Trials@uspto.gov
`571-272-7822
`
`
`Paper 7
`Entered: June 5, 2018
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`CISCO SYSTEMS, INC.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2018-00391
`Patent 7,647,633 B2
`
`____________
`
`
`
`Before, THOMAS L. GIANNETTI, MIRIAM L. QUINN, and
`PATRICK M. BOUCHER, Administrative Patent Judges.
`
`QUINN, Administrative Patent Judge.
`
`
`
`
`
`
`
`
`
`DECISION
`Institution of Inter Partes Review
`35 U.S.C. § 314(a)
`
`
`571-272-7822
`
`
`Paper 7
`Entered: June 5, 2018
`
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`CISCO SYSTEMS, INC.,
`Petitioner,
`
`v.
`
`FINJAN, INC.,
`Patent Owner.
`____________
`
`Case IPR2018-00391
`Patent 7,647,633 B2
`
`____________
`
`
`
`Before, THOMAS L. GIANNETTI, MIRIAM L. QUINN, and
`PATRICK M. BOUCHER, Administrative Patent Judges.
`
`QUINN, Administrative Patent Judge.
`
`
`
`
`
`
`
`
`
`DECISION
`Institution of Inter Partes Review
`35 U.S.C. § 314(a)
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`Cisco Systems, Inc. (“Petitioner”) filed a Petition to institute inter
`
`partes review of claims 14, 8, 11, 13, and 14 of U.S. Patent No. 7,647,633
`
`B2 (“the ’633 patent”) pursuant to 35 U.S.C. § 311319. Paper 1 (“Pet.”).
`
`Finjan, Inc. (“Patent Owner”) timely filed a Preliminary Response. Paper 6
`
`(“Prelim. Resp.”). We have jurisdiction under 35 U.S.C. § 314.
`
`For the reasons that follow, we institute inter partes review.
`
`I.
`
`BACKGROUND
`
`A. RELATED MATTERS
`
`The parties identify a multitude of district court cases (N.D. Cal.) in
`
`which the ʼ633 patent is involved. Pet. 5; see also Paper 4. The ’633 patent
`
`has also been the subject of various proceedings at the USPTO, including
`
`Palo Alto Networks, Inc. v. Finjan, Inc., Case IPR2015-01974 (PTAB), in
`
`which the Board issued a Final Written Decision concerning claims 14 and
`
`19 of the ’633 patent. Paper 4; Ex. 2002. The ’633 patent also has been the
`
`subject of an ex parte reexamination (Control No. 90/013,016). Ex. 2001.
`
`B. THE ’633 PATENT (EX. 1001)
`
`The ’633 patent relates to a system and a method for protecting
`
`network-connectable devices from undesirable downloadable operation. Ex.
`
`1001, 1:3033. The patent describes that “Downloadable information
`
`comprising program code can include distributable components (e.g. JavaTM
`
`applets and JavaScript scripts, ActiveXTM controls, Visual Basic, add-ins
`
`and/or others).” Id. at 1:6063. Protecting against only some distributable
`
`components does not protect against application programs, Trojan horses, or
`
`zip or meta files, which are other types of “Downloadable information.” Id.
`
`2
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`at 1:632:2. The ’633 patent “enables more reliable protection.” Id. at
`
`2:2728. According to the Summary of the Invention,
`
`In one aspect, embodiments of the invention provide for
`determining, within one or more network “servers” (e.g.
`firewalls, resources, gateways, email relays or other
`devices/processes that are capable of receiving-and-transferring
`a Downloadable) whether received information includes
`executable code (and is a “Downloadable”). Embodiments also
`provide for delivering static, configurable and/or extensible
`remotely operable protection policies to a Downloadable-
`destination, more typically as a sandboxed package including
`the mobile protection code, downloadable policies and one or
`more received Downloadables. Further client-based or remote
`protection code/policies can also be utilized in a distributed
`manner. Embodiments also provide for causing the mobile
`protection code to be executed within a Downloadable-
`destination in a manner that enables various Downloadable
`operations to be detected, intercepted or further responded to
`via protection operations. Additional server/information-
`destination device security or other protection is also enabled,
`among still further aspects.
