`
`Document: 1-1
`
`Page: 1
`
`Filed: 07/01/2019
`
`UNITED STATES COURT OF APPEALS FOR THE FEDERAL ClRCUiT
`
`NOTECE OF DOCKETENG
`
`19-2074 « Finjan, inc. v. Cisco Systems, inc.
`
`Date of docketing: July 1, 2019
`
`Appeal from: Patent and Trademark Office - Patent Trial and Appeal Board in inter Panes Review No. IPR2018-
`00391
`
`Appellant: Finjan, inc.
`
`Critical dates include:
`
`0O90C
`
`Date of docketing. See Fed. Cir, R. 12 and 15,
`Certified list. See Fed, Cir. R. 17.
`
`Entry of appearance (Due Within 14 days of the date of docketing.) See Fed. Cir. R. 47.3.
`Certificate of interest. (Due within 14 days of the date of docketing.) See Fed. Cir. R, 47.4.
`Docketing Statement, (Due within 14 days of the date of docket/mg, or within 30 days if the United States or
`its officer or agency is a party in the appeal.) [Only in cases where all parties are represented by counsel
`See Fed. Cir. R. 33.1 and the mediation guidelines available at www.cafcuscourtegovi
`Requests for extensions of time. See Fed, Cir. R. 26 and 27. NB. Delayed requests are not favored by
`the court.
`
`Briefs. See Fed. Cir. R 31. MB. You will not receive a separate briefing schedule from the Clerk's
`Office.
`Settlement discussions. See Fed, Cir. R. 33.
`
`ORAL ARGUMENT SCHEDULE CONFLiCTS: See Practice Note following Fed. Cir. R. 34.
`
`The official caption is reflected on the electronic docket under the listing of the parties and counsel. The Rules of
`Practice and required forms are available at www.cafcuscourtegov.
`
`Peter R. Marksteiner
`Clerk of Court
`
`cc: Office of the Solicitor, US Patent and Trademark Office
`James R. Hannah
`Patrick D. McPherson
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`CISCO SYSTEMS, INC.,
`
`Petitioner,
`
`V.
`
`FINJAN, INC.,
`
`Patent Owner.
`
`Case IPR2018-0039l
`
`US. Patent No. 7,647,633
`
`PETITIONER CISCO SYSTEM, INC.’S
`
`NOTICE OF CROSS APPEAL
`
`Via PTAB E2E
`
`Patent Trial and Appeal Board
`
`Via Hand Carry
`Director of the United States Patent and Trademark Office
`
`c/o Office of the General Counsel, lOBZO
`
`Madison Building East
`600 Dulany Street
`Alexandria, VA 22314
`
`Via CM/ECF
`
`United States Court of Appeals for the Federal Circuit
`
`DM2\10111697.1
`
`
`
`Petitioner, Cisco Systems, Inc., hereby provides notice pursuant to 35 U.S.C.
`
`§§ 141, 142, and 319: 37 C.F.R. §§90.2, 90.3 and 104.2; Rule 4(a)(3) ofthe
`
`Federal Rules of Appellate Procedure; and Rule 15 of the Federal Circuit Rules,
`
`that Petitioner hereby cross appeals to the United States Court of Appeals for the
`
`Federal Circuit from the Final Written Decision of the Patent Trial and Appeal
`
`Board (“Board”) entered May 23, 2019 (Paper 33) and from all underlying orders,
`
`decisions, rulings, and opinions adverse to Petitioner regarding US. Patent
`
`7,647,633 (“the ‘633 patent”) at issue in inter partes review 1PR2018-00391.
`
`Pursuant to 37 C.F.R. § 90.2(a)(3)(ii) Petitioner indicates that the expected
`
`issues on appeal may include, but are not limited to:
`
`1. Whether the Board erred in finding the Petitioner failed to meet its burden to
`
`show unpatentability by a preponderance of the evidence that Claim 14 of
`
`the ‘633 would have been obvious under 35 US. C. § 103 over PCT
`
`Published Application WO 98/31124 (“Hanson”) in View of US. Patent No.
`
`6,577,920 (“Hypponen”), and any finding or determination supporting or
`
`related to this issue; as well as other issues decided adversely to Petitioner in
`
`any orders, decisions, rulings and opinions.
`
`DM2\10111697.1
`
`
`
`Petitioner has electronically filed this notice With the Patent Trial and
`
`Appeal Board, and hand delivered to the Director of the United States Patent and
`
`Trademark Office pursuant to 37 C.F.R. § 90.2(a)(1), 37 CPR. § 42.6(b)(l) and
`
`Federal Circuit Rule 15(a)( l ).
