Trials@uspto.gov
`571-272-7822
`
`
`Paper No. 7
`
` Entered: March 11, 2016
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`
`SYMANTEC CORP.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2015-01894
`Patent 6,154,844
`____________
`
`
`Before JAMES B. ARPIN, ZHENYU YANG, and
`CHARLES J. BOUDREAU, Administrative Patent Judges.
`
`BOUDREAU, Administrative Patent Judge.
`
`
`
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 1
`
`
`571-272-7822
`
`
`Paper No. 7
`
` Entered: March 11, 2016
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`
`SYMANTEC CORP.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2015-01894
`Patent 6,154,844
`____________
`
`
`Before JAMES B. ARPIN, ZHENYU YANG, and
`CHARLES J. BOUDREAU, Administrative Patent Judges.
`
`BOUDREAU, Administrative Patent Judge.
`
`
`
`
`DECISION
`Denying Institution of Inter Partes Review
`37 C.F.R. § 42.108
`
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 1
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`
`I. INTRODUCTION
`
`Symantec (“Petitioner”) filed a Petition (Paper 1, “Pet.”) requesting
`inter partes review pursuant to 35 U.S.C. § 311 of claims 1, 7, 11, 15, 16,
`41, and 43 of Patent No. US 6,154,844 to Touboul et al. (Ex. 1001, “the ’844
`patent”). Pet. 1. Finjan, Inc. (“Patent Owner”) filed a Preliminary
`Response. Paper 6 (“Prelim. Resp.”). We review the Petition under
`35 U.S.C. § 314, which provides that an inter partes review may not be
`instituted “unless . . . there is a reasonable likelihood that the petitioner
`would prevail with respect to at least 1 of the claims challenged in the
`petition.” 35 U.S.C. § 314(a).
`For the reasons that follow and on this record, we are not persuaded
`that Petitioner demonstrates a reasonable likelihood of prevailing in showing
`the unpatentability of any of the challenged claims on the asserted grounds.
`Accordingly, we deny Petitioner’s request to institute an inter partes review.
`
`A. The ’844 Patent
`
`The ’844 patent, titled “System and Method for Attaching a
`Downloadable Security Profile to a Downloadable,” issued November 28,
`2000, from U.S. Patent Application No. 08/995,648 (“the ’648 application”),
`filed December 22, 1997. Ex. 1001, [21], [22], [45], [54].
`The ’844 patent is directed to systems and methods “for attaching a
`Downloadable security profile to a Downloadable to facilitate the protection
`of computers and networks from a hostile Downloadable.” Ex. 1001,
`1:23–27. “A ‘Downloadable’ is an executable application program . . .
`downloaded from a source computer and run on [a] destination computer.”
`Id. at 1:44–47. “Examples of Downloadables include Java™ applets . . . ,
`
`
`
`2
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 2
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`JavaScript™ scripts . . . , ActiveX™ controls . . . , and Visual Basic
`[scripts].” Id. at 1:49–55. “Downloadables may also include plugins, which
`add to the functionality of an already existing application program.” Id. at
`1:56–57.
`According to the ’844 patent, “the Internet has become a major source
`of many system damaging and system fatal application programs, commonly
`referred to as ‘viruses,’” and “programmers continue to design computer and
`computer network security systems for blocking these viruses.” Id. at
`1:32–39. Although, “[o]n the most part, these security systems have been
`relatively successful,” the ’844 patent explains, “these security systems are
`not configured to recognize computer viruses which have been attached to or
`configured as Downloadable application programs, commonly referred to as
`‘Downloadables.’” Id. at 1:40–44. The subject matter of the ’844 patent,
`accordingly, “provides systems for protecting a network from suspicious
`Downloadables.” Id. at 1:62–63. “The network system includes an
`inspector for linking Downloadable security profiles to a Downloadable, and
`a protection engine for examining the Downloadable and Downloadable
`security profiles to determine whether or not to trust the Downloadable
`security profiles.” Id. at 1:65–2:2. In particular, according to the ’844
`patent, the system and method “may examine the Downloadable code to
`determine whether the code contains any suspicious operations, and thus
`may allow or block the Downloadable accordingly.” Id. at 2:54–3:2.