`
`Id. at 2:3957.
`
`C. ILLUSTRATIVE CLAIMS
`
`Challenged claims 1, 8, 13, and 14 of the ’633 patent are independent.
`
`Illustrative claims 1 and 14 are reproduced below.
`
`1. A computer processor-based method, comprising:
`receiving, by a computer, downloadable-information;
`determining, by the computer, whether the
`downloadable-information includes executable code; and
`based upon the determination, transmitting from the
`computer mobile protection code to at least one information-
`destination of the downloadable-information, if the
`downloadable-information is determined to include executable
`code.
`
`3
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`
`14. A computer program product, comprising a
`computer usable medium having a computer readable program
`code therein, the computer readable program code adapted to be
`executed for computer security, the method comprising:
`providing a system, wherein the system comprises
`distinct software modules, and wherein the distinct software
`modules comprise an information re-communicator and a
`mobile code executor;
`receiving, at the information re-communicator,
`downloadable-information including executable code; and
`causing mobile protection code to be executed by the
`mobile code executor at a downloadable-information
`destination such that one or more operations of the executable
`code at the destination, if attempted, will be processed by the
`mobile protection code.
`
`Id. at 20:5462; 21:58–22:5.
`
`
`D. ASSERTED REFERENCES AND GROUNDS OF UNPATENTABILITY
`
`Petitioner asserts three grounds of unpatentability based on the
`
`following references:
`
`1) Hanson: PCT Published Application WO 98/31124, published on
`
`July 16, 1998 (Exhibit 1004);
`
`2) Hypponen: U.S. Patent No. 6,577,920 B1, issued on June 10, 2003
`
`(Exhibit 1005); and
`
`3) Touboul: PCT Published Application WO 98/21683 (Exhibit
`
`1007).
`
`The grounds identified in the Petition are as listed below (Pet. 32).
`
`
`
`4
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`Claim(s)
`
`Basis
`
`References
`
`14, 8, 11, 13, 14 § 103
`12
`§ 103
`
`
`
`Hanson and Hypponen
`Hanson, Hypponen, and
`Touboul
`
`Petitioner further relies on the Declaration of Paul Clark, Ph.D., in
`
`support of the asserted grounds. Ex. 1003 (“Clark Declaration”).
`
`
`
`II. ANALYSIS
`
`A. CLAIM CONSTRUCTION
`
`In an inter partes review, claim terms in an unexpired patent are
`
`interpreted according to their broadest reasonable construction in light of the
`
`specification of the patent in which they appear. 37 C.F.R. § 42.100(b).
`
`With regard to terms drafted in means-plus-function language, “[a]pplication
`
`of § 112, ¶ 6 requires identification of the structure in the specification
`
`which performs the recited function.” Micro Chemical, Inc., v. Great Plains
`
`Chemical Co., Inc., 194 F.3d 1250, 1257 (Fed. Cir. 1999); see also 37
`
`C.F.R. § 42.104(b)(3). Further, the statute does not permit “incorporation of
`
`structure from the written description beyond that necessary to perform the
`
`claimed function.” Id. at 1258.
