`
`
`
`
`Case IPR2019-00821
`Patent 8,037,302
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`APPLE INC.,
`Petitioner,
`
`v.
`
`MPH TECHNOLOGIES OY,
`Patent Owner.
`____________
`
`Case IPR2019-00821
`Patent 8,037,302
`____________
`
`
`EXHIBIT 2002
`
`DECLARATION OF PROFESSOR GEORGE N. ROUSKAS, PH.D.
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 1
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`TABLE OF CONTENTS
`
`Page
`
`V. 
`
`INTRODUCTION ........................................................................................ 1 
`I. 
`QUALIFICATIONS ..................................................................................... 1 
`II. 
`III.  BASES OF OPINIONS ................................................................................ 6 
`IV.  APPLICABLE LEGAL STANDARDS ...................................................... 8 
`A.  Ordinary Skill in the Art ........................................................................ 8 
`B.  Claim Construction ............................................................................. 10 
`C.  Obviousness (35 U.S.C. § 103) ........................................................... 11 
`OVERVIEW OF THE ’302 PATENT AND THE STATE OF THE
`ART AT THE TIME OF THE INVENTION .......................................... 15 
`A.  Technical Background ......................................................................... 16 
`B.  The Mobility Problem Addressed by the ’302 Patent ......................... 21 
`C.  The ’302 Patent’s Solution to the Mobility Problem .......................... 26 
`VI.  CLAIM CONSTRUCTION ....................................................................... 29 
`A. 
`Secure Connection ............................................................................... 30 
`B.  Establishing ......................................................................................... 32 
`VII.  CLAIMS 1-13 AND 16 ARE PATENTABLE OVER THE
`COMBINATION OF AHONEN AND ISHIYAMA (GROUND 1) ...... 34 
`A.  Overview of Ahonen .......................................................................... 34 
`B.  Overview of Ishiyama ....................................................................... 38 
`C.  The Petition Fails to Establish that the Prior Art Teaches
`“Establishing a Second Secure Connection” that has a First
`Terminal with a Different, Second Address from the First
`Address in “Establishing a First Secure Connection” ................... 41 
`i
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 2
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`1. 
`
`2. 
`
`The Petition Fails To Prove That Ahonen Teaches
`“Establishing A Second Secure Connection Extending
`Between A Second Network Address Of The First Terminal
`And The Original Network Address Of The Second
`Terminal” .................................................................................. 42 
`Ahonen’s Mobile Host Pre-Creates Security Associations
`from a Fixed Address ................................................................ 48 
`D.  The Petition Fails to Establish that the Prior Art Teaches the
`“First Terminal Checking Whether the Second Secure
`Connection [with the Second Address] Already Exists” ............... 51 
`E.  The Petition Fails to Establish that the Asserted References
`Teach the “Establishing A First Secure Connection As Being
`An Active Connection” ..................................................................... 56 
`F.  The Petition Fails to Establish that the Prior Art Teaches the
`Inventions Defined by Dependent Claims 2-13 and 16 .................. 61 
`VIII.  CLAIMS 15 AND 16 ARE PATENTABLE OVER THE
`COMBINATION OF AHONEN, ISHIYAMA AND GUPTA
`(GROUND 2) ............................................................................................... 61 
`IX.  CONCLUSION ........................................................................................... 62 
`
`
`ii
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 3
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`I.
`
`INTRODUCTION
`1. My name is George Rouskas. I have been retained as an expert
`
`witness to provide my independent opinion in regards with matters at issue in the
`
`inter partes review of U.S. 8,037,302 (“the ’302 Patent”) in the IPR2019-00821
`
`proceeding. I have been retained by MPH Technologies Oy (“MPH”), the Patent
`
`Owner, in the above proceedings. Petitioner in this case is Apple Inc. (“Apple”).
`
`2.
`
`Unless otherwise noted, the statements made herein are based on my
`
`personal knowledge, and if called to testify about this declaration, I could and
`
`would do so competently and truthfully.
`
`3.
`
`A detailed record of my professional qualifications including cases in
`
`which I was an expert is being submitted herewith as Exhibit 2003 and is
`
`summarized in Section II, infra.
`
`4.