`Further, “because the system and method . . . link a verifiable Downloadable
`security profile a Downloadable, the system and method may avoid
`decomposing the Downloadable into the Downloadable security profile on
`the fly.” Id. at 3:3–7.
`
`
`
`3
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 3
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`
`In the operation of a preferred embodiment of the ’844 patent, a
`developer obtains or generates an uninspected Downloadable and transmits
`the Downloadable to the inspector for “hostility inspection,” along with a
`developer certificate used to authenticate the developer. Ex. 1001, 3:55–65.
`The inspector includes a “content inspection engine” for examining a
`received Downloadable (e.g., the signed Downloadable from the developer),
`for generating a Downloadable security profile (“DSP”) based on a rules
`base, and for attaching the DSP to the Downloadable. Id. at 3:66–4:4. The
`DSP “preferably includes a list of all potentially hostile or suspicious
`computer operations that may be attempted by the Downloadable, and may
`also include the respective arguments of these operations.” Id. at 4:4–7.
`Preferably, the content inspection engine performs a full-content inspection,
`and generating a DSP includes searching the Downloadable code for
`undesirable patterns and patterns suggesting the code was written by a
`hacker, as well as comparing a Downloadable against Downloadables
`known to be hostile, Downloadables known to be non-hostile, and
`Downloadables previously examined by the content inspection engine. Id. at
`4:7–17. After performing content inspection, the inspector attaches an
`inspector certificate to the Downloadable, verifying the authenticity of the
`DSP attached to the Downloadable, and transmits the signed, inspected
`Downloadable to a web server. Id. at 4:65–5:5. The web server then may
`transmit the Downloadable via a network gateway to a computer client. Id.
`at 5:11–13.
`
`B. Priority Date of the ’844 Patent
`
`The Related U.S. Application Data field on the front page of the ’844
`patent includes a reference to Provisional Application No. 60/030,639 (“the
`
`
`
`4
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 4
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`’639 provisional”), filed November 8, 1996. Ex. 1001, [60]. Separately, in
`a section entitled “PRIORITY REFERENCE TO RELATED
`APPLICATIONS,” the ’844 patent states that the ’648 application “claims
`benefit of and . . . incorporates by reference [the ’639 provisional]; patent
`application Ser. No. 08/964,388, . . . filed on Nov. 6, 1997 . . . ; and patent
`application Ser. No. 08/790,097, . . . filed on Jan. 29, 1997.” Id. at 1:7–17.
`That statement, however, does not indicate how the ’648 application and the
`earlier applications are related to one another (e.g., as continuations,
`continuations in part, or divisionals). See 37 C.F.R. § 1.78(a)(2) (1997)
`(“Any nonprovisional application claiming the benefit of one or more prior
`filed copending nonprovisional applications . . . must contain or be amended
`to contain in the first sentence of the specification following the title a
`reference to each such prior application . . . indicating the relationship of the
`applications.”).
`In March 2003, Patent Owner filed a “Petition to Amend Priority
`Claims Listed in Patent” (Ex. 1005, 1–3). Patent Owner’s petition
`acknowledges that the ’639 provisional had expired before the filing date of
`the ’648 application and that priority “cannot be claimed directly from this
`application,” but asserts that “priority is still achieved through the chain of
`priority” and requests that “[r]eference to the indirect claim of priority to the
`provisional application” be added. Ex. 1005, 2. Notably, the proposed
`amendment also does not indicate the relationship among the applications as
`required by 37 C.F.R. § 1.78(a)(2).