`
`Simultaneously herewith, Petitioner is providing the Federal Circuit with a
`
`copy of the present Notice of Cross Appeal pursuant to 37 C.F.R. § 90.2(a)(2)(i)
`
`and 15(a)(1)) together with a $500 fee (pursuant to 37 C.F.R. § 90.2(a)(2)(ii) and
`
`Federal Circuit Rule 52(a)(3).
`
`Dated:
`
`July 11, 2019
`
`Respectfully Submitted,
`
`/s/ Patrick D. McPherson
`
`Patrick D. McPherson
`
`Registration No. 46,255
`DUANE MORRIS LLP
`
`505 9th Street, Suite 1000
`Washington, DC 20004
`Telephone (202) 776—7800
`Facsimile (202)776—7801
`Email: PDMcphersondeuanemorris.com
`
`DM2\10111697.1
`
`
`
`CERTIFICATE OF SERVICE
`
`The undersigned hereby certifies that, in addition to being filed
`
`electronically through the Patent Trial and Appeal Board End to End (PTAB E2E),
`
`this Cross Notice of Appeal was filed with the Director of the United States Patent
`
`and Trademark Office by hand on July 11, 2019, at the following address:
`
`Director of the United States Patent and Trademark Office
`
`c/o Office of the General Counsel, 10B20
`
`Madison Building East
`600 Dulany Street
`Alexandria, VA 22314
`
`The undersigned also certifies that a true and correct copy of this Notice of
`
`Cross Appeal and the required fee were filed on July 11, 2019, with the Clerk of
`
`Court for the United States Court of Appeals for the Federal Circuit Via CM/ECF.
`
`The undersigned also certifies that a true and correct copy of this Notice of
`
`Cross Appeal was served on July 11, 2019 on counsel of record for Patent Owner
`
`by electronic mail (by agreement of the parties) at the following addresses:
`
`James Hannah:
`Jeffrey H. Price:
`
`jhannathkramerleVin.com
`jprice@kramerlevin.com
`
`Dated:
`
`July 11, 2019
`
`Respectfully Submitted,
`
`/s/ Patrick D. McPherson
`
`Patrick D. McPherson
`
`Registration No. 46,255
`DUANE MORRIS LLP
`
`DM2\10111697.l
`
`
`
`505 9th Street, Suite 1000
`Washington, DC 20004
`Telephone (202) 776-7800
`Facsimile (202) 776-7801
`Email: PDMepherson@duanemorris.com
`
`DM2\10111697.1
`
`
`
`Form 5
`FORM 5. Petition for Review or Notice of Appeal of an Order or Decision of an AGENCY, BOARD,
`
`COMMISSION, OFFICE OR BUREAU Rev. 03/16
`
`UNITED STATES COURT OF APPEALS FOR THE FEDERAL CIRCUIT
`
`«I
`F NJAN, INC
`
`‘
`
`.
`.
`Petitioner or Appellant,
`
`V~
`
`PETITION FOR REVIEW
`
`CISCO SYSTEMS’ INC‘
`
`Respondent or Appellee.
`
`
`
`
`
`CISCO SYSTEMS, INC.
`
`(name all parties* bringing the petition or appeal)
`
`hereby petition/appeal the court for review of the Final Written Decision, Paper 33, [PR2018-00391 (describe
`
`the order or decision and include decision number) of the USPTO, Patent Trial and Appeal Board
`
`(name the agency, board, office or bureau) entered on May 23, 2019
`
`(date).
`
`The order or decision was received on May 23, 2019
`
`(date).
`
`Date' 0711 2019
`
`/s/Patrick D. McPherson
`
`(Signature of petitioner, appellant
`
`or attorney)
`
`Patrick D. McPherson
`
`Duane Morris, LLP
`
`505 9th Street, NW, Suite 1000, Washington, DC 20004
`
`202-776-7800
`
`i
`
`I
`
`’
`
`(Address, phone number and e-mail of petitioner, appellant or attorney)
`
`*See Fed, R. App. P. 15 (a) (2) for permissible ways ofidentifying petitioners.
`
`
`
`Trialngusptogov
`571-272-7822
`
`Paper 33
`Entered: May 23, 2019
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`CISCO SYSTEMS, INC.,
`
`Petitioner,
`
`V.
`
`FINJAN, INC,
`Patent Owner.
`
`Case IPR2018-00391
`
`Patent 7,647,633 B2
`
`Before THOMAS L. GIANNETTI, MIRIAM L. QUINN, and
`PATRICK M. BOUCHER, Administrative Patent Judges.