`
`I am not a legal expert and offer no opinions on the law. However, I
`
`have been informed by counsel of the various legal standards that apply, and I have
`
`applied those standards in arriving at my conclusions.
`
`II.
`
`QUALIFICATIONS
`5.
`I am an Alumni Distinguished Graduate Professor with Tenure in the
`
`Department of Computer Science at North Carolina State University (NC State),
`
`where I also serve as the Director of Graduate Programs. I am an experienced
`
`researcher and educator in the field of computer networking, with expertise in
`
`1
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 4
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`Internet architectures and protocols, virtualization and cloud computing, mobile
`
`devices, network devices, network security and security protocols, in a variety of
`
`applications including providing for the protection of information transmitted
`
`between devices within and among networks.
`
`6.
`
`I have thirty years of experience in computer networking since I
`
`received my bachelor’s degree in 1989. I have twenty-five years of experience as a
`
`professor in the Department of Computer Science of NC State.
`
`7.
`
`During this time, I have led, overseen, and contributed to numerous
`
`research projects involving technical concepts that are related to the technology at
`
`issue in the IPR2019-00821 proceeding, which relates to the issue of providing
`
`mobility to secure connections over networks, such as where a first computer
`
`device in secure communication with a second computer device changes its
`
`location from a first address to a second address. For example, as part of our NSF-
`
`funded ChoiceNet project, my research group developed a new Internet
`
`architecture, a suite of communication protocols, and a proof-of-concept prototype
`
`implementation to enable real-time economic transactions in the network layer,
`
`including secure payments. For an earlier NSA-funded Jumpstart project, my
`
`group developed a novel signaling architecture and protocol for high-speed
`
`networks and designed relevant security mechanisms.
`
`2
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 5
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`8.
`
`I have taught courses on computer networks, Internet protocols, data
`
`structures and computer performance evaluation. In 1997 I created one of the first
`
`graduate level courses on Internet Protocols, which I teach regularly, and in which
`
`I cover in detail topics related to network security (including IPSec) and mobile IP.
`
`9.
`
`I received numerous accolades for my contributions to computer
`
`networking and was elected as Fellow of the IEEE in 2012. These include the
`
`Outstanding Service Award for the Optical Networking Technical Committee
`
`(ONTC) of the IEEE Communication Society (2019); the Joyce Hatch Service
`
`Award from the NC State Chapter of the Association for Computing
`
`Machinery/Association of Information Technology Professionals (ACM/AITP)
`
`(2018); Distinguished Lecturer in the IEEE (2010-2012); an IBM Faculty Award
`
`(2007); the Best Paper Award for the International Workshop on End-to-End
`
`Virtualization and Grid Management (EVGM) (2007) (with C. Castillo and K.
`
`Harfoush); the Best Paper Award for the International Symposium on
`
`Communication Systems, Networks and Digital Signal Processing (CSNDSP)
`
`(2006) (with B. Chen and R. Dutta); the ALCOA Foundation Engineering
`
`Research Achievement Award, NC State College of Engineering (2004); Alumni
`
`Outstanding Research Award, NC State (2003); a CAREER Award from the
`
`National Science Foundation (1997); and the Graduate Research Award from the
`
`Georgia Tech College of Computing (1994).
`
`3
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 6
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`10.
`
`I received my PhD in Computer Science (Georgia Institute of
`
`Technology, 1994); M.S. in Computer Science (Georgia Institute of Technology,
`
`1991); and B.S. in Computer Engineering (National Technical University of
`
`Athens, 1989).
`
`11.
`
`In 2000-2001, while on Sabbatical from NC State, I worked as
`
`Network Architect for Vitesse Semiconductor, where I was responsible for the
`
`design of a state-of-the-art 2.5 Gbps network processor.
`
`12. My work as an academic began in 1994, when I joined NC State as an
`
`Assistant Professor. In 1999, I was promoted to Associate Professor with Tenure at
`
`NC State. In 2002, I was promoted to the position of Professor at NC State.
`
`13.
`
`I have had visiting positions at a number of international universities,
`
`including positions as a Distinguished Scientist at King Abdulaziz University
`
`(Saudi Arabia, March 2013 to present); Visiting Professor at the Laboratoire
`
`d’Informatique University of Paris 6 (France, October 2012); Visiting Professor at
`
`the Universidad Tecnica Federico Santa Maria (Chile, December 2008); and
`
`Visiting Professor at the Laboratoire de Méthodes Informatiques University of
`
`Evry (France, July 2006, December 2002, June 2000).