`Petitioner points out that the Office never ruled upon Patent Owner’s
`petition and contends that the petition was improper, in any event, under the
`rules in effect at the time the ’648 application was filed. Pet. 4. Petitioner
`
`
`
`5
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 5
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`further contends that, even assuming arguendo that the ’844 patent did
`include a priority claim to the referenced earlier applications, the challenged
`claims still would not be entitled to the benefit of earlier priority based on
`any of those applications, because the specifications of those earlier
`applications differ from the ’648 application and lack sufficient disclosure
`with respect to the claimed subject matter of the ’844 patent to satisfy the
`requirements of 35 U.S.C. § 112. Pet. 4–5. Patent Owner does not provide
`any substantive response to these arguments in its Preliminary Response, but
`merely contends that the ’844 patent claims the benefit of and incorporates
`the earlier applications by reference. Prelim. Resp. 3.
`In light of Petitioner’s arguments and the absence of any substantive
`response thereto by Patent Owner, we are persuaded that the present record
`does not establish that the challenged claims are entitled to the benefit of any
`filing date earlier than December 22, 1997. See, e.g., Nintendo of Am. Inc. v.
`iLife Techs., Case IPR2015-00106, slip op. at 16 (PTAB Apr. 29, 2015)
`(Paper 12) (“Patent Owner must come forward with evidence and
`argument—either in its Preliminary Response or, if trial is instituted, in its
`Response—showing why the challenged claims is supported by the written
`description of the priority application.”); Polaris Wireless, Inc. v.
`TruePosition, Inc., Case IPR2013-00323, slip op. at 29 (PTAB Jun. 4, 2013)
`(Paper 9) (explaining that there is no presumption of earlier priority where
`the specifications of the earlier applications are not the same).
`
`C. Related Proceedings
`
`The ’844 patent is the subject of a district court action between the
`parties, Finjan, Inc. v. Symantec Corp., 3:14-cv-02998 (N.D. Cal. 2014), and
`also has been asserted in five other district court actions: Finjan, Inc. v.
`
`
`
`6
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 6
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`FireEye, Inc., 4:13-cv-03133 (N.D. Cal. 2013), Finjan, Inc. v. Blue Coat
`Systems, Inc., 5:13-cv-03999 (N.D. Cal. 2013), Finjan, Inc. v. Proofpoint,
`Inc., 3:13-cv-005808 (N.D. Cal. 2013); Finjan, Inc. v. Sophos, Inc., 3:14-cv-
`01197 (N.D. Cal. 2014), and Finjan, Inc. v. Blue Coat Systems, Inc., 5:15-
`cv-03295 (N.D. Cal. 2015). Pet. 1; Paper 4, 1. Petitioner also has filed
`petitions seeking inter partes review of other patents involved in the above-
`referenced Finjan, Inc. v. Symantec Corp. district court action. Pet. 1. Blue
`Coat Systems, Inc. also has filed a petition seeking inter partes review of the
`’844 patent on the grounds as presented in the instant Petition. Case
`IPR2016-00498, Paper 3.
`
`D. Illustrative Claim
`
`Among the challenged claims, claims 1, 15, 41, and 43 are
`independent. Claim 1 is illustrative and is reproduced below:
`1. A method comprising:
`receiving by an inspector a Downloadable;
`generating by the inspector a first Downloadable security
`profile that identifies suspicious code in the received
`Downloadable; and
`linking by the inspector the first Downloadable security profile
`to the Downloadable before a web server makes the
`Downloadable available to Web clients.
`Ex. 1001, 11:13–20. Independent claims 15 (inspector system), 41
`(computer-readable storage medium), and 43 (inspector system)
`include similar limitations. Id. at 11:62–12:2, 14:8–18, 14:35–42.
`Each of claims 7 and 11 depends directly from independent claim 1,
`and claim 16 depends from independent claim 15.
