IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`Nehushtan et al.
`In re Patent of:
`9,642,002 Attorney Docket No.: 50095-0122IP1
`U.S. Patent No.:
`May 2, 2017
`
`Issue Date:
`Appl. Serial No.: 14/591,947
`
`Filing Date:
`January 8, 2015
`
`Title:
`CELLULAR DEVICE SECURITY APPARATUS AND METHOD
`
`
`
`Mail Stop Patent Board
`Patent Trial and Appeal Board
`U.S. Patent and Trademark Office
`P.O. Box 1450
`Alexandria, VA 22313-1450
`
`
`
`PETITION FOR INTER PARTES REVIEW OF UNITED STATES PATENT
`NO. 9,642,002 PURSUANT TO 35 U.S.C. §§ 311–319, 37 C.F.R. § 42
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`TABLE OF CONTENTS
`
`I.
`
`II.
`
`REQUIREMENTS .......................................................................................... 1
`A. Grounds for Standing ................................................................................ 1
`B. Challenge and Relief Requested ............................................................... 1
`
`THE ’002 PATENT ......................................................................................... 3
`A. ’002 Patent Specification .......................................................................... 3
`B. Prosecution History ................................................................................... 7
`C. Claim Construction ................................................................................... 7
`
`III. THE CHALLENGED CLAIMS ARE UNPATENTABLE ............................ 8
`A. [GROUND 1] – Shahbazi Renders Obvious Claims 1-29 ....................... 8
`1.
`Shahbazi .......................................................................................... 8
`2.
`Shahbazi Under §103 ....................................................................12
`3.
`Claim 1 ..........................................................................................14
`4.
`Elements of Claim 5 and 24 ..........................................................30
`5.
`Claims 2-4 .....................................................................................32
`6.
`Claims 6-15, 21 .............................................................................34
`7.
`Elements of Claims 16-20, 22, 23, 25-29 ......................................46
`B. [GROUND 2A] – Fam and Geiger Render Obvious Claims 1-10, 13-19,
`21-25, 27-29 ............................................................................................47
`1.
`Fam ................................................................................................47
`2. Geiger ............................................................................................50
`3.
`The Fam-Geiger Combination ......................................................53
`4.
`Claim 1 ..........................................................................................54
`5.
`Elements of Claims 5 and 24 .........................................................66
`6.
`Claims 2-4 .....................................................................................68
`7.
`Claims 6-10, 13-15, 21 ..................................................................71
`8.
`Elements of Claims 15-19, 22, 23, 25, 27-29................................76
`C. [GROUND 2B] – Fam, Geiger, and Shirai Render Obvious Claims 11,
`12, 20, 26 .................................................................................................77
`1.
`Shirai..............................................................................................77
`2.
`The Fam-Geiger-Shirai Combination ...........................................77
`3.
`Claims 11, 12 .................................................................................79
`4.
`Elements of Claims 20, 26 ............................................................80
`
`IV. PTAB DISCRETION SHOULD NOT PRECLUDE INSTITUTION ..........81
`
`V.
`
`FEES ..............................................................................................................84
`
`VI. CONCLUSION ..............................................................................................84
`
`i
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`VII. MANDATORY NOTICES UNDER 37 C.F.R § 42.8(a)(1) .........................84
`A. Real Party-In-Interest Under 37 C.F.R. § 42.8(b)(1)..............................84
`B. Related Matters Under 37 C.F.R. § 42.8(b)(2) .......................................84
`C. Lead And Back-Up Counsel Under 37 C.F.R. § 42.8(b)(3) ...................84
`D. Service Information ................................................................................85
`
`
`
`
`
`
`
`ii
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`EXHIBITS
`
`APPLE-1001
`
`U.S. Patent 9,642,002 to Nehushtan et al. (“the ’002 patent”)
`
`APPLE-1002
`
`Excerpts from the Prosecution History of the ’002 patent (“the
`Prosecution History”)
`
`APPLE-1003
`
`Declaration of Dr. Patrick G. Traynor
`
`APPLE-1004
`
` U.S. Patent No. 8,635,661 (“Shahbazi”)
`
`APPLE-1005
`
` U.S. Patent No. 7,181,726 (“Fam”)
`
`APPLE-1006
`
` U.S. Patent No. 6,463,534 (“Geiger”)
`
`APPLE-1007
`
` U.S. Patent Application Publication No. 2001/0051519
`(“Shirai”)
`
`
`
`APPLE-1008
`
` Klemetti, Aarne, “PDA Operating Systems,” EVTEK, Media
`Technology, 2002
`
`APPLE-1009
`
`
`
`“The Symbian Platform Version 6.0: Power and Innovation,”
`The Wayback Machine (accessed 10/11/2022), available at
`https://web.archive.org/web/20010303233643/http://www.symb
`iandevnet.com
`
`APPLE-1010
`
` RNN Trust’s Complaint for Patent Infringement in R.N
`Nehushtan Trust Ltd. v. Apple Inc., 3:22-cv-01832 (N.D.Cal.
`March 23, 2021) (“Infringement Complaint”)
`
`APPLE-1011
`
` U.S. Provisional Application No. 60/531,668 (“Shahbazi
`Provisional”)
`
`APPLE-1012
`
` United States Department of Defense, Department of Defense
`Standard, “Trusted Computer System Evaluation Criteria”,
`DoD 5200.28-STD
`
`iii
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`APPLE-1013
`
` Polly Sprenger, “Pirates Sneer at Intel Chip,” Wired, 22 Jan.
`1999, https://www.wired.com/1999/01/pirates-sneer-at-intel-
`chip/
`
`APPLE-1014
`
`
`
`Jason Miller, “10 Years Later, CAC is securely part of DoD,”
`Federal News Network, 23 Feb. 2011,
`https://federalnewsnetwork.com/defense/2011/02/10-years-
`later-cac-is-securely-part-of-dod/
`
`APPLE-1015
`
` Arnis Parsovs, “Estonian Electronic Identity Card: Security
`Flaws in Key Management”, USENIX Security 2020
`
`APPLE-1016
`
` C. Stephen Carr, “Network Subsystem for Time Sharing
`Hosts”, IETF RFC 15, 25 September, 1969
`
`APPLE-1017
`
`
`
`ITU-T Recommendation E.212 (1993)
`
`APPLE-1018
`
` GSMA, https://www.gsma.com/aboutus/history, Accessed 16
`November 2022
`
`APPLE-1019
`
` Research in Motion, 2001 Annual Report
`
`APPLE-1020
`
` U.S. Patent No. 7,239,877 (“Corneille”)
`
`APPLE-1021
`
` GSM 03.48 v8.0.0 (1999-07)
`
`APPLE-1022
`
` U.S. Patent Application Publication No. 2006/0031407
`(“Dispensa”)
`
`APPLE-1023
`
` Sascha Segan, “The Evolution of the Blackberry, From 957 to
`Z10,” PCMag, 28 Jan. 2013, https://www.pcmag.com/news/the-
`evolution-of-the-blackberry-from-957-to-z10 (APPLE-1023)
`
`APPLE-1024
`
` Symbian S600, https://nokia.fandom.com/wiki/Symbian_S60,
`Accessed 16 Nov. 2022 (APPLE-1024)
`
`APPLE-1025
`
`November 22, 2022 Letter to John L. North
`
`
`
`iv
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`LISTING OF CHALLENGED CLAIMS
`
`Claim Identifier Claim Language
`
`1
`
`[1.1]
`
`[1.2]
`
`[1.3]
`
`[1.4]
`
`[1.5]
`
`[1.6]
`
`[1.7]
`
`2
`
`[2]
`
`A cellular communication device comprising a
`processor, a memory, and a data mode allowing reading
`and writing of data into said memory and changing of
`settings on said cellular communication device,
`
`said settings comprising personal data, device
`configuration data and technical data relating to the
`specific device;
`
`wherein: said cellular communication device further
`comprising an access restrictor to restrict use of said
`data mode in accordance with a device unique security
`setting,
`
`the device unique security setting provided remotely to
`said cellular communication device using a
`predetermined security protocol; and
`
`wherein said device unique security setting is obtained
`remotely by the cellular communication device before
`the data mode is used by said cellular communication
`device,
`
`said data mode being usable over a cellular network
`using an active connection;
`
`the device being configured to perform one member of
`the group consisting of: enabling said cellular
`communication device to use said data mode when said
`cellular communication device determines that said
`device unique security setting is correct; and disabling
`said data mode when said active connection is not
`active.
`
`The cellular device of claim 1, wherein said data mode
`permits changes to said settings that come from an
`authorized cellular provider and does not permit
`changes which do not come from said authorized
`cellular provider.
`
`v
`
`