`
`1. Means-Plus-Function Terms
`
`Petitioner proposes construction for various terms written in means-
`
`plus-function format, recited in claim 13. Pet. 2022. Patent Owner
`
`addresses those means-plus-function terms. Prelim. Resp. 1113. The
`
`differences between the parties’ proposed constructions are noted below
`
`with regard to the alleged structures:
`
`5
`
`
`
`Patent Owner’s
`proposed structure
`Re-communicating
`device
`
`Detection engine
`
`Re-communicating
`device
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`Term
`
`Means for receiving
`downloadable-
`information
`Means for determining
`whether the
`downloadable-
`information includes
`executable code
`
`Means for causing
`mobile code to be
`communicated to at
`least one information-
`destination of the
`downloadable-
`information, if the
`downloadable-
`information is
`determined to include
`executable code
`
`
`Petitioner’s proposed
`structure
`Server or firewall
`
`Server programmed to
`perform file type
`detection or content
`detection on the
`downloadable-
`information and
`equivalents
`Protection engine
`programmed to package
`the mobile protection
`code with the
`downloadable-
`information for transfer
`to the information
`destination of the
`downloadable-
`information and
`equivalents
`
`The ’633 patent specification discloses that “[e]mbodiments provide,
`
`within one or more ‘servers’ (e.g. firewalls, resources, gateways, email
`
`relays or other information re-communicating devices), for receiving
`
`downloadable-information and detecting whether the downloadable-
`
`information includes one or more instances of executable code (e.g. as with
`
`a Trojan horse, zip/meta file etc.).” Ex. 1001, 5:3439 (emphasis added).
`
`Thus, we agree with Patent Owner that the function of “receiving
`
`downloadable-information” is linked to a “re-communicating device,” which
`
`may be a server or firewall (id. at 9:1012; Firewall 302 of Fig. 3).
`
`Accordingly, Patent Owner’s proposal for the corresponding structure for
`
`6
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`the “means for receiving downloadable-information” is adopted for purposes
`
`of this Decision.
`
`The above-quoted passage of the Specification also links a re-
`
`communicating device, such as a server or firewall, to the function of
`
`determining whether the downloadable-information includes executable
`
`code. Ex. 1001, 5:3439. Petitioner’s proposal acknowledges that a server
`
`is part of the structure linked to the “means for determining,” but adds a
`
`“programmed” limitation that does not track the function directly. Patent
`
`Owner proposes that a “detection engine” is a more appropriate structure
`
`because the ’633 patent Specification describes detection engine 402 as
`
`including code detector 421, “which receives a potential-Downloadable and
`
`determines . . . whether the potential-Downloadable includes executable
`
`code.” Prelim. Resp. 11 (citing, e.g., Ex. 1001, 12:826). Patent Owner’s
`
`proposal is incomplete, as it focuses on the embodiment shown in Figure 4,
`
`but does not address the embodiment shown in Figure 3. See Callicrate v.
`
`Wadsworth Mfg., Inc., 427 F.3d 1361, 1369 (Fed. Cir. 2005) (determining
`
`that the proper claim construction must account for all structures in the
`
`specification corresponding to the claimed function).
`
`We now turn to Figure 3 and corresponding disclosures regarding the
`
`“means for determining” and “means for causing” limitations. Figure 3
`
`depicts a protection engine linked to the recited “determining” function:
`
`“[p]rotection engine 310 further analyzes the potential-Downloadable and
`
`determines whether the potential Downloadable includes executable code. If
`
`not, protection engine 310 enables the not executable potential-
`
`Downloadable 331 to be delivered to its destination in an unaffected
`
`manner.” Ex. 1001, 9:5257. Accordingly, the structure linked to the
`
`7
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`“determining” function encompasses alternative embodiments: protection
`
`engine 310 in server 301 (Figure 3) or detection engine 402, included in
`
`protection engine 400 (Figure 4). The broader of these alternative
`
`embodiments is the protection engine.
`
`Notably, the protection engine is also linked to the remaining means-
`
`plus-function term: “means for causing mobile protection code to be
`
`communicated to at least one information-destination of the downloadable-
`
`information.” For example, the Specification states that “[i]n conjunction
`
`with determining that the potential-Downloadable is a detected-
`
`Downloadable, protection engine 310 also causes mobile protection code or
`
`‘MPC’ 341 to be communicated to the Downloadable-destination of the
`
`Downloadable.” Id. at 9:5963.
`
`Therefore, the Specification provides, at a minimum, two sets of
`
`alternative structures for the means for determining and for the means for
`
`causing MPC to be communicated. The first set of structures tracks the
`
`embodiment shown in Figure 3, which describes a protection engine within a
`
`server or firewall, where the protection engine performs both recited
`
`functions, i.e., determining and causing MPC to be communicated. Ex.
