`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`____________
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`____________
`
`GUEST TEK INTERACTIVE ENTERTAINMENT LTD.,
`
`Petitioner,
`
`v.
`
`NOMADIX, INC.,
`
`Patent Owner.
`
`U.S. Patent No. 8,606,917 to Short et al.
`Issued: December 10, 2013
`Filed: October 24, 2012
`
`Title: SYSTEMS AND METHODS FOR PROVIDING CONTENT AND
`SERVICES ON A NETWORK SYSTEM
`
`____________
`
`IPR2019-01191
`____________
`
`PETITION FOR INTER PARTES REVIEW OF
`U.S. PATENT NO. 8,606,917
`
`
`FILED ELECTRONICALLY UNDER 37 C.F.R. § 42.6(b)(1)
`Mail Stop “PATENT BOARD”
`Patent Trial and Appeal Board
`U.S. Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`
`
`
`
`
`I.
`
`TABLE OF CONTENTS
`INTRODUCTION ........................................................................................... 1
`
`II. MANDATORY NOTICES UNDER 37 C.F.R. § 42.8 ................................... 2
`
`A.
`
`B.
`
`C.
`
`Real Party-in-Interest [37 C.F.R. § 42.8(b)(1)] ..................................... 2
`
`Related Matters [37 C.F.R. § 42.8(b)(2)] .............................................. 3
`
`Lead and Backup Counsel; Service Information [37 C.F.R. §§
`42.8(b)(3)-(4)] ....................................................................................... 3
`
`III. REQUIREMENTS UNDER 37 C.F.R. §§ 42.103 and 42.104 ....................... 4
`
`A.
`
`B.
`
`Payment of Fees [37 C.F.R. § 42.103] .................................................. 4
`
`Grounds for Standing [37 C.F.R. § 42.104(a)] ..................................... 4
`
`IV. RELIEF REQUESTED [37 C.F.R. § 42.22(a)] .............................................. 4
`
`V.
`
`THE ’917 PATENT ......................................................................................... 5
`
`A. Overview of Patent ................................................................................ 5
`
`B.
`
`C.
`
`D.
`
`E.
`
`Claims at Issue ....................................................................................... 7
`
`Prosecution History ............................................................................... 9
`
`The Effective Filing Date for Claims 1 and 11 Is October 24, 2012. . 11
`
`Claim Construction ............................................................................. 18
`
`VI. PERSON OF ORDINARY SKILL IN THE ART ........................................ 19
`
`VII. PRIOR ART ................................................................................................... 19
`
`A.
`
`’578 Patent (Ex. 1004) ........................................................................ 22
`
`B. Whyte Publication (Ex. 1005) ............................................................. 26
`
`
`
`i
`
`
`
`
`
`C.
`
`’474 Patent (Ex. 1006) ........................................................................ 27
`
`D. NIST Publication (Ex. 1007) ............................................................... 30
`
`VIII. CLAIMS 1 AND 11 ARE OBVIOUS OVER THE ’578 PATENT IN VIEW
`OF THE WHYTE PUBLICATION. ............................................................. 31
`
`A.
`
`B.
`
`The combination of the ’578 patent and Whyte Publication discloses
`all limitations of claims 1 and 11. ....................................................... 32
`
`A POSITA would have been motivated to combine the ’578 patent
`and Whyte Publication to arrive at claims 1 and 11. .......................... 43
`
`IX. CLAIMS 1 AND 11 ARE OBVIOUS OVER THE ’578 PATENT IN VIEW
`OF THE WHYTE PUBLICATION AND FURTHER IN VIEW OF THE
`’474 PATENT. ............................................................................................... 48
`
`A.
`
`B.
`
`The combination of the ’578 patent, Whyte Publication, and ’474
`patent discloses all limitations of claims 1 and 11. ............................. 48
`
`A POSITA would have been motivated to combine the ’578 patent,
`Whyte Publication, and ’474 patent to arrive at claims 1 and 11. ...... 51
`
`X.