`

`Claim Identifier Claim Language
`
`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`3
`
`[3]
`
`4
`
`5
`
`[4]
`
`[5.1]
`
`[5.2]
`
`[5.3]
`
`[5.4]
`
`[5.5]
`
`[5.6]
`
`[5.7]
`
`The cellular device of claim 1, wherein said data mode
`permits changes to said settings to be made when said
`cellular communication device uses said active
`connection with an authorized cellular provider.
`
`The cellular device of claim 1, wherein said data mode
`permits reading and writing into said memory of cellular
`network information fields.
`
`A cellular communication device comprising a
`processor, a memory and a data mode, said data mode
`allowing reading and writing of data in said memory
`and changing of settings on said cellular communication
`device,
`
`said settings comprising personal data, cellular
`communication device configuration data and technical
`data relating to the cellular communication device;
`
`wherein said cellular communication device also
`comprises an access restrictor to restrict use of said data
`mode in accordance with a device unique security
`setting,
`
`the device unique security setting provided remotely to
`said cellular communication device using a
`predetermined security protocol;
`
`said device unique security setting is obtained remotely
`and provided to the cellular communication device
`before the data mode is used;
`
`said data mode permits actions comprising uploading,
`maintaining or replacing an operating system in said
`cellular communication device that are provided by a
`cellular provider using an active connection;
`
`the device further being configured to carry out one
`member of the group consisting of: enabling said
`cellular communication device to use said data mode
`when it is determined that said device unique security
`setting is correct; and disabling use of said data mode
`
`vi
`
`

