (EDC). The ICP controls Consumersability to
`access services that are offered by the ISP or EDC. The ICP also controls the CGsto deliver: 1)
`advertisements, 2) the home page for ISP/BCS/EDC web servers or 3) software downloads to
`Consumer's PCsfor their use of ISP/BNS/EDC content services.
`
`D. The ICP Controls are determined by Regular and Active Humanintervention
`
`The ICP is programmed either by human input or by operator-controlled web crawler software.
`Updates are determined from BNS’s active intervention service whereby changes to the control
`entries are discovered and implemented. This is a service delivered to ISPs and EDCs whereby
`the operation of BNS Features described below are controlled in a manner analogous to the
`regular updating of Virus Definitions for computer virus and worm protection.
`
`E. ICPs Updated by Active Intervention & Multiple ICPs Deliver High Availabili
`
`
`
`
`The web crawlers, humanintervention and ICP/CG software/processing data base updates are
`controlled by an Active Intervention system consists of a set of centrally maintained computer
`systems whichcontrol the operation of the ICPs. Figure 2 illustratesthis.
`
`BNS Update System
`Manages Operation of
`ICPs
`
`
`
` BNS Active Intervention Systems
`Webcrawlers. find: Unlicensed Content
`
`Humans input ICP: & CG.Processing Data
`
`Base Changes
`
`CG & Service Software Changes
`
`|
`
` BNS Internet Control!
`
`
`
`
`BNSInternet Control
`
`
`‘Points
`ICP Updates
`ICP Updates
`
`
`
`Points
`& Control
`Subscriber Data Base
`& Control
`
`
`
`
`Subscriber Data Base
`Service Controls:
`
`
`Service Controls:
`Intemet Based DRM
`
`Internet Based ORM
`BlockedSites
`
`
`Blocked Sites
`First.Portat
`
`
`First Portal
`Advertising
`
`Advertising
`:
`i
`i
`
`
`
`
`Virus Traffic BlockingPrimaryICP voroie
`
`
`
`For CGs
`inactive CG Process Control
`VoIP Blocking
`
`
`Law Enforcement Monitoring
`Inactive CG process Control
`
`
`
`
`BNS Communication Gateway
`Law Enforcement Monitoring
`
`7
` Single CG Processing Data Base
`
`Data Flow to/from Consumer.
`
`
` As Directed by ICP
`
`
`
`
`
`Multiple Control! Points:
`“— High availability to CGs
`
`Figure 2. Activ Interv nti n Updates and Backup ICPs.
`
`BNS Proprietary
`1/22/2004
`
`Page 7
`
`Unified Patents Ex. 1013, pg. 9
`
`Unified Patents Ex. 1013, pg. 9
`
`

`

`BNS Intellectual Property Description
`
`lll. BNS Intern t Control T chniqu s
`
`A.
`
`Digital Rights Management
`
`1. Conditional Denial
`
`The CGs, under ICP control, deliver a network based Digital Rights Management Service (DRM)
`which denies Users the capability to send or to receive data from or to URLs or IP addressesthat
`are known to contain unlicensed copyrighted material. When this “Conditional Denial’ occurs, the
`Gateway substitutes the URL or IP Addressofa site that offers licensed copyrighted materials for
`legal, authorized sale to the User. This list of URLs or IP addresses that are known to contain
`unlicensed copyrighted material will be regularly updated, similar to how virus definitions are
`regularly updated today.
`
`ICPs delivering DRM service use the Section F. Browser, Program Communications & URLor IP
`Address Access Blocking method to direct Users to authorized content sites. DRM uses both
`Active Human and Web Crawlerinput to find unauthorized content offered over the Internet and
`to update the URLs or IP addresses that are known to contain unlicensed copyrighted material.
`
`When programs other than browsers attempt to access the blocked sites, the requested URL or
`IP address may be substituted by a legal content provider's URL/IP Address or noneatall.
`
`Uponregistration as an “Active” Gateway, the ICP updates the Communication Gateway’slist of
`DRM URLor IP Addresssubstitutions.
`
`
`Browser or Program Requests
`connection to DRM Blocked URL
`or.IP address?
`
`GWin Active
`
`Event is Logged
`
`
`
`
`Mode
`
`
`
`
`
`User receives browser
`
`
`=
`GWsubstitutes
`screen from
`Legal Source URL
`requestedURI or
`
`
`
`
`or IP address;
`to Legal Source
`
`Program is connected to
`URLor IP address
`
`
`Legal Source or given
`
`
`In OG message
`
`no accessatall
`
`
`Figure 3. DRM - Conditional Denia!
`
`3. Packet Inspection
`
`Additional packet inspection processing is performed by the Gateways to determine thefile type
`of all files being transferred through the Gateway based upon thefiles properties, such asfile
`extension, file format, header or trailer contents and URL/IP addresses that are known sourcesof
`unauthorized Copyrighted material. The Gateway is programmed by the ICP with certain Data
`Patterns. These data patterns may be any length and may contain exact matches plus regular
`expressions. When certain data patterns are recognized, the data transfer is stopped or another
`action is taken, based upon rules delivered by the ICP to the Gateway.
`
`BNS Proprietary
`1/22/2004.
`
`Page 8
`
`Unified Patents Ex. 1013, pg. 10
`
`Unified Patents Ex. 1013, pg. 10
`
`

`

`BNSIntellectual Property Description
`
`4, E-Mail Server & Client Sp___fing
`
`CGs present themselves to Users as the User’s E-mail Server and present themselves to E-Mail
`servers as Users.
`In so doing, the CG acts as a 2- way encryption/decryption point to enable
`inspection of what would otherwise be encrypted data. When E-mail is sent through the Gateway,
`the Gateway inspects all attached files using Packet Inspection. Based upon rules delivered by
`the ICP to the Gateway, the Gateway can then deny accessto incomingfiles, stop the transferof
`outgoingfiles or take other action,.
`
`
`
`GW in Active Mode as
`E-Mail Program send:
`GW De-Crypts &
`
`
`
`Packet Inspection
`ao
`or receives
`
`e-mail & seer]fieatt hme S| finds Copyrightedfile
`
`GW Re-Encrypts &
`E-mail passes
`
`
`
`
`
`
`User receives browser
`screen from
`
`
`GW stops
`Legal Source URL
`or IP address;
`File
`
`
`Program is: connected to
`transfer
`Legal Source or given .
`no accessat all
`
`
`
`
`Figure 4. DRM — Blocking E-Mail of Copyrighted Files
`
`5. Denial of Service Attacks on Unlicensed “Pirate” Copyright Material Sites
`
`Powered up and Inactive Gateways under ICP control can be directed to initiate repeated
`requests for service or for other transactions over the Internet Uplink to URLs of IP Addressesin
`the Conditional Denial of Service list which have been identified for interdiction. ICP control can
`activate the attacks on any of several bases: 1) scheduled with duration,