`
`QUINN, Administrative Patent Judge.
`
`FINAL WRITTEN DECISION
`
`35 US. C. § 318
`
`
`
`IPR2018-0039l
`
`Patent 7,647,633 B2
`
`I.
`
`INTRODUCTION
`
`We instituted inter partes review pursuant to 35 U.S.C. § 314 to
`review claims l—4, 8, and 11—14 ofU.S. Patent No. 7,647,633 B2 (“the ’633
`
`paten ”), owned by Finjan, Inc. We have jurisdiction under 35 U.S.C. § 6.
`
`This Final Written Decision is entered pursuant to 35 U.S.C. § 318(a) and 37
`
`C.F.R. § 42.73. For the reasons discussed below, Petitioner has shown by a
`
`preponderance of the evidence that claims 1—4, 8, and 11—13 of the ’633
`
`patent are unpatentable. Petitioner, however, has not shown by a
`
`preponderance of the evidence that claim 14 of the ’633 patent is
`
`unpatentable.
`
`H.
`
`BACKGROUND
`
`A. RELATED MATTERS
`
`The parties identify several district court cases (ND. Cal.) involving
`
`the ’633 patent. Pet. 5; see also Paper 4. The ’633 patent also has been the
`subject of various proceedings at the USPTO, including Palo Alto Networks,
`
`Inc. v. Finjan, Inc, Case IPR2015-01974 (PTAB), in which the Board issued
`
`a Final Written Decision concerning claims 14 and 19 of the ’633 patent.
`
`Paper 4; EX. 2002. The ’633 patent also has been the subject of an ex parte
`
`reexamination (Control No. 90/013,016). EX. 2001.
`
`B. THE ’633 PATENT (EX. 1001)
`
`The ’633 patent relates to a system and a method for protecting
`
`network-connectable devices from undesirable downloadable operations.
`
`EX. 1001, 1:30—33. The patent describes that “[d]ownloadable information
`
`comprising program code can include distributable components (e.g.
`
`
`
`IPR2018—0039l
`
`Patent 7,647,633 B2
`
`JAVATM applets and JAVAScript scripts, ActiveXTM controls, Visual Basic,
`
`add-ins and/or others).” Id. at 1:60—63. Protecting against only some
`
`distributable components does not protect against application programs,
`
`Trojan horses, or zip or meta files, which are other types of “Downloadable
`
`information.” Id. at 1:63—22. The ’633 patent “enables more reliable
`
`protection.” Id. at. 2:27~28. According to the Summary of the Invention,
`
`In one aspect, embodiments of the invention provide for
`determining, within one or more network “servers” (e.g.
`firewalls,
`resources,
`gateways,
`relays
`or
`other
`devices/processes that are capable of receiving-and—transferring
`a Downloadable) whether
`received information includes
`executable code (and is a “D0wnloadable”). Embodiments also
`provide for delivering static, configurable and/or extensible
`remotely operable protection policies to 21 Downloadable-
`destination, more typically as a sandboxed package including
`the mobile protection code, downloadable policies and one or
`more received Downloadables. Further client-based or remote
`
`protection code/policies can also be utilized in a distributed
`manner. Embodiments also provide for causing the mobile
`protection code to be executed within a Downloadable-
`destination in a manner that enables various Downloadable
`
`operations to be detected, intercepted or further responded to
`via protection Operations.
`Additional
`server/information-
`destination device security or other protection is also enabled,
`among still further aspects.
`
`Id. at 2:39—57,
`
`C. ILLUSTRATIVE CLAIMS
`
`Challenged claims 1, 8, 13, and 14 of the ’633 patent are independent.
`
`Illustrative claims 1 and 14 are reproduced below.
`
`1. A computer processor-based method, comprising:
`receiving, by a computer, downloadable-information;
`determining, by the computer, whether the
`
`
`
`IPR2018—0039l
`
`Patent 7,647,633 B2
`
`downloadable-information includes executable code; and
`based upon the determination, transmitting from the
`computer mobile protection code to at least one information-
`destination of the downloadable—information, if the
`downloadable—information is determined to include executable
`
`code.
`
`14. A computer program product, comprising a
`computer usable medium having a computer readable program
`code therein, the computer readable program code adapted to be
`executed for computer security, the method comprising:
`providing a system, wherein the system comprises
`distinct software modules, and wherein the distinct software
`modules comprise an information re-communicator and a
`mobile code executor;
`receiving, at the information re-communicator,
`downloadable—information including executable code; and
`causing mobile protection code to be executed by the
`mobile code executor at a downloadable-information
`
`destination such that one or more operations of the executable
`code at the destination, if attempted, will be processed by the
`mobile protection code.