`
`
`
`7
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 7
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`
`E. References Relied Upon
`
`Petitioner relies on the following references:
`
`Exhibit
`
`Reference
`
`1006 US 5,825,877, issued Oct. 20, 1998 (filed June 11, 1996)
`(“Dan”)
`
`1007 US 5,978,484, issued Nov. 2, 1999 (filed Apr. 25, 1996)
`(“Apperson”)
`
`1008 US 5,313,616, issued May 17, 1994 (“Cline”)
`
`1009 US 5,623,600, issued Apr. 22, 1997 (filed Sept. 26, 1995)
`(“Ji”)
`
`1010 Rangachari Anand et al., A Flexible Security Model for
`Using Internet Content, IEEE COMPUTER SOC’Y PROC.
`16TH SYMP. ON RELIABLE DISTRIBUTED SYS. (1997)
`(“Anand”)
`
`Pet. 6–7. Petitioner also relies on the Declaration of Jack W. Davidson,
`Ph.D. (Ex. 1017).
`
`F. Asserted Grounds of Unpatentability
`
`Petitioner challenges the patentability of the challenged claims on the
`following grounds:
`
`Reference(s)
`
`Basis
`
`Claims Challenged
`
`Dan
`
`§ 103
`
`1, 7, 11, 15, 16, 41, and 43
`
`Apperson, Cline, and Ji
`
`§ 103
`
`1, 7, 11, 15, 16, 41, and 43
`
`Anand and Cline
`
`§ 103
`
`1, 7, 11, 15, 16, 41, and 43
`
`Pet. 8.
`
`
`
`8
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 8
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`
`II. DISCUSSION
`
`A. Claim Construction
`
`In an inter partes review proceeding, claims of an unexpired patent
`are given their broadest reasonable interpretation in light of the specification
`of the patent in which they appear. 37 C.F.R. § 42.100(b); In re Cuozzo
`Speed Techs., LLC, 793 F.3d 1268, 1275–79 (Fed. Cir. 2015), cert. granted
`sub nom. Cuozzo Speed Techs. LLC v. Lee, 136 S. Ct. 890 (2016). Under
`this standard, we presume that claim terms have their ordinary and
`customary meaning. See In re Translogic Tech., Inc., 504 F.3d 1249, 1257
`(Fed. Cir. 2007) (“The ordinary and customary meaning is the meaning that
`the term would have to a person of ordinary skill in the art in question.”)
`(internal quotation marks omitted). A patentee, however, may rebut this
`presumption by acting as his own lexicographer, providing a definition of
`the term in the specification with “reasonable clarity, deliberateness, and
`precision.” In re Paulsen, 30 F.3d 1475, 1480 (Fed. Cir. 1994).
`Petitioner proposes constructions for three limitations recited in
`means-plus-function format in independent claim 43: “means for receiving,”
`“means for generating,” and “means for linking.” Pet. 14–17. Patent Owner
`responds to each of Petitioner’s proposed constructions, offering competing
`constructions for the second and third of those limitations. Prelim. Resp.
`5–10. Pursuant to 37 C.F.R. § 42.104(b)(3), the parties identify specific
`portions of the ’844 patent’s specification that they allege describe the
`structures corresponding to the claimed functions. Neither party, however,
`explains how the construction of these limitations is material to our decision
`of whether to institute a trial. On this record and for purposes of this
`Decision, we determine that no claim terms require express construction.
`
`
`
`9
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 9
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`See Vivid Techs., Inc. v. Am. Sci. & Eng’g, Inc., 200 F.3d 795, 803 (Fed. Cir.
`1999) (stating that claim terms need only be construed to the extent
`necessary to resolve the controversy).