`
`CLAIMS 1 AND 11 ARE OBVIOUS OVER THE ’474 PATENT IN VIEW
`OF THE NIST PUBLICATION. ................................................................... 54
`
`A.
`
`B.
`
`The ’474 patent and NIST Publication disclose all limitations of
`claims 1 and 11. ................................................................................... 55
`
`A POSITA would have been motivated to combine the ’474 Patent
`and NIST Publication to arrive at claims 1 and 11. ............................ 63
`
`XI. CONCLUSION .............................................................................................. 67
`
`
`
`
`
`
`
`ii
`
`
`
`
`
`TABLE OF AUTHORITIES
`
` Page(s)
`
`Cases
`Ariad Pharm., Inc. v. Eli Lilly & Co.,
`598 F.3d 1336 (Fed. Cir. 2010) .................................................................... 12, 17
`D Three Enterprises, LLC v. SunModo Corp.,
`890 F.3d 1042 (Fed. Cir. 2018) .................................................................... 11, 14
`Knowles Elecs. LLC v. Cirrus Logic, Inc.,
`883 F.3d 1358 (Fed. Cir. 2018) .................................................................... 14, 17
`Nomadix, Inc. v. Guest Tek Interactive Entertainment Ltd.,
`Case No. 2:16-CV-08033-AB-FFM ..................................................................... 3
`Statutes
`35 U.S.C. § 102 ........................................................................................................ 19
`35 U.S.C. § 103 .................................................................................... 2, 4, 46, 52, 65
`35 U.S.C. § 135(b) ..................................................................................................... 9
`35 U.S.C. § 311 .......................................................................................................... 1
`35 U.S.C. §§ 315(a)-(b) ............................................................................................. 4
`35 U.S.C. § 325(d) ................................................................................................... 10
`Other Authorities
`37 C.F.R. § 42.8 ..................................................................................................... 2, 3
`37 C.F.R. § 42.22(a) ................................................................................................... 4
`37 C.F.R. § 42.100 ............................................................................................... 1, 17
`37 C.F.R. §§ 42.101 – 42.103 .................................................................................... 4
`37 C.F.R. § 42.103 ..................................................................................................... 4
`iii
`
`
`
`
`
`
`
`37 C.F.R. §§ 42.103 ................................................................................................... 4
`37 C.F.R. §§ 42.103 ................................................................................................... 4
`37 CFR § 41.202 ...................................................................................................... 10
`37 CFR § 41.202 ...................................................................................................... 10
`37 C.F.R. § 42.100 ............................................................................................... 1, 10
`37 C.F.R. § 42.100 ............................................................................................... 1, 10
`37 C.F.R. §§ 42.101 – 42.104 .................................................................................... 4
`37 C.F.R. §§ 42.101 — 42.104 .................................................................................... 4
`
`
`
`
`
`iv
`
`iV
`
`
`
`
`
`
`
`Exhibit No.
`1001
`1002
`1003
`1004
`
`1005
`
`1006
`
`1007
`
`1008
`1009
`1010
`1011
`
`1012
`
`1013
`
`1014
`
`1015
`
`LISTING OF EXHIBITS
`
`Description
`U.S. Patent No. 8,606,917
`Declaration of Dr. Peter Dordal
`U.S. Patent Application No. 09/693,060
`U.S. Patent No. 8,046,578
`David Whyte et al., DNS-based Detection of Scanning
`Worms in an Enterprise Network, Proceedings of the 12th
`Annual Network and Distributed System Security
`Symposium, San Diego, USA (Feb. 3-4, 2005)
`U.S. Patent No. 6,463,474
`John Wack et al., Keeping Your Site Comfortably Secure:
`An Introduction to Internet Firewalls, NIST Special
`Publication 800-10 (Dec. 1994)
`Dictionary definitions
`U.S. Patent No. 6,226,677
`U.S. Patent No. 6,389,462
`U.S. Patent No. 6,158,008
`Chapter 6 of Building Internet Firewalls by D Brent
`Chapman and Elizabeth D Zwicky, published in 1995 by
`O’Reilly & Associates
`Secure Public Internet Access Handler (SPINACH), Elliot
`Poger, Mary G. Baker, Computer Science Department,
`Stanford University, originally published in the Proceedings
`of the USENIX Symposium on Internet Technologies and
`Systems, Monterey, California, December 1997
`Chapman, Network (In)Security Through IP Packet
`Filtering, Published in Proceedings of the Third USENIX
`UNIX Security Symposium; Baltimore, MD; September,
`1992
`Duane Wessels Squid and ICP: Past, Present, and Future,
`Proceedings of the Australian Unix Users Group. September
`1997, Brisbane, Australia
`
`v
`
`
`
`
`
`
`
`
`
`TAPI: Transactions for Accessing Public Infrastructure Matt
`Blaze, John Ioannidis, Sotiris Ioannidis , Angelos D.