`
`1001, 8: 6066, 9:5257, 9:5963. The second set of structures tracks the
`
`embodiment shown in Figure 4, which describes: (1) a detection engine,
`
`within the protection engine, for determining whether the potential-
`
`Downloadable includes executable code (id. at 12:812); and (2) a transfer
`
`engine, within the protection engine, for causing results from the linking
`
`engine, i.e. the MPC (id. at 13:4254), to be transferred to a destination user
`
`device/process (id. at 14:2427).
`
`8
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`Consequently, for purposes of this Decision we adopt the following
`
`structures for the means-plus-function terms recited in claim 13:
`
`Term
`
`means for receiving
`downloadable-information
`means for determining whether
`the downloadable-information
`includes executable code
`
`means for causing mobile code
`to be communicated to at least
`one information-destination of
`the downloadable-information,
`if the downloadable-
`information is determined to
`include executable code
`
`Board’s Preliminary Claim
`Construction (Structure)
`Re-communicating device,
`such as a server or firewall
`Protection engine (Fig 3) in a
`re-communicating device,
`such as a server or firewall; or
`
`Detection engine (Fig. 4)
`within a protection engine in a
`re-communicating device,
`such as a server or firewall
`Protection engine (Fig 3) in a
`re-communicating device,
`such as a server or firewall; or
`
`Transfer engine (Fig. 4)
`within the protection engine
`in a re-communicating device,
`such as a server or firewall
`
`
`
`2. Prior Board Claim Constructions
`
`Patent Owner points out that the Board has construed two claim terms
`
`in prior proceedings. Prelim. Resp. 910. In particular, a panel of the Board
`
`issued a Decision on Appeal in connection with the reexamination (Control
`
`No. 90/013,016) of the ’633 patent. Ex. 2001. That Decision states: “In
`
`order to disclose determining whether the downloadable-information
`
`includes executable code, [the prior art] must disclose distinguishing
`
`between two alternative possibilities: executable code is included in the
`
`downloadable-information, and executable code is not included in the
`
`9
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`downloadable-information.” Id. at 5.1 Petitioner does not address this prior
`
`Board Decision in its Petition.
`
`Patent Owner also points out that the Board issued a Final Written
`
`Decision in IPR2015-01974 in which we construed the term “executable
`
`code” of the ’633 patent, in the context of the surrounding claim language
`
`and the Specification, to mean that the “the executable code whose
`
`operations are processed by the mobile protection code at the destination is
`
`the same as the executable code received, i.e., it undergoes no modification.”
`
`Ex. 2002, 18. The Final Written Decision has been appealed to the Federal
`
`Circuit, and is currently pending disposition. Petitioner mentions the “no
`
`modification” requirement, while contending that the prior art meets the
`
`claim language, but does not argue the meaning of the claim language
`
`further. Pet. 57 n.5.
`
`Neither party urges that we revisit either of these prior Board
`
`determinations. Accordingly, we adopt these claim interpretations for
`
`purposes of this Decision.
`
`B. PETITIONER’S OVERALL CONTENTIONS
`
`As stated above, claims 1 and 14 are illustrative of the claimed subject
`
`matter. Our discussion of Petitioner’s contentions thus focuses on these two
`
`claims, especially in light of Patent Owner’s arguments, which also focus on
`
`these claims.
`
`1. Claim 1
`
`Petitioner argues that Hanson discloses all the claim limitations
`
`recited in claim 1, except for the limitation “determining, by the computer,
`
`
`1 See Ex. 1001, 9:5257, Fig. 3.
`
`10
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`whether the downloadable-information includes executable code.” Pet.