`
`B. Asserted Grounds of Unpatentability
`
`1. Overview
`
`Petitioner argues that claims 1, 7, 11, 15, 16, 41, and 43 of the ’844
`patent are rendered obvious by the references described above. See supra
`Sec. I.F. A patent claim is unpatentable under 35 U.S.C. § 103(a) if the
`differences between the claimed subject matter and the prior art are “such
`that the subject matter[,] as a whole[,] would have been obvious at the time
`the invention was made to a person having ordinary skill in the art to which
`said subject matter pertains.” KSR Int’l Co. v. Teleflex Inc., 550 U.S. 398,
`406 (2007). The question of obviousness is resolved on the basis of
`underlying factual determinations, including: (1) the scope and content of
`the prior art; (2) any differences between the claimed subject matter and the
`prior art; (3) the level of skill in the art1; and (4) objective evidence of
`nonobviousness, i.e., secondary considerations.2 Graham v. John Deere
`Co., 383 U.S. 1, 17–18 (1966). On this record and for the reasons set forth
`below, we are not persuaded that Petitioner demonstrates a reasonable
`
`
`1 Petitioner proposes a definition for a person of ordinary skill in the art.
`Pet. 13–14; see Ex. 1017 ¶¶ 27–29. Patent Owner does not challenge this
`definition. For purposes of this Decision and to the extent necessary, we
`adopt Petitioner’s definition.
`2 Although Patent Owner presents arguments regarding secondary
`considerations (Prelim. Resp. 45–48), we need not reach those arguments
`because we find that Petitioner’s evidence and arguments regarding the
`obviousness of the challenged claims are deficient.
`
`
`
`10
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 10
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`likelihood of prevailing in the challenges to claims 1, 7, 11, 15, 16, 41, and
`43 of the ’844 patent.
`
`2. Obviousness over Dan
`
`a. Dan
`
`Dan teaches a form of authentication in which a trusted third party,
`referred to in a preferred embodiment as a certification agency (“CA”), signs
`a certificate to identify the author of a program and to secure its integrity.
`Ex. 1006, 1:40–43, 49–51. The program code is associated with the
`certificate and an access control list (“ACL”). Id. at 1:43–45. The ACL
`describes the permissions and resources required by the code and is provided
`by the developer (referred to as the “code production system,” or “CPS”).
`Id. at 1:45–51, 2:20–28. The ACL also includes a Logical Resource Table
`(“LRT”), which “contains a row for each call to an external routine required
`by the code,” along with a listing of associated parameters, as well as a
`Physical Resources Table (“PRT”), containing the physical resources
`required by the code. Id. at 3:49–4:15. Once the CA issues the certificate, it
`is not possible for any party to modify either the code or the ACL without
`invalidating the certificate. Id. at 1:51–55. A client downloading the code
`or ACL can verify the integrity of the code and ACL, and the system can
`enforce the access list, such that the permissions and resources are not
`exceeded. Id. at 1:56–59.
`b. Discussion
`Petitioner contends that Dan renders obvious each of claims 1, 7, 11,
`15, 16, 41, and 43 of the ’844 patent. Pet. 17–30. Petitioner equates the
`program code in Dan with the “Downloadable” recited in the challenged
`
`
`
`11
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 11
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`claims, Dan’s CA with the claimed “inspector,” and the external routines
`identified by the LRT of Dan’s ACL with “suspicious code.” Id. at 19–23.
`Petitioner variously identifies the ACL, PRT, and LRT tables as the claimed
`DSP that identifies suspicious code in the Downloadable. Id. at 23–24.
`Petitioner contends that, “[a]lthough Dan does not expressly teach that this
`[DSP] is generated by the CA (i.e., inspector), this would have been
`obvious” to a person of ordinary skill in the art. Id. at 24. Petitioner
`explains:
`Dan teaches that the CA (i.e., inspector) can verify an ACL (i.e.,
`Downloadable security profile) associated with a Downloadable
`provided by a Code Production System (CPS). [Ex. 1006,] 4:19–
`25, 2:18–43. In particular, Dan teaches that this verification of
`the ACL by the CA may be used as an alternative to enforcement
`by a client. [Id. at] 4:23–25. Thus, a [person of ordinary skill in
`the art] would have understood that such verification at the CA
`could be performed in the same manner as the enforcement at the
`client using the functions associated with the ACL enforcer. [Id.