`Keromytis , Pekka Nikander , and Vassilis Prevelakis,
`Proceedings of Personal Wireless Communications: IFIP-
`TC6 8th international conference, PWC 2003, Venice, Italy,
`September 23-25, 2003
`Wireless Hacking: Projects for Wi-Fi Enthusiasts, by Lee
`Barken, Eric Bermel, John Eder, Matt Fanady, Alan
`Koebrick, Michael Mee, and Marc Palumbo, and published
`in November 2004 by Syngress Publishing
`Cisco Subscriber Edge Services Manager Solutions Guide
`(September 2003)
`Affidavit of Christopher Butler of Internet Archive
`Printout from www.ndss-symposium.org
`U.S. patent application no. 60/160,890
`U.S. patent application no. 60/111,497
`
`1016
`
`1017
`
`1018
`1019
`1020
`1021
`1022
`
`
`
`vi
`
`
`
`
`
`I.
`
`INTRODUCTION
`Guest Tek Interactive Entertainment Ltd. petitions for inter partes review, in
`
`accordance with 35 U.S.C. § 311 and 37 C.F.R. § 42.100, and cancellation of
`
`claims 1 and 11 of U.S. Patent No. 8,606,917 (Ex. 1001, “’917 patent”)
`
`purportedly owned by Nomadix, Inc.
`
`The alleged invention of the ’917 patent involves “managing and providing
`
`content and services on a network system” using concepts known as captive portals
`
`and white lists. Ex. 1001, Abstract. But those concepts were well-known before
`
`the patent’s 2012 filing. In fact, they were disclosed in detail in Hewlett Packard’s
`
`U.S. Patent No. 8,046,578 (“’578 patent,” Ex. 1004) filed in 2005. The claims that
`
`issued from that prior art patent – which the applicant for the ’917 patent
`
`admittedly copied – recite language that is almost identical to the language of the
`
`challenged claims.
`
`Although the ’917 patent applicant identified the ’578 patent during
`
`prosecution, it never identified the patent as prior art or properly suggested an
`
`interference proceeding to determine whether it was prior art. Nor is there any
`
`indication that the Office reviewed or considered the ’578 patent; other than being
`
`cursorily cited in the application transmittal letter, the patent was never mentioned
`
`or discussed during prosecution.
`
`
`
`1
`
`
`
`
`
`As explained below, the ’917 patent is not entitled to any priority date before
`
`its 2012 filing. Thus, the ’578 patent, at a minimum, renders both challenged
`
`claims obvious in view of other prior art, including an Internet Society publication
`
`titled DNS-based Detection of Scanning Worms in an Enterprise Network,
`
`Proceedings of the 12th Annual Network and Distributed System Security
`
`Symposium, San Diego, USA (Feb. 3-4, 2005) (“Whyte Publication,” Ex. 1005).
`
`Alternatively, other prior art identified herein disclosed all limitations of the claims
`
`at least by early 1999.
`
`In addition, as Dr. Peter Dordal, an expert in the field who qualified as a
`
`person of ordinary skill in the art at the relevant time, explains in his
`
`accompanying declaration (Exhibit 1002, “Dr. Dordal Decl.”), a skilled artisan
`
`would have been motivated to combine the relevant aspects of the prior art to
`
`arrive at the challenged claims.