`
`14.
`
`I have received funding from numerous agencies, foundations and
`
`companies for research on network design and communication. The sources of
`
`funding for this research include the National Science Foundation (NSF), the
`
`4
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 7
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`Defense Advanced Research Projects Agency (DARPA), the National Security
`
`Agency (NSA), Microsoft, IBM and Cisco.
`
`15.
`
`I have served in a number of leadership roles for the IEEE, including
`
`as Chair of the IEEE Communications Society’s Distinguished Lecturer Selection
`
`Committee (2016-2017); Vice Chair of the IEEE Communications Society’s
`
`Technical and Educational Activities Council (2016-2017); and Chair of the IEEE
`
`Communications Society’s Optical Networking Technical Committee (2016-2017).
`
`16.
`
`I have served in various editorial positions, including as founding
`
`Editor-in-Chief of IEEE Networking Letters (2018-present); founding Editor-in-
`
`Chief of Elsevier Optical Switching and Networking Journal (2004-2017);
`
`Associate Editor, IEEE/OSA Journal of Communications and Networking (2010-
`
`2012); Co-Guest Editor, JCM Journal of Communications, Special Issue on the
`
`“Advances in Communications and Networking,” vol. 6, no. 9, December 2011;
`
`Associate Editor, IEEE/ACM Transactions on Networking (2000-2004); Associate
`
`Editor, Computer Networks (2001-2004); Associate Editor, Optical Networks
`
`(2000-2004); and Co-Guest Editor, IEEE Journal on Selected Areas in
`
`Communications, Special Issue on “Protocols for Next Generation Optical WDM
`
`Networks,” vol. 18, no. 10, October 2000.
`
`17.
`
`I have graduated twenty-five Ph.D. students. Two received PhD
`
`dissertation awards, one received an NSF Career award, and one became an NSA
`
`5
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 8
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`Fellow. Three of my former Ph.D. students became Assistant Professors upon
`
`graduation, and the rest joined significant technology companies or research
`
`institutes, including RENCI (UNC-Chapel Hill), IBM Research, Google,
`
`Facebook, Cisco, Oracle, Ericsson, Riverbed Technologies, Sprint, and Sierra
`
`Wireless, among others. I have graduated twelve M.S. students.
`
`18. During the course of my career, I had more than 200 scientific
`
`articles, three books and ten book chapters published, which have collectively
`
`received more than 8500 citations (Google Scholar, as of November 21, 2019).
`
`These are summarized in my curriculum vitae.
`
`III.
`
`BASES OF OPINIONS
`19.
`In the course of conducting my analysis and forming my opinions, I
`
`have reviewed at least the materials listed below as well as all of the exhibits
`
`submitted by Patent Owner in IPR2019-00819 and IPR2019-00820:
`
`i.
`
`ii.
`
`iii.
`
`iv.
`
`v.
`
`U.S. Patent No. 8,037,302 and its prosecution history;
`
`Petition by Apple in IPR2019-00819;
`
`Petition by Apple in IPR2019-00820;
`
`Petition by Apple in IPR2019-00821;
`
`Declaration of Dr. David Goldschlag in IPR2019-00819;
`
`vi. Declaration of Dr. David Goldschlag in IPR2019-00820;
`
`vii. Declaration of Dr. David Goldschlag in IPR2019-00821;
`
`6
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 9
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`viii. Patent Owner’s Preliminary Response in IPR2019-00819;
`
`ix.
`
`x.
`
`xi.
`
`Patent Owner’s Preliminary Response in IPR2019-00820;
`
`Patent Owner’s Preliminary Response in IPR2019-00821;
`
`Institution Decision by the PTAB in IPR2019-00819;
`
`xii.
`
`Institution Decision by the PTAB in IPR2019-00820;
`
`xiii.