`at] 3:38–41 (“Before allowing access to any resource, the
`executor invokes the ACL enforcer for checking the validity of
`the access.”), 4:59–61, 5:5–10, and 5:17–22; [Ex. 1017] ¶ 116–
`118 (explaining that enforcement is akin to verification).
`In particular, it would have been obvious to a [person of
`ordinary skill in the art] that these same verification/enforcement
`techniques (e.g., static and dynamic code analyzes) could be used
`by the CA in Dan to generate the ACL (i.e., Downloadable
`security profile) instead of verifying an existing ACL that was
`provided by a CPS. [Id. at] ¶ 119. A [person of ordinary skill in
`the art] would have been motivated
`to generate
`the
`Downloadable security profile at the CA for a number of reasons,
`including in situations where the CPS is untrusted or does not
`provide an ACL. [Id. at] ¶ 120.
`Pet. 24–25.
`
`
`
`12
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 12
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`
`Petitioner also asserts that, because Dan teaches that the CA links the
`ACL to the program code before the code is made available from a server to
`clients, Dan teaches “linking [by the inspector] the first DSP to the
`Downloadable before a web server makes the Downloadable available to
`web clients,” as required by each of the challenged independent claims. Id.
`at 26–27.
`Patent Owner responds, inter alia, that Petitioner has not
`demonstrated that Dan discloses either “[means for] generating [by the
`inspector] a first Downloadable security profile that identifies suspicious
`code in the received Downloadable” or “[means for] linking the first
`Downloadable security profile to the Downloadable before a web server
`makes the Downloadable available to web clients,” as required by each of
`the challenged claims. Prelim. Resp. 12–20.
`With respect to the “generating” step, Patent Owner raises four
`arguments: First, ACLs are not DSPs, and Petitioner’s broad interpretation
`of DSP is “completely at odds” with the teachings of the ’844 patent and
`U.S. Patent No. 6,092,194 (Ex. 1003, “the ’194 patent”), incorporated by
`reference therein,3 which demonstrate that ACLs not only are distinct from
`DSPs, but are instead what the generated DSPs are compared against. Id. at
`13–14 (citing Ex. 1003, 6:5–19, Fig. 3). Second, ACLs, including Dan’s
`ACL, are not DSPs, because they do not identify suspicious code in the
`received Downloadable. Id. at 14. Whereas Petitioner relies on the
`existence of an LRT in ACL to explain how the ACL identifies suspicious
`
`
`3 The ’194 patent issued from the ’388 application, which as noted above, is
`stated to be incorporated by reference in the ’844 patent. See Ex. 1003, [21];
`Ex. 1001, 1:12–15.
`
`
`
`13
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 13
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`code in the received Downloadable, Patent Owner contends, Dan’s LRT
`merely contains the logical resources “required” by the code, and nowhere
`does Dan state that the LRT further includes identification of suspicious
`code for any of the required calls. Id. (citing Ex. 1006, 3:49–66). Third,
`“nothing suggests that Dan discloses an inspector that generates the claimed
`DSP.” Id. at 16. Whereas “Petitioner relies on Dan’s [CA] to be the
`claimed inspector and the ACL to be the claimed DSP that identifies
`suspicious code,” Patent Owner continues, “the Petition acknowledges that
`the Dan’s [CA] never generates the Dan’s ACL,” and “[i]ndeed, Dan’s [CA]
`is designed to avoid any need to ever generate an ACL as they are always
`received from the code producer who authored of the associated code.” Id.
`(citing Pet. 20, 24; Ex. 1006, 2:25–37, Fig. 1). Finally, Patent Owner
`contends that Dan’s “ACL enforcer” does not generate a DSP, but “only
`‘ensures that the permissions and resources specified in the ACL for the
`code are provided and no additional permissions/resources are allowed.’”
`Id. at 17–18 (citing Ex. 1006, 4:15–18).