`
`For these reasons, claims 1 and 11 of the ’917 patent are invalid as obvious
`
`under 35 U.S.C. § 103.
`
`II. MANDATORY NOTICES UNDER 37 C.F.R. § 42.8
`A. Real Party-in-Interest [37 C.F.R. § 42.8(b)(1)]
`Guest Tek Interactive Entertainment Ltd. is the real party-in-interest.
`
`
`
`
`
`
`
`2
`
`
`
`
`
`B. Related Matters [37 C.F.R. § 42.8(b)(2)]
`Nomadix is currently asserting the ’917 patent against Guest Tek in claims
`
`for breach of a license agreement in Nomadix, Inc. v. Guest Tek Interactive
`
`Entertainment Ltd., Case No. 2:16-CV-08033-AB-FFM, pending in the United
`
`States District Court for the Central District of California (“the Litigation”). Guest
`
`Tek has filed petitions for inter partes review of related U.S. patent nos. 8,266,266
`
`(IPR2018-00376 and IPR2018-01668), 8,626,922 (IPR2019-00253), 7,953,857
`
`(IPR2019-00211), and 8,725,899 (IPR2018-00392 and IPR2018-01660), which are
`
`currently pending.
`
`C. Lead and Backup Counsel; Service Information [37 C.F.R. §§
`42.8(b)(3)-(4)]
`Guest Tek’s lead counsel is:
`
`Jeffrey W. Lesovitz (Reg. No. 63,461)
`Baker & Hostetler LLP
`Cira Centre, 12th Floor
`Philadelphia, PA 19104-2891
`T (215) 568-3100
`F (215) 568-3439
`jlesovitz@bakerlaw.com
`
`Guest Tek’s backup counsel are:
`
`
`
`
`
`
`
`
`
`
`
`
`Steven J. Rocci (Reg. No. 30,489)
`Baker & Hostetler LLP
`Cira Centre, 12th Floor
`Philadelphia, PA 19104-2891
`3
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`T (215) 568-3100
`F (215) 568-3439
`srocci@bakerlaw.com
`
`Daniel J. Goettle (Reg. No. 50,983)
`Baker & Hostetler LLP
`Cira Centre, 12th Floor
`Philadelphia, PA 19104-2891
`T (215) 568-3100
`F (215) 568-3439
`dgoettle@bakerlaw.com
`
`Please direct all correspondence about this petition to lead counsel. Guest
`
`Tek also consents to email service at Guest-TekIPR@bakerlaw.com.
`
`III. REQUIREMENTS UNDER 37 C.F.R. §§ 42.103 and 42.104
`A. Payment of Fees [37 C.F.R. § 42.103]
`Guest Tek authorizes the USPTO to charge Deposit Account No. 233050 for
`
`all fees associated with this petition.
`
`B. Grounds for Standing [37 C.F.R. § 42.104(a)]
`Petitioner is not barred or estopped from requesting inter partes review of
`
`any claim of the ’917 patent under 35 U.S.C. §§ 315(a)-(b) or 37 C.F.R. §§ 42.101
`
`– 42.103.
`
`IV. RELIEF REQUESTED [37 C.F.R. § 42.22(a)]
`Guest Tek requests inter partes review and cancellation of claims 1 and 11
`
`of the ’917 patent. Under pre-AIA 35 U.S.C. § 103(a), claims 1 and 11 are invalid
`
`
`
`4
`
`
`
`
`
`based on the following grounds:
`
`Ground 1: Claims 1 and 11 would have been obvious to a person of
`
`ordinary skill in the art over the ’578 patent in view of the Whyte Publication;
`
`Ground 2: Claims 1 and 11 would have been obvious to a person of
`
`ordinary skill in the art over the ’578 patent in view of the Whyte Publication and
`
`further in view of U.S. Patent No. 6,463,474 (Ex. 1006, “’474 patent”); and
`
`Ground 3: Claims 1 and 11 would have been obvious to a person of
`
`ordinary skill in the art over the ’474 patent in view of John Wack et al., Keeping
`
`Your Site Comfortably Secure: An Introduction to Internet Firewalls, NIST Special
`
`Publication 800-10 (Dec. 1994) (Ex. 1007; “NIST Publication”).