`
`Institution Decision by the PTAB in IPR2019-00821;
`
`xiv. Deposition Transcript of Dr. David Goldschlag (December 17, 2019)
`
`xv. U.S. Pat. No. 7,620,810;
`
`xvi. U.S. Pat. No. 7,937,581;
`
`xvii. U.S. Pat. No. 6,904,466 (“Ishiyama”);
`
`xviii. U.S. Pat. No. 7,028,337 (“Murakawa”);
`
`xix. U.S. Pat. No. 6,976,177 (“Ahonen”);
`
`xx. WIPO Pub. WO 01/54379 A1 (“Ahonen WO”);
`
`xxi. U.S. Pat. No., 6,954,790 (“Forslow”);
`
`xxii. Gupta et al., “Complete Computing,” WWCA '98 Proceedings of the
`Second International Conference on Worldwide Computing and Its
`Applications (March 4-5, 1998) (“Gupta”)
`
`
`xxiii. Network Working Group Requests for Comments: 2401(S. Kent, R.
`Atkinson) (Nov. 1998), “Security Architecture for the Internet
`Protocol”) (RFC 2401)
`
`
`
`
`
`
`7
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 10
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`IV.
`
`APPLICABLE LEGAL STANDARDS
`A. Ordinary Skill in the Art
`
`20. My opinions in this declaration are based on the understandings of a
`
`person of ordinary skill in the art, which I understand is sometimes referred to as
`
`an “ordinary artisan” or by the acronyms “POSITA” (person of ordinary skill in the
`
`art) or “PHOSITA” ” (person having ordinary skill in the art), as of the time of the
`
`invention, which I understand is here assumed to be at least September 27, 2002,
`
`the filing date of the Patent Cooperation Treaty (PCT) Application
`
`PCT/FI02/00771 to which priority is asserted. I also understand that the ’302
`
`Patent application asserts priority to the filing date (September 28, 2001) of the
`
`application filed in Finland, FI 20011911. See Ex. 1001 [’302 Patent] (Cover Page)
`
`0001. My analysis and conclusions are the same whether the relevant time period
`
`is 2001 or 2002. I understand that the person of ordinary skill in the art is a
`
`hypothetical person who is presumed to have known the relevant art at the time of
`
`the invention. By “relevant,” I mean relevant to the challenged claims of the ’302
`
`Patent.
`
`21.
`
`I understand that, in assessing the level of skill of a person of ordinary
`
`skill in the art, one should consider the type of problems encountered in the art, the
`
`prior solutions to those problems found in the prior art references, the rapidity with
`
`which innovations are made, the sophistication of the technology, the level of
`
`8
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 11
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`education of active workers in the field, and my own experience working with
`
`those of skill in the art at the time of the invention.
`
`22.
`
`In this case, Dr. Goldschlag has asserted in his declaration that a
`
`person of ordinary skill in the art as of the time of the ʼ302 Patent would have had
`
`a Bachelor’s degree in Electrical Engineering, Computer Engineering, Computer
`
`Science, or an equivalent field, as well as at least 3-5 years of industry experience
`
`in communications network design and programming. Ex. 1002 [Goldschlag dec.]
`
`8 (par. 22).
`
`23.
`
`I believe that the person of ordinary skill in the art as of the time of
`
`the ʼ302 Patent would have had a Bachelor’s degree in Electrical Engineering,
`
`Computer Engineering, Computer Science, or an equivalent field, as well as at
`
`least 2-5 years of academic or industry experience in computer network security.
`
`This is the level of skill provided by Dr. Goldschlag in IPR2019-00819 and
`
`IPR2019-00820, each of which involved similar technology to that of the ’302
`
`Patent, which is the secure delivery of messages in networks between mobile
`
`terminals and other terminals. Also, the priority dates of the patents in all three
`
`proceedings extend back to 2001, so the date of the invention for the ’302 Patent
`
`does not alter the level of skill.
`
`24.
`
`I note that the level of skill in the art set forth in the Petition is slightly
`
`different from that set forth in Dr. Goldschlag’s declaration. The Petition states that
`
`9
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 12
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`“a person of ordinary skill in the art (‘POSITA’) would have a B.S. degree in
`
`Computer Science, Electrical Engineering, or an equivalent field, as well as at least
`
`3-5 years of academic or industry experience in network security, or comparable
`
`industry experience. Goldschlag Dec., ¶22.” Pet., at 14. I consider this definition of
`
`the level of ordinary skill in the art to be commensurate with the one I have
`
`provided above.
`
`25.