`
`4854. For this limitation, Petitioner argues two alternatives. First, Hanson
`
`alone discloses the “determining” limitation because Hanson discloses
`
`applying “JAVA Checks,” “Active X Checks,” or other security programs to
`
`data packets that are JAVA applets, Active X programs, or other types of
`
`data. Id. at 5051 (citing Ex. 1004, 1213). Second, Petitioner argues that
`
`it would have been obvious to a person of ordinary skill in the art “to modify
`
`the bastion server of Hanson to determine whether executable code other
`
`than JAVA applets and Active X programs was in the data packet, using
`
`conventional prior art techniques in order to extend the capabilities as
`
`envisioned by Hanson.” Id. at 5152 (citing the Clark Declaration, Ex. 1003
`
`¶ 108).
`
`As evidence of the known techniques in the prior art, Petitioner points
`
`to Hypponen as describing “that in conventional computer virus detection
`
`software, the first step was to determine which files contained executable
`
`code.” Id. at 52 (citing Ex. 1003 ¶ 109; Ex. 1005, 1:2629). Hypponen
`
`applies virus detection principles to detect first whether a file contained a
`
`Microsoft Office macro (i.e., examining for .dot or .doc file extension or
`
`scanning the file for embedded macros), which Hypponen describes as small
`
`executable programs. Id. at 53 (citing Ex. 1005, 1:4648, 5:2329; Ex.
`
`1003 ¶ 110). Petitioner posits that a person of ordinary skill in the art
`
`would have been motivated to determine whether the data
`packet (file) contains executable code (as taught by Hypponen)
`in order to efficiently focus resources on the recognized threat
`posed by executable files, rather than performing Hanson’s
`additional checks on all data packets and further to expedite the
`delivery of those data packets not containing programs to the
`
`11
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`intended recipient without the attendant delay associated with
`malicious code protection.
`
`Id. at 5354 (citing Ex. 1003 ¶ 111).
`
`2. Claim 14
`
`Petitioner argues that Hanson teaches all the limitations of claim 14.
`
`Pet. 7380. In particular, with respect to the “executable code” limitation,
`
`Petitioner contends that Hanson’s bastion server receives executable code
`
`because Hanson teaches that received data packets include JAVA applets
`
`and Active X programs (and other programs). Id. at 7677 (citing Ex. 1004,
`
`8, 10, 12, 13). Further, Petitioner points out that Hanson’s bastion server
`
`attaches security programs (mobile protection code) to the data packets and
`
`transmits the security programs and the data packets containing JAVA
`
`applets and Active X programs to a client computer with a Java virtual
`
`machine (mobile code executor) at the client. Id. at 78 (citing Ex. 1003
`
`¶ 72).
`
`The “attachment” in Hanson, according to Petitioner, and the
`
`transmission of the security programs along with the data packets, cause the
`
`security programs to be executed by the client computer. Id. at 7879. In a
`
`footnote clarification provided in connection with another claim, Petitioner
`
`argues that a person of ordinary skill in the art would have understood that
`
`the security program is attached (“tagged”) to the data packets as a separate
`
`object that does not modify the data packets. Id. at 57 (citing Ex. 1003
`
`¶ 118).
`
`12
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`C. PATENT OWNER’S ARGUMENTS
`
`Patent Owner argues that Petitioner has failed to demonstrate a
`
`reasonable likelihood of prevailing in showing that claims 1, 8, and 13 are
`
`unpatentable because Hanson, either alone, or in combination with
`
`Hypponen, fails to disclose the “determining” step. Prelim. Resp. 3236. In
`
`particular, Patent Owner argues that, in accordance with the Board’s claim
`
`construction of that claim phrase, Hanson must also determine whether
`
`executable code is not included in the downloadable information, and
`
`Hanson does not meet this part of the claim construction. Id. at 3435.
`
`Patent Owner also argues that Hanson does not teach detecting executable
`
`code, but only describes “what happens after some executable is identified.”
`
`Id. at 33. Patent Owner also argues that Hypponen suffers from the same
`
`deficiencies, in that Hypponen only detects whether a file includes a macro,
`
`and further fails to determine whether executable code is not included in the
`
`executable code. Id. at 3536.