`
`V. THE ’917 PATENT
`A. Overview of Patent
`The ’917 patent purports to describe systems and methods for “managing
`
`and providing content and services on a network system.” Abstract. It discloses a
`
`network access controller that receives a request in TCP format from a source
`
`computer, such as a laptop, for access to the Internet or other network. The
`
`information in the request includes the IP address of the source device, as well as
`
`the IP address of the destination that the device is trying to communicate with.
`
`
`
`5
`
`
`
`
`
`’917 patent at 3:57-61. The access controller uses that information to decide
`
`whether the source device is authorized to access the network.
`
`The specific embodiments related to claims 1 and 11 are described in the
`
`Summary section of the patent, which explains that, after receiving the request, the
`
`access controller determines whether authentication is required before network
`
`access is granted. It does so by comparing the source IP address with the IP
`
`addresses contained in profiles of authorized source devices. If the source IP
`
`address is included in a profile of an authorized source device, the source device is
`
`granted access without further authorization. 3:60-4:1.
`
`If it is not, the access controller determines whether the destination IP
`
`address is included in a plurality of destination IP addresses associated with the
`
`controller. 4:1-8. If the destination IP address is included in the plurality of
`
`addresses, the source device is granted access without further authorization. Such
`
`lists of authorized IP addresses were known in the art as “white lists.” Dr. Dordal
`
`Decl. ¶¶ 18, 70-88.
`
`If the destination address is not included in the white list, the source device
`
`is redirected to a login page for entering credentials. Once the credentials have
`
`been verified, the source device is allowed network access. ’917 patent at 4:9-17.
`
`This feature was known in the prior art as a “captive portal.” Dr. Dordal Decl. ¶¶
`
`
`
`6
`
`
`
`
`
`19, 68-69, 84-88. Captive portals involved automatically directing a user to a
`
`landing or login page that requires, for example, authentication or payment before
`
`granting network access. Id. ¶ 68.
`
`B. Claims at Issue
`Claim 1 is reproduced as follows, with lettering added for clarity of the
`
`discussion below:
`
`A method for granting access to a computer network, comprising:
`
`[1.A] receiving at an access controller a request to access the
`network from a source computer, the request including a transmission
`control protocol (TCP) connection request having a source IP address
`and a destination IP address;
`
`[1.B] determining by the access controller whether the source
`computer must login to access the network, including:
`
`[1.C] comparing the source IP address with profiles of authorized
`source devices, each profile including an IP address, wherein if the
`source IP address is included in a profile of an authorized source device,
`the source device is granted access without further authorization, and
`
`[1.D] if the source IP address is not included in a profile
`associated with an authorized source device, then determining whether
`the destination IP address is included in a plurality of destination IP
`addresses associated with the access controller, wherein if the
`destination IP address is included in the plurality of destination IP
`
`
`
`7
`
`
`
`
`
`addresses, the source device is granted access without further
`authorization, and
`
`[1.E] if the destination IP address is not included in the plurality
`of destination IP addresses, then the access controller determines the
`source device must be authorized to access the network and provides
`the source device with a login page;
`
`[1.F] using the access controller to authenticate credentials
`provided from the source device via the login page; and
`
`[1.G] authorizing the source device access to the network if the
`provided credentials are authenticated.