`
`I was at the time of invention, and am, one of more than ordinary skill
`
`in the art through my education and research experience. As of the date of the
`
`invention, I am very familiar with the types of problems encountered in computer
`
`network security, the types of prior art solutions described in prior art references,
`
`and the rapidity at which innovations are made. Indeed, I am very familiar with
`
`people having this level of skill in the area of computer network security. At the
`
`time of the invention, and since that time, I have been teaching undergraduate and
`
`graduate level courses in computer network architecture and protocols including
`
`various techniques for addressing information security.
`
`B. Claim Construction
`
`26.
`
`I understand that claims of the patent-at-issue in this IPR are generally
`
`interpreted according to their ordinary and customary meaning taking into
`
`consideration the so-called “intrinsic evidence” of the patent consisting of (1) the
`
`claim language; (2) the specification; and (3) the prosecution history.
`
`10
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 13
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`27.
`
`I understand that claim terms may be explicitly defined in the patent
`
`specification or they may be implicitly defined through consistent usage in the
`
`specification. I also understand that the scope of claim terms may be limited by
`
`statements in the specification or prosecution history where the applicant clearly
`
`disavows or disclaims subject matter.
`
`28. The Petitioner has provided a specific definition for “a first secure
`
`connection”/“a second secure connection” to mean “establishing one or more first
`
`security associations” and “establishing one or more second security associations.”
`
`Goldschlag Decl., ¶¶40-43.” Pet. at 15. I will explain below why I disagree with
`
`that construction.
`
`29.
`
`I will also offer my opinion that the proper construction of
`
`“establishing a first/second secure connection” requires forming or creating a new
`
`secure connection. POPR, at 9. In other words, “establishing” a secure connection
`
`is properly construed to require forming (or creating) a new secure connection.
`
`POPR, at 10. The language of the claims does not require that the established
`
`secure connection requires security associations, as the Petitioner’s definition
`
`would provide.
`
`C. Obviousness (35 U.S.C. § 103)
`
`30.
`
`I have been informed that a patent may be invalid if the claimed
`
`invention would have been obvious at the time the invention was made to a person
`
`11
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 14
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`having ordinary skill in the art. I have been informed that the following factors
`
`must be evaluated to determine whether Petitioner has met its burden of proof that
`
`a claimed invention is obvious:
`
`1. The scope and content of the prior art relied upon by Petitioner;
`
`2. The difference or differences, if any, between each claim of the patent
`
`and the prior art;
`
`3. The level of ordinary skill in the art at the time the invention of the patent
`
`was made; and
`
`4. Any objective indicia of non-obviousness, including, for example:
`
`(1) commercial success of an embodiment; (2) a long-felt need;
`
`(3) skepticism; (4) failure by others to find the solution provided by the
`
`claimed invention; (5) copying by others of the subject matter of the
`
`claim invention; (6) unexpected results of the claimed invention;
`
`(7) acceptance of others and industry praise; and (8) licensing of the
`
`patents.
`
`31.
`
`I have been informed that a claim is not proved obvious merely by
`
`demonstrating that each of the elements was independently known in the prior art.
`
`I have been informed that many, if not all, inventions rely on building blocks
`
`already known, and claimed inventions almost of necessity will likely be
`
`combinations of what is already known.
`
`12
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 15
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`32.
`
`I have been informed that a combination of prior art references must
`
`disclose, teach or suggest all of the recited limitations of the claim for the invention
`
`to be found obvious.
`
`33.
`
`I have been informed that it is important in the obviousness inquiry to
`
`identify whether a reason existed at the time of the invention that would have
`
`motivated a person of ordinary skill in the art in the relevant field to combine or
`
`modify the prior art references in the manner proposed by the Petitioner so as to
`
`arrive at the claimed invention. Put another way, a finding of obviousness should
`
`be supported by an apparent reason to combine or modify the prior art references
`
`as proposed by the Petitioner.
`
`34.
`
`I have been informed that it is important in the obviousness inquiry
`
`that it is understood how the combination of references is supposed to work. An
`
`explanation of the operation of the combined references is often a prerequisite to
`
`showing that a person of ordinary skill in the art would have been motivated to
`
`make the proposed combination and would have had a reasonable expectation of
`
`success.
`
`35.