`
`Id. at 20:54—62, 21 :58—2225. We refer to the three steps of claim 1
`
`as the “receiving step," the “determining step,” and the “transmitting
`
`step,” respectively.
`
`D. PROCEDURAL HISTORY
`
`Petitioner, Cisco Systems, Inc., filed a Petition for inter partes review
`
`challenging claims 1—4, 8, and 11—14 of the ”633 patent. Paper 1 (“Pet”).
`
`Patent Owner, Finj an, Inc., filed a Preliminary Response. Paper 6 (“Prelim
`
`Resp”). On June 5, 2018, we determined'that Petitioner had shown a
`
`reasonable likelihood of prevailing on its unpatentability challenge as at
`
`least one claim, and we instituted trial. Paper 7 (“‘Dec. on Inst”).
`
`
`
`IPR2018-00391
`
`Patent 7,647,633 B2
`
`During trial, Patent Owner filed a Patent Owner Response (Paper 12
`
`(“PO Resp.”)) and Petitioner filed a Reply (Paper 16 (“Reply”)). Patent
`
`Owner requested authorization to file a Sur-reply, which we, granted. Paper
`
`18; Paper22 (“Sur-reply”). V Both parties filed Motions to Exclude and,
`
`corresponding responsive papers. Papers 19, 23, 24, 27—29. We heard oral
`
`argument on March 6, 2019, a transcript of which is filed in the record.
`
`Paper 32 (“TL”).
`
`E. EVIDENCE OF RECORD
`
`Petitioner relies upon the following references as evidence of prior art:
`
`1) Hanson: PCT Published Application WO 98/31124, published on
`
`July 16, 1998 (Exhibit 1004);
`
`2)Hyppénen: US. Patent No. 6,577,920 Bl, issued on June 10, 2003
`
`(Exhibit 1005); and
`
`3) Touboul : PCT Published Application WO 98/21683 (Exhibit
`
`1007).
`
`In addition, Petitioner supports its contentions with the Declaration of
`
`Paul Clark, .Ph.D. Ex. 1003 (“Clark Declaration”). With its Patent Owner
`
`Response, Patent Owner provides a Declaration of Nenad Medvidovic,
`
`Ph. D. Ex. 2008 (“Medvidovic Declaration”).
`
`F. GROUNDS OF UNPATENTABILITY
`
`The following grounds of unpatentability are at issue (Pet. 32):
`
`Touboul
`
`Hanson and Hyppénen
`Hanson, Hypponen, and
`
`‘
`
`l ‘ References
`
`
`
`IPR2018—00391
`
`Patent 7,647,633 B2
`
`III. ANALYSIS
`
`A. CLAIM CONSTRUCTION
`
`The Board interprets claimterms of an unexpired patent using the
`
`“broadest reasonable construction in light of the specification of the patent.”
`37 C..FR. § 42.100(b) (2018);1 see Cuozzo Speed Techs, LLC v. Lee, 136 S.
`Ct. 2131, 2144—46 (2016). We presume a claim term carries its “ordinary
`and customary'meaning,” which is the meaning “the term would have to a
`
`person of ordinary skill in the a1 ” at the time of the invention. In re
`
`Translogic Tech, Inc, 504 F.3d 1249, 1257 (Fed. Cir. 2007) (citation
`
`omitted).
`
`With regard to terms drafted in means-plus-function language,
`
`“[a]pplication of § 112, 11 6 requires identification of the structure in the
`
`specification which performs the recited function.” Micro Chemical, Inc, v.
`
`Great Plains Chemical C0,, Inc, 194 F.3d 1250, 1257 (Fed. Cir. 1999); see
`
`also 37 C.F.R. § 42.104(b)(3). Further, the statute does not permit
`
`“incorporation of structure from the written description beyond that
`
`necessary to perform the claimed function.” Id. at 1258.
`
`I. Means-PluS—Functioh Terms
`
`Claim 13 recites limitations written in means-plus-function format. In
`
`our Decision on Institution, we reviewed the parties’ proposed constructions
`
`for these terms. Dec. on Inst. 59; Pet. 20—22; Prelim. Resp. 11—13. We
`
`1 A recent amendment to this rule does not apply here because the Petition
`was filed before November 13, 2018. See Changes to the Claim
`Construction Standard for Interpreting Claims in Trial Proceedings Before
`the Patent Trial and Appeal Board, 83 Fed. Reg. 51,340 (Oct. 11, 2018)
`(amending 37 CPR. § 42.100(b) effective November 13, 2018).