`
`With regard to claim 14, Patent Owner argues that the “executable
`
`code,” according to our prior claim construction, cannot be modified, yet
`
`Petitioner did not provide sufficient explanation as to how “tagging” a data
`
`packet occurs without modification of the alleged executable code contained
`
`in the data packet. Id. at 3738.
`
`Patent Owner also argues that the Petition should be denied in an
`
`exercise of the Board’s discretionary powers under 35 U.S.C. §§ 314(a) and
`
`325(d). Id. at 1430.
`
`13
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`D. DETERMINATION OF REASONABLE LIKELIHOOD THRESHOLD
`
`Having considered the information presented in the Petition and in the
`
`Preliminary Response, we are persuaded that Petitioner, on the present
`
`record, has demonstrated a reasonable likelihood of prevailing on its
`
`assertion that claim 14 is unpatentable over Hanson.
`
`1. Claim 14
`
`We are persuaded at this juncture by Petitioner’s arguments and
`
`evidence that Hanson teaches the limitations of independent claim 14. In
`
`particular, with respect to the “executable code,” the testimony of Dr. Clark
`
`explains that attachment or tagging does not modify the data packets, which
`
`include the alleged executable code because the security program is a
`
`separate object. Ex. 1003 ¶ 118 (cited in Pet. 57 n.5). Although there is no
`
`further explanation of how the tagging or attachment would be performed
`
`according to the state of the art and knowledge of a person of ordinary skill
`
`in the art, we are persuaded that the sworn assertion by Dr. Clark is
`
`sufficient, at this juncture, to demonstrate that the “executable code” is not
`
`modified. We also are satisfied, at this stage of the proceeding, that Dr.
`
`Clark’s testimony is consistent with the ordinary meaning of “tagging,”
`
`which at least suggests the security code and data packets are kept separate.
`
`We will make the factual determination on this issue, however, under the
`
`preponderance of the evidence at the conclusion of all briefing and on a full
`
`record. Nevertheless, on the record before us, Petitioner has made a
`
`sufficient showing under a reasonable likelihood threshold of institution that
`
`Hanson renders obvious claim 14 of the ’633 patent. Pet. 7380.
`
`14
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`2. Claims 1–4, 8, 1113
`
`With regard to claims 14, 8, 1113, there are two factual issues that
`
`are problematic in Petitioner’s case. First, we are not persuaded that Hanson
`
`alone teaches determining whether the downloadable-information includes
`
`executable code. Hanson is completely silent with regard to detection of
`
`Java applets, Active X components, or any other executable code.
`
`Hanson teaches that the bastion server checks all data packets using a
`
`set of rules, included in a rules file. Ex. 1004, 11:119, 11:113:21, Fig. 3. 2
`
`However, none of these rules is for detecting, in the data packets, executable
`
`code, whether Java applets, Active X programs, or otherwise. Hanson does
`
`not describe in any detail what techniques, if any, are used in determining
`
`whether a data packet includes executable code. The fact that Hanson
`
`performs “JAVA Checks” and “Active X Checks” does not fill this gap.
`
`These checks merely indicate that certain security or test files execute if
`
`there are Java applets or Active X programs in the data packet. But Hanson
`
`does not disclose the detection of such applets or programs.
`
`Additionally, Petitioner’s arguments are not sufficient to show the
`
`determination whether the downloadable-information includes executable
`
`code, in accordance with the construction of this term we have adopted for
`
`purposes of institution, discussed supra Section II.A.2. Petitioner has failed
`
`to explain how detecting a Java applet or Active X program in a data packet
`
`also teaches that executable code is not included in the data packet. As the
`
`Board has stated previously, with respect to applet detection, detecting an
`
`applet determines some cases where executable code is included because an
`
`
`2 Cites to Hanson refer to the page numbers provided in the footer by
`Petitioner.