`
`Claim 11 recites mostly the same claim limitations in system form:
`
`A system for providing network access to a source device
`comprising:
`[11.A] an access controller configured to receive a request to
`access the network from the source device, the request including a
`transmission control protocol (TCP) connection request having a source
`IP address and a destination IP address,
`[11.B] the access controller further configured to redirect the
`source device to a login page if it is determined that authentication is
`required prior to network access being granted, the authentication based
`on
`
`[11.C] comparing the source IP address with profiles of
`authorized source devices, each profile including an IP address,
`wherein if the source IP address is included in a profile of an authorized
`
`
`
`8
`
`
`
`
`
`source device, the source device is granted access without further
`authorization, and
`[11.D] if the source IP address is not included in a profile
`associated with an authorized device, then determining whether the
`destination IP address is included in a plurality of destination IP
`addresses associated with the access controller, wherein if the
`destination IP address is included in the plurality of destination IP
`addresses, the source device is granted access without further
`authorization, and
`[11.E] if the destination IP address is not included in the plurality
`of destination IP addresses, then the access controller authorizes
`network access to the computing device after authenticating user
`credentials received from the source device via the login page have
`been authenticated.
`
`C. Prosecution History
`The application for the ’917 patent was filed on October 24, 2012. In the
`
`transmittal letter filed on the same date, the applicant noted, under the heading
`
`“Notification of Copied Claims,” that “[i]n accordance with 35 U.S.C. § 135(b), [it
`
`has] copied claims 1-12 of [the ’578 patent]” and that “[c]laims 1-12 [of the ’578
`
`patent] correspond to claims 1-7 and 11-14 of the…application” for the ’917
`
`patent. The applicant did not, however, suggest that the Office declare an
`
`interference or identify the ’578 patent on an Information Disclosure Statement.
`
`
`
`9
`
`
`
`
`
`The Office subsequently issued a Notice of Allowance on July 25, 2013,
`
`without any rejections or other Office Action. Therefore, issued claims 1 and 11
`
`were the same as the as-filed versions of those claims. The stated reason for
`
`allowance was that the prior art of record did not disclose, teach, or suggest
`
`limitations 1.C, 1.D, and 1.E or the corresponding limitations of claim 11. The
`
`’917 patent issued on December 10, 2013.
`
`The Whyte Publication, ’474 patent, and NIST Publication were not cited or
`
`considered during prosecution of the ’917 patent.
`
`Although the ’578 patent was mentioned in the initial transmittal letter, there
`
`is no indication that the Office reviewed or considered that reference during
`
`prosecution. The ’578 patent was not discussed or even mentioned anywhere in
`
`the prosecution history besides the initial transmittal letter. There is no indication
`
`that the Office was even aware that the ’578 patent qualified as prior art. Indeed,
`
`the ’917 patent claims priority to at least thirteen different applications, which
`
`incorporate various other applications and materials by reference. The Office was
`
`not required to determine the proper priority date under the MPEP, and there is no
`
`indication that that substantial undertaking was performed. Nor did the Office
`
`conduct an interference to determine whether the ’917 was entitled to priority over
`
`the ’578 patent, as the applicant failed to submit the requisite information under 37
`
`
`
`10
`
`
`
`
`
`CFR § 41.202 to suggest an interference.
`
`For these reasons, the Board should not use its discretion to deny institution
`
`under 35 U.S.C. § 325(d) as to the ’578 patent. The Office did not rely on the ’578
`
`patent as a basis for rejection, and there is no indication that it even considered the
`
`’578 patent prior art. Moreover, as demonstrated below, the ’578 patent discloses,
`
`almost verbatim, the limitations that the Office found missing from the prior art in
`
`its reasons for allowance.
`
`D. The Effective Filing Date for Claims 1 and 11 Is October 24, 2012.
`The named inventors on the ’917 patent and its prior related applications
`
`appear to have either passed away (Joel E. Short) or terminated their relationship
`
`with Patent Owner (Florence C. I. Pagan and Joshua J. Goldstein) many years
`
`before the ’917 patent was filed. Nonetheless, Patent Owner and its prosecuting
`
`attorneys, who are also counsel in the Litigation, continue to file applications that
`
`improperly expand the scope of what was originally conceived of by the named
`
`inventors. The ’917 patent is a prime example of this – despite claiming priority to
`
`numerous applications, the prior applications no longer support what Patent Owner
`
`and its attorneys claimed. As a result, the challenged claims are not entitled to any
`
`priority date before their October 24, 2012 filing.