`With respect to the “linking” step, Patent Owner contends that, at least
`because “Dan does not disclose generating a first Downloadable security
`profile that identifies suspicious code in the received Downloadable,” Dan
`also “cannot disclose [‘]linking the first Downloadable security profile to the
`Downloadable before a web server makes the Downloadable available to
`web clients.’” Id. at 20.
`We are persuaded by Patent Owner’s arguments that Petitioner has not
`demonstrated on this record that Dan teaches or suggests an inspector
`generating a DSP that identifies suspicious code in a received
`Downloadable, and that Dan, therefore, also does not teach or suggest
`
`
`
`14
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 14
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`linking such a DSP to the Downloadable. Id. at 12–20. The portions of Dan
`cited by Petitioner describe methods and systems in which a developer or
`code producer (i.e., Dan’s CPS) provides an ACL to a certification agency
`(Dan’s CA) along with a program for certification. See, e.g., Ex. 1006,
`1:45–51, 2:20–28. Whereas Petitioner identifies the CA as the claimed
`“inspector” and the received program as the claimed “Downloadable” (Pet.
`20), there is no indication in the cited portions of Dan that the CA “identifies
`suspicious code” in the received program. Rather, the CA is disclosed to
`sign a certificate identifying the author of a program and to secure the
`integrity of the program and its ACL. Ex. 1006, 1:40–43, 1:49–51, 2:34–37.
`Neither of those functions requires inspecting the content of the code to
`identify suspicious code. And in fact, we discern nothing in Dan that would
`preclude Dan’s CA from providing a signed certificate if a CPS were to
`provide to the CA even code infected with a known virus, so long as the
`CPS also provided therewith an ACL accurately identifying the permissions
`and resources required by the code.
`Moreover, we are not persuaded by Petitioner’s contention that it
`would have been obvious to a person of ordinary skill in the art that the
`“same verification/enforcement techniques (e.g., static and dynamic code
`analyzes [sic]) could be used by the CA in Dan to generate the ACL (i.e.,
`Downloadable security profile) instead of verifying an existing ACL that
`was provided by a CPS.” Pet. 25. Dan teaches that “ACL enforcement may
`be static or dynamic” (Ex. 1006, 4:19 (emphasis added)), not “static and
`dynamic code analy[sis],” as Petitioner suggests (Pet. 25). Whereas
`Petitioner cites Dr. Davidson’s declaration as “explaining that enforcement
`is akin to verification” (Pet. 25 (citing Ex. 1017 ¶¶ 116–18)) we find on this
`
`
`
`15
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 15
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`record no evidence suggesting that either enforcement or verification is akin
`to code analysis. Additionally, although the static and dynamic enforcement
`methods described by Dan differ in the location and timing of the described
`enforcement function (i.e., at the CA before execution vs. at the client
`system at the time of execution) (Ex. 1006, 4:19–26), we discern no
`evidence that either method of ACL enforcement involves generating a DSP
`that identifies suspicious code.
`On this record, Petitioner has not identified sufficient evidence that
`Dan teaches or suggests all of the limitations recited in independent claims
`1, 15, 41, and 43, and, in particular, “generat[ing] . . . a first Downloadable
`security profile that identifies suspicious code in [a] Downloadable” and
`“linking . . . the first Downloadable security profile to the Downloadable
`before a web server makes the Downloadable available to web clients.”
`Consequently, we are not persuaded that Petitioner demonstrates a
`reasonable likelihood that it would prevail at trial in showing that the subject
`matter of those claims or of dependent claims 7, 11, or 16 would have been
`obvious over Dan.
`
`3. Obviousness over Apperson, Ji, and Cline
`
`a. Apperson
`
`Apperson relates generally to a “method and system for distributing
`and executing executable code,” wherein, before sending the code to a
`client, a “distributing authority” associates a “privilege request code” with
`the executable code. Ex. 1007, Abst. The privilege request code indicates
`“a set of privileges or privilege categories that the executable code might
`perform on the client machine” during execution, including, for example,
`
`
`
`16
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 16
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`file input/output, network operations, registry read/write rights, graphics
`operations, window management operations, and user list read/write rights.