`
`6
`
`
`
`IPR2018-00391
`
`Patent 7,647,633 B2
`
`preliminarily determined for each term the structure corresponding to the
`
`recited function as follows:
`
`~
`
`-
`
`I,
`
`_
`Term ,
`'
`‘
`‘
`‘
`'
`means for receiving
`downloadable-information
`
`,_
`
`L
`
`L "
`
`‘
`
`L
`
`means for determining whether
`the downloadable-information
`includes executable code
`
`‘
`
`
`
`_
`means for causing mobile code
`to be communicated to at least
`one information-destination of
`
`the downloadable—information,
`
`'
`if the downloadable-
`information is determined to
`include executable code
`
`,: Board’s Preliminary Claim 0
`' COnstru‘ction' Structure
`Re-communicating device,
`such as a server or firewall
`
`Protection engine (Fig 3) in a
`re-communicating device,
`. such as a server or firewall; or
`
`Detection engine (Fig. 4)
`within a protection engine in a
`re-communicating device,
`such as a server or firewall
`Protection engine (Fig 3) in a
`.re-communicating device,
`such as a server or firewall; or
`
`Transfer engine (Fig. 4)
`within the protection engine
`in a re-communicating device,
`such as a server or firewall
`
`
`
`
`
`4
`
`
`
`Dec. on Inst. 5—9. Neither party raises any disputes concerning the proper
`
`scope of these terms. Accordingly, we adopt our preliminary claim
`
`construction as indicated above and for the reasons stated in our Decision on
`
`Institution. Id.
`
`2. Prior Board Claim Constructions
`
`In our Decision on Institution, we noted that the Board has previously
`
`had occasion to analyze two claim'terms recited in the ’633 patent. First, we
`noted that a panel of the Board issued a Decision on Appeal in. connection
`
`with the reexamination (Control No. 90/013,016) of the ’633 patent.
`
`Ex. 2001. Regarding the “determining whether” phrase, the Decision on
`
`
`
`IPR2018-00391
`
`Patent 7,647,633 B2
`
`Appeal states: “In order to disclose determining whether the downloadable-
`
`information includes eXecutable code, [the prior art] must disclose
`
`distinguishing between two alternative possibilities: executable code is
`
`included in the downloadable-information, and executable code is not
`
`included in the downloadable—information.” “Id. at 5.2 Petitioner does not
`
`address this prior Board Decision in‘its’ Petition. Patent Owner does not
`
`further address the construction of this term in its Response. Petitioner, in
`
`its Reply and during oral argument, asserts that “the claim term should be
`
`given its plain and ordinary meaning,” but otherwise does not propose any
`
`particular construction for the term. Reply 6; Tr. 17:13—20:22 (arguing also
`
`that the Board does not need to construe the term because the prior art shows
`
`the limitation under any reasonable construction of the term). Because
`
`resolution of the scope of the phrase “determining whether” is not necessary
`
`to our determination, we do not discuss this term further. See Nidec Motor
`
`Corp. v. Zhongshdn Broad Ocean Motor Ca, 868 F.3d 1013, 1017 (Fed.
`
`Cir. 2017); Vivid Techs, Inc. v. Am. Sci. & Eng’g, Inc, 200 F.3d 795, 803
`
`(Fed. Cir. 1999) (“[O]nly those termsneed be construed that are in
`
`controversy, and only to the extent necessary to resolve the controversy”)
`
`Second, our Decision on Institution noted that we issued a Final
`Written Decision in IPR2015-01974 (Paper 49, March 15, 2017) in which
`
`we construed “executable code” in the phrase recited in claims 14 and 19 of
`the ’633 patent, in the context of the surrounding claim language and the
`
`Specification, to mean that the “the executable code whose operations are
`
`processed by the mobile protection code at the destination is the same as the
`
`executable code received, i.e., it undergoes no modification.” Ex. 2002, 18
`
`2 See Ex. 1001, 9:52—57, Fig. 3.
`
`
`
`IPR2018-0039l
`
`Patent 7,647,633 B2
`
`(emphasis added). Petitioner mentions the “no modification” requirement
`
`while contending that the prior art meets the claim language, but does not
`
`argue the meaning of the claim language further. Pet. 57 n5. Neither party
`urges that we revisit the construction of the “executable code” phrase of
`
`claim 14 (“causing mobile protection code to be executed .
`
`.
`
`. at the
`
`downloadable-information destination such that one or more operations cf
`
`the executable code at the destination, if attempted, will be processed by
`
`mObile protection code”). Accordingly, we adopt our prior determination
`
`here.
`
`3.