`
`For a claim to be entitled to the benefit of an earlier application, the earlier
`
`
`
`11
`
`
`
`
`
`application must include written description for the claim. Written description
`
`“requires a precise definition” of the invention. D Three Enterprises, LLC v.
`
`SunModo Corp., 890 F.3d 1042, 1047 (Fed. Cir. 2018). The written description
`
`“must clearly allow [a POSITA] to recognize that the inventor invented what is
`
`claimed,” such that “the disclosure of the application relied upon reasonably
`
`conveys to [a POSITA] that the inventor had possession of the claimed subject
`
`matter as of the filing date.” Ariad Pharm., Inc. v. Eli Lilly & Co., 598 F.3d 1336,
`
`1351 (Fed. Cir. 2010).
`
`As explained below, the relevant prior art date of the ’578 patent is April 14,
`
`2005. The next earliest application that the ’917 patent claims priority to before
`
`that date is U.S. patent application no. 09/693,060 (“’060 application,” Ex. 1003),
`
`filed on October 20, 2000. However, as Dr. Dordal confirms, neither the ’060
`
`application nor any other application to which the ’917 patent claims priority
`
`discloses the limitations of claims 1 and 11. The undisclosed limitations include at
`
`least: (1) “comparing the source IP address with profiles of authorized source
`
`devices, each profile including an IP address” (limitations 1.C and 11.C);
`
`(2) “determining whether the destination IP address is included in a plurality of
`
`destination IP addresses associated with the access controller” (1.D, 11.D); and
`
`
`
`12
`
`
`
`
`
`(3) the combination of the two preceding undisclosed limitations and limitations.
`
`Dr. Dordal Decl. ¶¶ 22-53.
`
` Missing limitation 1: “comparing the source IP address”
`
` First, the prior applications nowhere disclose limitations 1.C and 11.C,
`
`which require comparing the source “IP address” with “profiles of authorized
`
`source devices” that include IP addresses. The ’060 application mentions:
`
`[A]ttributes transmitted via the packet are temporarily stored in the
`source profile database so that the data can be examined for use in
`determining authorization rights of the source. The attributes…can
`include network information, source IP address, source port, link layer
`information, source MAC address, VLAN tag, circuit ID, destination
`IP address, destination port, protocol type, packet type, and the
`like….[A]ccess requested from a source is matched against the
`authorization of that source....
`
`Ex. 1003 at 17:25-18:2. However, neither this nor any other paragraph discloses
`
`claim 1 and 11’s specific limitations reciting (i) comparing the source IP address of
`
`incoming packets with profiles of authorized source devices; (ii) that each profile
`
`includes an IP address; or (iii) that the source device is granted access without
`
`further authorization if its IP address is included in a profile. To the contrary, as
`
`Dr. Dordal confirms, the specific embodiments disclosed in the ’060 application
`
`involve accessing a source profile using a MAC address, User ID, or VLAN ID.
`
`
`
`13
`
`
`
`
`
`They do not mention comparing source IP addresses against other IP addresses, let
`
`alone IP addresses in profiles. Dr. Dordal Decl. ¶¶ 27, 29-35.
`
`Moreover, disclosing a general idea in a patent application as in the portion
`
`of columns 17 and 18 shown above (i.e., determining authorization rights from
`
`attributes transmitted by a packet) does not provide written description support of a
`
`specific means of implementing that idea (i.e., authorizing access based
`
`specifically on a source IP address, as in claims 1 and 11). See Knowles Elecs.
`
`LLC v. Cirrus Logic, Inc., 883 F.3d 1358, 1367-68 (Fed. Cir. 2018) (finding lack
`
`of adequate written description where only general soldering was disclosed, but
`
`claims disclosed a specific means of soldering). And, “[i]t is not sufficient…that
`
`the disclosure, when combined with the knowledge in the art, would lead one to
`
`speculate as to the modifications that the inventor might have envisioned, but
`
`failed to disclose.” D Three Enters., 890 F.3d at 1050.