`
`15
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`applet tag reasonably indicates the existence of executable applet code, but
`
`the absence of an applet tag does not determine that executable code is not
`
`included in the downloadable-information. Ex. 2002, 5. The same logic
`
`applies to Hanson, because, even if Hanson disclosed detection of Java
`
`applets and Active X programs, which it does not, Hanson’s data packets
`
`may still include executable code.
`
`We note that Petitioner argues that Hanson teaches protecting against
`
`other types of executable programs. Pet. 51 (citing Ex. 1004, 13:1316).
`
`Hanson, however, discloses protection against various types of data, without
`
`qualification. Hanson is silent regarding detection of executable code.
`
`Hanson’s description of examination of data packets also does not teach,
`
`alone, the particular “determining whether” that the claims require. See
`
`supra, Section II.A. Furthermore, the Clark Declaration on this issue,
`
`paragraphs 106 to 107, is repeated verbatim in the Petition and, thus, offers
`
`no further explanation as to how Hanson’s generic statements regarding
`
`protection against various types of data would have been understood by a
`
`person of ordinary skill in the art as teaching the determination of whether
`
`the data packet is or includes executable code. See In re Magnum Oil Tools
`
`Int’l, Ltd., 829 F.3d 1364, 1381 (Fed. Cir. 2016) (holding that because
`
`petitioner “bears the burden of proof,” the Board “must base its decision on
`
`arguments that were advanced by [petitioner]”); 35 U.S.C. § 312(a)(3); 37
`
`C.F.R. §§ 42.22(a)(2), 42.104(b)(4)–(5).
`
`The second problem with Petitioner’s arguments concerning claims
`
`14, 8, 1113 involves the asserted motivation to combine. The “factual
`
`inquiry” into the reasons for “combin[ing] references must be thorough and
`
`searching, and the need for specificity pervades . . . .” In re Nuvasive, Inc.,
`
`16
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`842 F.3d 1376, 1381–82 (Fed. Cir. 2016) (internal quotations and citations
`
`omitted). A determination of obviousness cannot be reached where the
`
`record lacks “explanation as to how or why the references would be
`
`combined to produce the claimed invention.” Trivascular, Inc. v. Samuels,
`
`812 F.3d 1056, 1066 (Fed. Cir. 2016); see Nuvasive, 842 F.3d at 1382–85;
`
`Magnum Oil, 829 F.3d at 1380–81. The record, at this juncture, lacks
`
`specificity and persuasive factual support for the alleged reasons to combine.
`
`Hypponen is directed to screening for viruses in macros when an
`
`application issues file access requests to a local hard disk drive, such as
`
`requests for opening a template in Microsoft Word. Ex. 1005, 1:68,
`
`1:4648, 1: 5053, 4:3953. Hanson, in contrast, performs the rule checks
`
`at the bastion server, where all data packets flowing between internal server
`
`20 and client 15 are checked for compliance with various rules as discussed
`
`above. See Ex. 1004 11:113:13, Fig. 3. Petitioner argues that it would
`
`have been obvious to modify Hanson’s bastion server to include the
`
`technique disclosed in Hypponen, namely examining whether the file has a
`
`specific extension (.doc or .dot) or scanning the file for embedded macros.
`
`Pet. 53. On the present record, we find insufficient explanation of the
`
`alleged modification, i.e., modifying a server to implement techniques
`
`known for detecting macros invoked by an application at the client
`
`computer.
`
`Furthermore, Petitioner’s reason to combine focuses on an alleged
`
`efficiency that is not persuasive on the present record. For instance,
`
`Petitioner argues that Hanson, modified, checks first if the data packet
`
`includes executable code, such that the JAVA Checks or Active X Checks
`
`would be performed only if the data packets include executable code. Id.
`
`17
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`Otherwise, Petitioner argues, the data packets “not containing programs”
`
`would be expedited to the intended recipient “without the attendant delay
`
`associated with malicious code protection.” Id. at 5354 (citing Ex. 1003
`
`¶ 111). But Hanson checks all data packets, and teaches performing the
`
`JAVA Check only if packets contain Java applets and performing Active X
`
`Checks if packets contain Active X programs. Thus, Hanson is already
`
`efficient in performing the additional “Checks” on packets containing Java
`
`applets and Active X programs.