`
`I have been informed that a finding of obviousness “requires the
`
`additional showing that a person of ordinary skill at the time of the invention
`
`would have selected and combined those prior art elements in the normal course of
`
`research and development to yield the claimed invention.” Unigene Labs., Inc. v.
`
`13
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 16
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`Apotex, Inc., 655 F.3d 1352, 1360 (Fed. Cir. 2011). In addition, I have been
`
`informed that a person of ordinary skill in the art should have had a reasonable
`
`expectation of success in combining the references as proposed.
`
`36.
`
` In assessing obviousness, I have been instructed to consider both the
`
`ordinary creativity and common sense of the person of ordinary skill in the art. I
`
`also understand that it is impermissible for common sense to be applied so as to fill
`
`gaps in prior art that fails to teach or suggest a limitation of the claim. I also
`
`understand that the obviousness inquiry should guard against hindsight bias or
`
`hindsight reconstruction where after-the-fact reasoning is applied to combine prior
`
`art elements using the claimed invention as a template, without establishing that, as
`
`of the date of the invention, there exists a motivation to combine or apparent
`
`reason to combine the prior art as proposed.
`
`37.
`
`In assessing obviousness, I have been instructed that, in order to
`
`qualify as proper prior art for an obviousness analysis, a reference must qualify as
`
`analogous art. I have been informed that a reference qualifies as analogous art with
`
`respect to the claims if it is either: (1) from the same field or endeavor as the
`
`patent; or (2) the reference is reasonably pertinent to the particular problem
`
`addressed by the invention. I have also been informed that in order for a reference
`
`to be reasonably pertinent, it must logically have commended itself during the
`
`14
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 17
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`ordinary course of development to an inventor’s attention in considering his
`
`problem.
`
`38.
`
`In assessing obviousness, I have also been instructed that, as noted
`
`above, secondary considerations can often be probative evidence of non-
`
`obviousness and can serve to avoid hindsight bias. I have been instructed that
`
`secondary considerations can be sufficient to overcome a prima facie case of
`
`obviousness. I have been instructed that Patent Owner can show non-obviousness
`
`if: (1) the industry praised their work; (2) their design was copied by others; (3)
`
`their design achieved a high level of commercial success; or (4) their invention had
`
`unexpected beneficial results, for example.
`
`V.
`
`OVERVIEW OF THE ’302 PATENT AND THE STATE OF THE ART
`AT THE TIME OF THE INVENTION
`For clarity to the reader, my citations will adhere to these formats:
`
` Petitions and other papers filed by the parties will be abbreviated.
`
`Example: Pet., at 10, 12) refers to the Petition at pages 10 and 12.
`
` Patents will be cited by their exhibit number, bates stamped page and
`
`specific column and line numbers. Example: Ex. 1005 [Ishiyama]
`
`0011 (1:10-12) refers to the Ishiyama patent at page 0011 and Col. 1,
`
`lines 10-12.
`
`15
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 18
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
` Articles and other publications will be cited by their exhibit number,
`
`bates stamped page and their original page number (and line numbers
`
`or paragraph numbers, if appropriate). Ex. 1007 [RFC 2401] 5.
`
`A. Technical Background
`
`39. Telecommunications networks can encompass a vast array of
`
`components including local area networks (LANs), wide area networks (WANs)
`
`and various computing devices all interconnected using intermediary networking
`
`devices. Intermediary networking devices such as routers enable different networks
`
`to be interconnected so as to function as an “internetwork,” that is, as an internet.
`
`Such interconnected networks can allow geographically dispersed users to
`
`communicate. Ex. 1001 [’302 Patent] 0004 (1:20-24).
`
`40. Normally, a person who mails a sealed letter does not want and does
`
`not expect that the contents of the letter will be read by a third party while the letter
`
`is en route to the intended recipient. In a similar manner, those parties who
`
`exchange communications between a first terminal and a second terminal want to
`
`protect the confidentiality and integrity of the information they are exchanging.
`
`The patented inventions help permit similar security expectations to be satisfied in
`
`new, complex, and challenging computer functionality contexts.