`“information re-communicator” and “information monitor”
`V. Patent Owner proposes construction for these terms as follows (PO
`
`7
`
`i
`
`Resp. ll, 14):
`
`'
`l_—_——_—~‘_————_,—”—'
`Term
`Patent Owner 3 Proposal
`
`
`
`
`
`
`
`
`Information re-communicator
`'
`
`Information monitor
`
`
`
`A computing device that receives
`downloadable-informationfrOm an
`external network and then sends it on
`to its destination
`
`‘ A component of an information re-
`communicator that monitors
`downloadable-information from an
`
`external network
`
`The particular dispute concerning these terms focuses on whether the
`
`downloadable-information must be received from an external network.
`
`Asserting theterms so require, Patent Owner argues that Hanson does not
`
`disclose thelimitation because Petitioner relies on “downloadable-
`
`information” that is received from an internal company netWOrk. PO Resp.
`
`25—26 (relying on Medvidovic Declfil 71). Petitioner responds that the
`
`recited re-communicator is a server. Reply 4 (citing EX. lOOl, 2:60~63).y
`
`
`
`IPR2018-00391
`
`Patent 7,647,633 B2
`
`Petitioner also argues that the Specification describes an embodiment in
`
`which a “user-device” could be configured as a firewall or server and
`
`therefore would receive information from an internal network. Id. (citing
`
`'
`Ex. 1001, 7:43-62).
`We agree with Petitioner that the “information re-communicator” is
`
`not limited to receiving doWnloadable-information from an external
`
`network. First, the Vclaims are silent as to the source of the “downloadable-
`information.” Therefore,lfrom the plain meaning of the claim language,
`
`there is no requirement that the “re-communicator” receive downloadable-
`
`information from an external network. Second, the Specification describes
`
`consistently a server or a firewall as a “re-communicator.” These
`
`descriptions are general, and do not restrict the server or firewall to
`
`processing the downloadable-information solely to that coming from an
`
`“external network.” For instance, the Abstract states that a “protection
`engine embodiment provides, within a server, firewall or other suitable ‘re-
`
`communicator,’ for monitoring information received by the communicator.”
`Ex. 1001, Abst. As another example, Figure 9 depicts, at step 901, “Monitor
`
`re—communicator (e.g., server) operation.” Id at Fig. 9. And significantly,
`
`in the Summary of the Invention, the Specification identifies a “server” as
`synonymous with “re-communicator” without limitation: “one or more
`
`network servers, firewalls or other network connectable information re-
`communicating devices (as are referred to herein summarily [as] one or
`
`more ‘servers’ or ‘re-communicators’).” Id at 2:58—62; see also id. at
`
`5:34—36 (“Embodiments provide, within one or more ‘servers’ (e.g.,
`
`firewalls, resources, gateways, email relays or other information re—
`communicating devices)”), 7:2—5 (“system 104a .
`.
`. can include a
`
`10
`
`
`
`IPR2018—00391
`
`Patent 7,647,633 B2
`
`protection-initiating host ‘server’ or ‘re-communicator’ (e.g., ISP server
`
`140a), 7:50—52 (“(i.e., as a ‘re-communicator’ or ‘server’)”), 18:33—35 (“a
`
`protection engine monitors the receipt, by a server or other re¥conimunicator
`
`of information, and receives such information intended for a protected
`
`information~destination (i.e., a potential Downloadable)”).
`
`The broad description of the “re-Communicating” devices as, for
`
`example, servers, leads us to the conclusion that the “information re-
`
`communicators” of claims 2, 9, 10, and 14 are generally devices or processes
`
`that “re-communicate” the received information, much like aserver,
`
`»
`
`firewall, gateway, or other device that transfers the received information.
`
`See, e.g., id. at 7z8~ll (“IPS server 140a includes one or more email,
`
`Internet or other servers 141a, or other devices or processes capable of
`transferring or otherwise ‘re—communicating’ downloadable information to
`
`user devices 145.”). Thus, we conclude that the term “information re-
`
`communicator” is not limited to receiving “downloadable-information” from
`an external network. Because the “information monitor” term (claim 8),
`likewise, is recited as “receiving downloadable-information by a computer”
`
`without requiring any specific network source, this term also is not limited to
`
`an external network.
`
`4.
`"downloadable-information”
`Patent Owner contends that the term "downloadable-information”
`means “information which is downloaded from a source computer which
`may or may not include ekecutable code.” PO Resp. 10. Patent Owner
`relies on the Medvidovic Declaration in support of its construction. Id.