`
` Missing limitation 2: “determining whether the destination IP
`address is included in a plurality of destination IP addresses”
`
`
`Second, the prior applications fail to disclose “determining whether the
`
`destination IP address is included in a plurality of destination IP addresses
`
`associated with the access controller” (limitations 1.D, 11.D). Dr. Dordal Decl. ¶¶
`
`27, 50-53. The ’060 application mentions storing packet “attributes,” which may
`
`include a destination IP address, so that the data can be “examined for use in
`14
`
`
`
`
`
`
`
`determining authorization rights of the source.” Ex. 1005 at 17:25-18:2. But the
`
`application nowhere discloses the specific requirements of (i) “comparing” the
`
`destination IP address against a “plurality of authorized destination IP addresses”;
`
`or (ii) any destination IP address “associated with the access controller,” such as a
`
`white list maintained by the controller that contains destination IP addresses
`
`accessible to devices in general.
`
`One provisional application to which the ’917 patent claims priority, U.S.
`
`patent application no. 60/160,890 (“’890 provisional”) filed on October 22, 1999
`
`(Exhibit 1021),1 attaches a “User Guide” for a “Universal Subscriber Gateway”
`
`that instructs that, during configuration, the system prompts the administrator for
`
`“pass-through IP addresses…that allow users to ‘pass through’ the [gateway] and
`
`access predetermined services…even if they are not currently subscribing…for
`
`access.” Ex. A to Ex. 1021 at 45. However, even this instruction fails to disclose
`
`that the gateway allows a user to pass through the gateway specifically by
`
`
`1 Although the ’917 patent also cites a provisional application, No. 60/111,497
`
`(Exhibit 1022), filed in 1998, that application contains even less disclosure of the
`
`limitations of claims 1 and 11, including limitations 1.C, 1.D, 11.C, and 11.D. Dr.
`
`Dordal Decl. ¶ 126 n.2.
`
`
`
`15
`
`
`
`
`
`comparing a destination IP address in a TCP connection request against a list of the
`
`pass-through IP addresses. Dr. Dordal Decl. ¶ 51. Nor does the User Guide
`
`disclose the other claim limitations missing from the ’060 application. Id.
`
` Missing limitation 3: limitations 1.C/11.C and 1.D/11.D in
`combination
`
`Third, even if the ’060 application did separately disclose all of the above
`
`limitations (which it does not), the application does not disclose both
`
`(1) comparing the source IP address with profiles of authorized source devices,
`
`and (2) if the source IP address is not included in a profile associated with an
`
`authorized device, then comparing the destination IP address against a plurality of
`
`authorized destination IP addresses, as in claims 1 and 11. No prior application
`
`discloses all requirements of these limitations together in sequence or otherwise.
`
`Dr. Dordal Decl. ¶¶ 27, 36-49.
`
`Moreover, even if one prior related application disclosed missing limitation
`
`1, and another prior application disclosed missing limitation 2, Dr. Dordal
`
`confirmed that a POSITA would not have understood the embodiments in those
`
`applications to be compatible such that they could be combined to arrive at missing
`
`limitation 3. For example, a POSITA employing the gateway device disclosed in
`
`the ‘060 application would understand the ‘060 application to require source
`
`profile authentication, which would be incompatible with allowing network access
`16
`
`
`
`
`
`
`
`based solely on a destination IP address matching a list of authorized destination IP
`
`addresses.2 Dr. Dordal Decl. ¶ 51 n.1.
`
`Consequently, the October 12, 2012 application that issued as the ’917
`
`patent was the first application to arguably disclose limitations 1.C, 1.D, 11.C, and
`
`11.D. See, e.g., Ex. 1001 at 4:27-43. It disclosed “comparing the source IP
`
`address with profiles of authorized source devices….[I]f the source IP address is
`
`not included in a profile associated with an authorized source device, then
`
`determining whether the destination IP address is includ