`
`Petitioner’s proposed modification of Hanson appears to be the
`
`opposite of efficient. To achieve the claimed invention, Hanson would need
`
`to determine whether each data packet includes executable code and then
`
`cause the mobile protection code to be executed to process the operations of
`
`the executable code. Petitioner’s efficiency theory is not persuasive on the
`
`present record because Hanson, as modified, would attempt to detect and
`
`apply “Checks” to additional categories of packets. Petitioner’s theory also
`
`leaves us wondering which mobile protection code would be executed to
`
`process the operations of the additional categories of packets. See Personal
`
`Web Techs., LLC v. Apple, Inc., 848 F.3d 987, 994 (Fed. Cir. 2017) (holding
`
`obviousness determination to be improper where the record lacked a “clear,
`
`evidence-supported account” of “how the combination” would work). It is
`
`unclear and unexplained what “Checks”3 Hanson would include in the rules
`
`file and what security programs Hanson would attach to packets not
`
`containing Java applets or Active X programs, but containing executable
`
`code.
`
`
`3 Hanson describes specific class files for Java Checks and a security.ocx
`program for Active X Checks. Ex. 1004, 12:813:12.
`
`18
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`Accordingly, as to claims 14, 8, 1113, we have doubts that
`
`Petitioner has shown a reasonable likelihood of prevailing in its contentions
`
`of unpatentability.
`
`E. DISCRETIONARY AUTHORITY UNDER 35 U.S.C. §§ 314(A) AND
`325(D)
`
`Patent Owner has presented arguments concerning the exercise of the
`
`Board’s discretion to deny institution. Prelim. Resp. 1430. We do not
`
`exercise that discretion here. The Petition neither constitutes a “follow-on”
`
`Petition nor includes prior art or arguments previously presented to the
`
`Office. All of Patent Owner’s arguments in this regard have been
`
`considered, but are not persuasive.
`
`III. CONCLUSION
`
`Petitioner has demonstrated a reasonable likelihood of prevailing in
`
`the contention that the claim 14 is unpatentable as obvious over Hanson.
`
`Accordingly, we institute inter partes review of claims 1, 4, 8, 1114 of U.S.
`
`Patent No. 7,647,633. See SAS Inst., Inc. v. Iancu, 138 S. Ct. 1348, 1355
`
`(2018).
`
`IV. ORDER
`
`It is ORDERED that the Petition is granted and that inter partes
`
`review is instituted for all claims challenged and on all asserted grounds as
`
`follows:
`
`Claim(s)
`
`Basis
`
`References
`
`14, 8, 11, 13, 14 § 103
`12
`§ 103
`
`Hanson and Hypponen
`Hanson, Hypponen, and
`Touboul
`
`19
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`
`
`
`FURTHER ORDERED that pursuant to 35 U.S.C. § 314(a), inter
`
`partes review of the ’633 patent is hereby instituted with trial commencing
`
`on the entry date of this decision, and pursuant to 35 U.S.C. § 314(c) and 37
`
`C.F.R. § 42.4, notice is hereby given of the institution of trial.
`
`20
`
`
`
`IPR2018-00391
`Patent 7,647,633 B2
`
`PETITIONER:
`
`Patrick D. McPherson (Lead Counsel)
`Patrick Muldoon
`Joseph A. Powers
`DUNE MORRIS LLP
`PDMcPherson@duanemorris.com
`PCMuldoon@duanemorris.com
`JAPowers@duanemorris.com
`
`
`PATENT OWNER:
`
`James Hannah
`Jeffrey H. Price
`Michael Lee
`KRAMER LEVIN NAFTALS & FRANKEL LLP
`jhannah@kramerlevin.com
`jprice@kramerlevin.com
`mhlee@karamerlevin.com
`
`
`
`
`21
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