`
`(citing Medvidovic Decl. 1] 45). Patent Owner argues that Dr. Clark
`
`11
`
`
`
`IPR2018—00391
`
`Patent 7,647,633 B2
`
`provided support for its contention during cross-examination by giving the
`
`following testimony:
`
`Q. So how do you interpret the term “downloadable
`information”?
`
`A. As it says in paragraph 32 and as we discussed earlier, it
`explains that downloadable information includes data that
`can be downloaded and that may or may not include
`executable code.
`5
`
`Q. What does the term “download” mean?
`
`A. Generally to retrieve something from a server.
`
`Id. (quoting Ex. 1027, 44:20—45:6) (emphasis by Patent Owner). The
`
`dispute centers on whether the downloadable-information is limited only to
`
`data that is capable of being downloaded. See PO Resp. 23 (arguing that
`
`Hanson’s “request for server resources” are not “data that can be
`
`downloaded and that may or may not include executable code”).
`
`Petitioner, in response, focuses on whether the claim term requires a
`
`source computer. Reply 3. But, more importantly, Petitioner argues that we
`
`need not construe the term because the asserted prior art teaches
`
`"downloadable-information” under any reasonable interpretation. Id, at 4.
`
`We agree with Petitioner that we need not construe the term because, as
`
`discussed below, Petitioner has shown that prior art teaches the limitation,
`
`even under Patent Owner’s interpretation.
`
`B. PRINCIPLES OF LAW AND LEVEL OF ORDINARY SKILL IN THE ART
`
`A claim is unpatentable under 35 U.S.C. § 103(a) if the differences
`
`between the claimed subject matter and the prior art are such that the subject
`
`matter, as a whole, would have been obvious at the time the invention was
`
`12
`
`
`
`IPR201 8-00391
`
`Patent 7,647,633 B2
`
`made to a person having ordinary skill in the art to which‘said subject matter
`
`pertains. KSR Int’l Co. v. Teleflex Inc., 550 US. 398, 406 (2007). The
`
`questiOn of obviousness is resolved on the basis of underlying factual
`determinations including (1) the scope and content of the prior art; (2) any
`
`differences between the claimed subject matter and the prior art; (3) the level
`
`of skill in the art; and, (4) where in evidence, so-called secondary
`
`considerations, including commercial success, long-felt but unsolved needs,
`
`failure ofothers, and unexpected results. Graham v. John Deere Ca,
`
`383 US. 1, 17—18 (1966) (“the Graham factors”).
`
`As to the level of ordinary skill in the art, Petitioner provides
`testimony from Dr. Clark that a person of ordinary skill in the art would
`
`have had a working knowledge of downloading information from the World
`Wide Web, the vulnerability of downloadable-information to contain
`
`malicious operations, and methods for preventing the execution of malicious
`operations. Clark Decl. ii 21. Dr. Clark opinesthat a person of ordinary
`
`skill in the art would have gained the requisite knowledge and experience
`through education, such as a Bachelor’s degree in computer science,
`computer programming, electrical engineering, and four years of experience
`in programming, or by obtaining a Master’s degree in electrical engineering,
`but having only one totwo years of programming experience.
`Ia’. Dr. Clark
`also opines that a. person of ordinary skill in the art may have had no formal
`education, but may have gained the requisite level of knowledge through
`eight years, of computer programming experience. 7d. Patent Owner’s 1
`expert, Dr. Medvidovic, acknowledges the opinion ofDr. Clark and states
`his opinions “would be the same if rendered from the perspective of a person
`
`of ordinary skill in the art set out by DrfClark.” Medvidovic Decl. ii 38.
`
`13
`
`
`
`IPR2018—0039l
`
`Patent 7,647,633 B2
`
`Accordingly, we adopt the level of ordinary skill invthe art articulated by Dr.
`
`Clark.
`
`' C. OVERVIEW OF HANSON AND HYPPONEN
`
`For all independent claims, Petitioner relies on Hanson or Hanson and
`
`Hypponen as teaching all the recited limitations. An overview of these
`
`references follows.
`
`I . Hanson
`
`Hanson is an international application published under the Patent
`Cooperation Treaty as WO 198/31124 (published July 16, 1998). Ex. 1004,
`
`(l l), (43). Hanson is directed to client/server computer communication over
`
`an internetwork system and to improved access of firewall protected servers.