`

`Claim Identifier Claim Language
`
`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`6
`
`[6]
`
`7
`
`[7]
`
`8
`
`9
`
`[8]
`
`[9]
`
`10
`
`[10]
`
`11
`
`[11]
`
`when said active connection is no longer active.
`
`The cellular communication device of claim 1, wherein
`said device unique security setting is one member of the
`group consisting of a software setting, a coding
`configuration for data read or data write instructions, a
`dynamic password, and a one-time password which is
`changed after each use.
`
`The cellular communication device of claim 1, wherein
`said device unique security setting is based on one
`member of the group consisting of: one cellular
`communication device specific data item and one
`random data item, and two cellular communication
`device specific data items and two random data items.
`
`The cellular communication device of claim 1, wherein
`said device unique security setting is dynamically
`changed after one or more uses of said data mode.
`
`The cellular communication device of claim 1, wherein
`said device unique security setting is provided to said
`cellular communication device via a predetermined
`communication protocol.
`
`The cellular communication device of claim 5, wherein
`said cellular communication device uses a
`predetermined communication protocol for said data and
`changes to settings, and wherein said predetermined
`communication protocol comprises one member of the
`group consisting of: a specified sequence of
`communication packets, and a specified structure of
`communication packets.
`
`The cellular communication device of claim 5, wherein
`said cellular communication device further comprises a
`client program that manages said predetermined
`communication protocol.
`
`12
`
`[12]
`
`The cellular communication device of claim 5, wherein
`said cellular communication devices is coupled to a
`
`vii
`
`

`

`Claim Identifier Claim Language
`
`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`13
`
`[13]
`
`14
`
`[14]
`
`15
`
`16
`
`17
`
`18
`
`19
`
`20
`
`21
`
`22
`
`23
`
`24
`
`[15]
`
`[16]
`
`[17]
`
`[18]
`
`[19]
`
`[20]
`
`[21]
`
`[22]
`
`[23]
`
`[24.1]
`
`[24.2]
`
`client program on a client device, wherein said client
`program permits said cellular communication device to
`use said data mode after determining that said device
`unique security setting is correct.
`
`The cellular communication device of claim 1, wherein
`said cellular communication device restricts use of said
`data mode to said active connection with a
`predetermined server.
`
`The cellular communication device according to claim
`9, wherein said active connection is identifiable via said
`device unique security setting.
`
`See [6]
`
`See [7]
`
`See [8]
`
`See [9]
`
`See [10]
`
`See [11]
`
`The cellular communication device of claim 1, further
`comprising a configuration enabler for enabling or
`disabling configuration of said cellular communication
`device in response to said device unique security setting.
`
`See [2]
`
`See [3]
`
`A cellular communication device comprising a
`processor, a memory, and a data mode, said data mode
`allowing reading and writing of data and changing of
`settings on said cellular communication device,
`
`said settings comprising personal data, cellular
`communication device configuration data and technical
`data relating to the cellular communication device;
`
`[24.3]
`
`wherein: said cellular communication device comprises
`an access restrictor to restrict use of said access data
`
`viii
`
`