`Id. at Abst., 2:44–47, 4:33–41. To prevent modification of the software code
`and associated privilege request code, “[t]he distributing authority digitally
`signs the executable code and the privilege request code, and also provides a
`certificate that can be traced by the client to a known certifying authority.”
`Id. at 2:47–53. As part of the signing process, Apperson teaches that the
`privilege request code may be concatenated with (appended to) the code. Id.
`at 4:44–54, 8:17–25, Fig. 2.
`
`b. Ji
`
`Ji describes a system for detecting and eliminating viruses on a
`computer network, wherein a File Transfer Protocol (FTP) proxy server is
`used to scan incoming and outgoing files for viruses and to transfer those
`files if they do not contain viruses. Ex. 1009, Abst. Ji discloses a method
`for processing a file before transmission into or from a network, including
`the steps of receiving a data transfer command and file name; transferring
`the file to a proxy server or system node; performing virus detection on the
`file; and determining whether the file contains any viruses. Id. at Abst.,
`3:4–11. If the file does not contain any viruses, the file is transferred from
`the system to a recipient node. Id. at Abst., 3:11–12. If the file does
`contains a virus, the file is deleted or some other preset action is performed.
`Id. at Abst., 3:13–14.
`
`c. Cline
`
`Cline describes a method for certifying the portability of software
`between computer systems, including certification tests to ensure that
`
`
`
`17
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 17
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`application programs will run on any conforming computer system
`regardless of the vendor. Ex. 1008, 2:66–3:5. The certification tests include
`a static analysis, in which the object code of an application program is
`analyzed against a “conformance database” of allowable external calls to
`determine whether any illegal or erroneous calls are being made, and a
`dynamic analysis, in which the application program is analyzed as it is being
`run to determine any runtime errors in the calls. Id. at 3:6–16. If no errors
`are detected in either analysis, the application program then is certified to be
`compatible and transportable without change between all certified
`compatible computer systems. Id. at 3:16–21.
`
`d. Discussion
`
`Petitioner contends that the combination of the teachings of Apperson,
`Ji, and Cline would have rendered obvious the subject matter of claims 1, 7,
`11, 15, 16, 41, and 43 of the ’844 patent. Pet. 30–52. In particular,
`Petitioner contends that Apperson’s distributing authority corresponds to the
`claimed inspector system and that Apperson describes the need for code
`inspection to ensure the safety of distributed code. Id. at 31. To the extent
`that Apperson does not explicitly disclose that the distributing authority
`“receives a Downloadable,” Petitioner contends that feature is taught by Ji.
`Id. at 33–34. Petitioner asserts that it would have been obvious for a person
`of ordinary skill in the art to combine the teachings of Apperson and Ji,
`because both references are directed to protecting computer systems from
`viruses and malicious code, and such a combination would have merely
`amounted to combining well-known prior art elements. Id. at 34–35.
`Further, Petitioner asserts, to the extent that Apperson and Ji do not
`teach a content inspection engine to “generate” privilege request codes for a
`
`
`
`18
`
`Patent Owner Finjan, Inc. - Ex. 2013, p. 18
`
`
`
`IPR2015-01894
`Patent 6,154,844
`
`Downloadable, this feature is taught by Cline. Id. at 36. According to
`Petitioner, “Cline is concerned with verifying/certifying external calls made
`by and executable (i.e., those functions not defined within the executable
`itself) such as system calls and library calls,” and “[l]ike Apperson, Cline
`explains that these system calls correspond to the same types of ‘suspicious
`operations’ exemplified by the ’844 patent (e.g., network, window
`management, or file operations).” Id. at 36–37. Petitioner also contends it
`would have been obvious for a person of ordinary skill in the art to combine
`the teachings of Apperson and Ji with those of Cline. Id. at 39. According
`to Petitioner, “Apperson in view of Ji teaches receiving a Downloadable
`over a network and associating it with a
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