`
`Id at 1, 3—5. Hanson notes the problem of growing Internet use with respect
`
`to security, particularly for “internal company computers being
`compromised by an external entity.” Id at 2:5—9. Hanson describes that
`
`security of internal computers is provided by a firewall, which is a filter that
`
`blocks communication in both directions: “input to the internal network of
`
`thecompany and output to the Internet.” Id. at 229—14. Hanson also
`
`describes further security provided by a proxy server, which behaves as a
`
`relay between an internal network and the Internet for communication
`requests initiated inside the company’s network. Id at 2:15—17. Proxy
`
`servers trust all internal computers and assume that communication from an
`
`internal computer (to the proxy server) will not compromise security of other
`
`internal computers. Id. at 2:18—20. Hanson, however, recognizes that
`
`communications received from computers on the Internet at large are a
`
`14
`
`
`
`IPR2018-00391
`
`Patent 7,647,633 B2
`
`security threat, especially for a company that selectively wants to share
`
`internal company resources on the Internet. Id. at 2:20—24.
`
`Hanson aims to provide secure two-way data communication over the
`
`Internet without having to open the firewall or installing a new network open
`
`to the Internet. Id. at 2:32—3 :6. Figure 2, reproduced below, illustrates the
`
`components of Hanson’s system.
`
`
`
`COMPANY
`
`13 \1
`
`£49
`
`22:2th
`s
`‘
`.1
`l
`INTERNAL ADDRESS
`
`1
`FILE
`
`d—LJ
`
`
`
`
`
`BASTION
`
`25"
`
`1
`L RULES FILE
`
`5"“M‘
`
`a
`
`CLIENT
`
`NETWORK
`
`
`
`.
`
`"1"
`
`'
`
`‘
`
`NETWORK
`
`11
`
`IV
`
`in.
`[i DOMAINNAMESERVER
`.................................2 1.5/6, 2
`
`
`
`2;
`
`
`
`”
`
`FTREWALL
`
`:23
`7—2
`
`
`
`L
`
`«
`
`J
`
`Figure 2 depicts a network system for secured communication
`
`between a requester or client 15 and servers 20, protected by firewall 22. Id.
`
`at 4:16—18. Figure 2 also illustrates bastion server 18, which includes
`
`internal address file 26 and rules file 24 stored in memory. Hanson
`
`describes that when client 15 sends a data packet identifying any server 20,
`
`behind firewall 22, as the destination, the data packet is delivered first to
`
`15
`
`
`
`IPR2018-00391
`
`Patent 7,647,633 B2
`
`bastion server 18. Id at 5:2—‘16. The address of server 20 is resolved at
`
`bastion server 18 because internal address file 26 contains the server names
`
`of servers 20. Id at 6:9—10. If an internal address matching the desired
`
`server is found in internal address file 26, the received packet “is checked
`
`against rules contained Within the rules file.” Id. at 6, 16—17. Rules file 24
`
`“provides a predetermined set of rules for maintaining secured
`
`communication of data packets passing in both directions through bastion
`
`server 18.” Id. at 528—10. “The rule checks include certain security[]
`
`programs that operate upon received data packets and, particularly data
`
`packets that are or include programs.” Id. at 6:22—23. In particular, Hanson
`
`describes the rules with respect to Table 3, reproduced below.
`
`Destination 1?: 204.95.95.0~94
`
`FILE: virusesdat
`
`FILE: ps_error.dat
`
`Flags: 0110001101
`
`URL: fujilhdacomftafgethtml
`
`ActiveX Checks:
`
`JAVA Checks:
`
`signatureclass
`
`securitynclass
`
`testciass
`
`secun .067:
`Table 3 —~ rules file.
`
`Table 3 illustrates an example set of rules for checking data packets
`
`passing through bastion server 18. Id. at 922—3. Hanson explains that the
`
`bastion server cheCks data packets against known viruses and data errors by
`
`checking against the files “virusesdat” and “ps_error.da .” Id. at 10—14.
`
`16
`
`
`
`IPR2018-00391 » ’.
`Patent 7,647,633 B2
`
`The rules file also includes “JAVA Checks” and “Active X Checks.” Id. at
`
`Table 3, 10:8—8, 1123—6. Hanson describes the “JAVA Checks” code line of
`Table 3 as indicating the JAVA class files that execute “if the bastion
`
`receives a JAVA applet as or in a data packet.” Id. at 1028—9. In particular,
`
`Hanson describes that each of the class files indicated performs “specific
`
`checks of received JAVA applets.” Id. at 1029—10. For the “securityclass”
`
`program, Hanson states that this program “performs security operations
`
`similar to that performed by a complete, secure JAVA virtual machine.” Id.
`
`at 13—14. The program performs “protective illegal operation overrides by
`
`attaching itself to the applet being sent in the data packet.” Id. at 10: 14—16.
`
`“When the applet intended for the recipient is run at th