`
`41. The ’302 Patent explains that IPSec is a technology to secure the
`
`communications of messages across networks:
`
`16
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 19
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`The IP security protocols (IPSec) provides the capability to secure
`communications across a LAN, across private and public wide area
`networks (WANs) and across the internet. IPSec can be used in
`different ways, such as for building secure virtual private networks, to
`gain a secure access to a company network (as remote access IPSec
`use), or to secure communication with other organisations, ensuring
`authentication and confidentiality and providing a key exchange
`mechanism. Even if some applications already have built in security
`protocols, the use of IPSec further enhances the security. Ex. 1001
`[’302 Patent] 0004 (1:38-48).
`
`42. At the time of the invention, IPSec was described in “Security
`
`Architecture for the Internet Protocol,” issued by the Internet Engineering Task
`
`Force (IETF) Network Working Group as RFC 2401. See Ex. 1007 [Security
`
`Architecture for the Internet Protocol] (November 1998).
`
`43. RFC 2401 describes the fundamental features and processes of IPSec
`
`secure connections:
`
`This memo specifies the base architecture for IPsec compliant
`systems. The goal of the architecture is to provide various security
`services for traffic at the IP layer . . . The following fundamental
`components of the IPsec security architecture are discussed in terms
`of their underlying, required functionality . . .
`a. Security Protocols -- Authentication Header (AH) and
`Encapsulating Security Payload (ESP)
`b. Security Associations -- what they are and how they work,
`
`17
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 20
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`
`
`how they are managed, associated processing
`c. Key Management -- manual and automatic (The Internet Key
`Exchange (IKE))
`
`d. Algorithms for authentication and encryption
`
`Id., [Section 1.1: Summary of Contents of Document] 3.
`44. RFC 2401 is cited in the ’302 Patent. Ex. 1001 [’302 Patent] 0006
`
`(6:14-16). The ’302 Patent provides a detailed explanation of the features of IPSec:
`
`IPSec can encrypt and/or authenticate traffic at IP level. Traffic going
`in to a WAN is typically encrypted and/or authenticated and traffic
`coming from a WAN is decrypted and/or authenticated. . . . Two
`protocols are used to provide security at the IP layer, an authentication
`protocol designated by the header of the protocol, Authentication
`Header (AH), and a combined encryption/authentication protocol
`designated by the format of the packet for that protocol, Encapsulating
`Security Payload (ESP). Both AH and ESP are vehicles for access
`control based on the distribution of cryptographic keys and the
`management of traffic flows related to these security protocols.
`Ex. 1001 [’302 Patent] 0004 (1:49-61).
`45. The ’302 Patent describes fundamental concepts of IPSec secure
`
`connections. For example, Security Associations (SAs) are data structures that are
`
`fundamental to IPSec processing. Ex. 1001 [’302 Patent] (1:62-2:19). RFC 2401
`
`also discloses SAs as fundamental to IPSec processing. Ex. 1007 [RFC 2401] 3. I
`
`understand the key role of SAs in IPSec from my personal experience with that
`
`technology.
`
`18
`
`MPH Technologies Oy, Exhibit 2002
`Page 2002 - 21
`IPR2019-00821, Apple Inc. v. MPH Technologies Oy
`
`

`

`
`
`46. The ’302 Patent explains that an SA defines a one-way security
`
`relationship that protects the message traffic sent from sender to a receiver. If a
`
`two-way secure connection between the sender and receiver is desired, then two
`
`SA definitions are required. In some cases multiple SAs, referred to as an “SA
`
`bundle,” are used to protect a data packet being sent from one address to another.
`
`In the ’302 Patent, the term “IPsec connection” encompasses an IPSec bundle or
`
`IPSec bundles (e.g., one for each direction) of SAs that define the security
`
`protocols that will be employed for message traffic between two host devices, for
`
`example. Ex. 1001 [’302 Patent] 0004 (1:62-2:8).
`
`47. The ’302 Patent discloses that an SA is uniquely defined by three
`
`parameters: (1) the Security Parameters Index (SPI), (2) the IP destination address
`
`(Dst), and (3) the IPSec security protocol type (which can be an AH
`
`[Authentication Header] or an ESP [Encapsulated Security Payload]). Ex. 1001
`
`[’302 Patent] 0004 (2:9-19). For each IPSec connection a Security Association
`
`Database (SADB) stores the information for each SA, including items (1)-(3)
`
`above, as well as information defining the authe