`

`Claim Identifier Claim Language
`
`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`[24.4]
`
`[24.5]
`
`[24.6]
`
`[24.7]
`
`mode in accordance with a device unique security
`setting,
`
`the device unique security setting provided remotely to
`said cellular communication device using a
`predetermined security protocol,
`
`said predetermined security protocol based on one
`member of the group consisting of: at least one cellular
`communication device specific data item and at least
`one random data item, and two cellular communication
`device specific data items and two random data items;
`and
`
`said data mode being usable over a cellular network in
`an active connection;
`
`said device performing one member of the group
`consisting of: enabling use of said data mode when said
`cellular communication device determines that said
`device unique security setting is correct; and disabling
`use of said data mode when said active connection is not
`active.
`
`25
`
`26
`
`27
`
`28
`
`29
`
`[25]
`
`[26]
`
`[27]
`
`[28]
`
`[29]
`
`See [9], [10]
`
`See [11]
`
`See [7]
`
`See [8]
`
`See [9]
`
`
`
`
`
`ix
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`Petitioner (“Apple”) petitions for Inter Partes Review of claims 1-24
`
`(“Challenged Claims”) of U.S. Patent No. 9,642,002 (“the ’002 patent”).
`
`I.
`
`REQUIREMENTS
`
`A. Grounds for Standing
`
`Apple certifies that the ’002 patent is available for IPR. This petition is
`
`being filed within one year of service of a complaint against Apple. Apple is not
`
`barred or estopped from requesting this review.
`
`B. Challenge and Relief Requested
`
`Apple requests IPR and cancellation of the Challenged Claims on the
`
`grounds below. In support, a declaration from Dr. Patrick G. Traynor1 (APPLE-
`
`1003) is furnished herewith.
`
`Ground
`
`Claims
`
`Basis
`
`1
`
`2A
`
`2B
`
`1-29
`
`§103: Shahbazi
`
`1-10, 13-19, 21-25, 27-29
`
`§103: Fam, Geiger
`
`11, 12, 20, 26
`
`§103: Fam, Geiger, Shirai
`
`The ’002 patent was filed 1/8/2015, and claims priority to U.S. Provisional
`
`Application No. 60/550,305 filed 3/8/2004 (“Critical Date”). Apple does not
`
`
`1 Dr. Traynor is a professor in Computer and Information Science and Engineering
`
`(CISE) at the University of Florida and a Co-Director of the Florida Institute of
`
`Cybersecurity (FICS) Research.
`
`1
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`concede that the Challenged Claims are entitled to the claimed priority, but applies
`
`prior art before the alleged date. APPLE-1003, ¶¶19-20. Applied references are
`
`prior art based at least one bases below:
`
`Reference Date(s)
`
`Basis
`
`Shahbazi
`
`12/23/20032 §102(e)
`
`Fam
`
`3/7/2003
`
`§102(e)
`
`Geiger
`
`10/8/2002
`
`§102(b)
`
`Shirai
`
`12/31/2001
`
`§102(b)
`
`Shahbazi claims priority to U.S. Provisional Pat. No. 60/531,668 (“Shahbazi
`
`Provisional”) (APPLE-1011), filed 12/23/2003. As Dr. Traynor explains,
`
`“Shahbazi is entitled to the benefit of its provisional filing date, i.e., the December
`
`23, 2003 filing date” since the Shahbazi Provisional disclosure “provides sufficient
`
`detail that would have led a POSITA to conclude that the inventor of the Shahbazi
`
`Provisional had possession of the invention claimed in Shahbazi…” APPLE-1003,
`
`¶63.
`
`Shahbazi, Claim 1
`(APPLE-1004, 17:65-18:33)
`
`Shahbazi Provisional
`
`[1a]
`
`[1b]
`
`[1c]
`
`APPLE-1011, 4-5
`
`Id., 6-8
`
`Id., 6-8, 14-15
`
`
`2 Shahbazi claims priority to U.S. Provisional Application No. 60/531,668, filed
`
`December 23, 2003.
`
`2
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`Shahbazi Provisional
`
`Shahbazi, Claim 1
`(APPLE-1004, 17:65-18:33)
`
`[1d]
`
`[1e]
`
`[1f]
`
`Id., 10-11
`
`Id., 10-11
`
`Id., 15-17
`
`II. THE ’002 PATENT
`
`A.
`
`’002 Patent Specification
`
`The ’002 patent focuses on cellular device security and describes a “security
`
`system for protection of data and access,” including “read and write access to
`
`configuration data, in a cellular telephony device.” APPLE-1001, 1:20-24.
`
`According to the ’002 patent, “[a] security vulnerability exists in cellular device”
`
`in that “it is possible to read sensitive information” and “write it into a new cellular
`
`device (destination) thus making the destination device identical to the source
`
`device with regards to the cellular network.” Id., 1:25-35. This “enables the
`
`destination device to make calls, which are then billed to the source device.” Id.
`
`APPLE-1003, ¶49; see id., ¶¶35-48.
`
`The ’002 patent identifies four types of sensitive information in a cellular
`
`device: (1) an “Electronic Serial Number” supplied by the manufacturer of the
`
`cellular device (ESN), (2) “cellular device’s phone number” supplied by the
`
`cellular provider (NUM), (3) “authentication key” for authenticating the identity of
`
`a cellular device by the cellular provider (A-KEY), and (4) an “identifier” created
`
`by the cellular network in combination with additional information from the
`
`3
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`cellular provider’s database and used to identify the cellular device when a call is
`
`made (SSD). APPLE-1001, 1:46-58. This information is “generally located in the
`
`cellular device along with the operating system located on the chipset.” Id.
`
`Access to this sensitive information is provided during a “Data Mode”—“a mode
`
`in which the device allows any access to the device to change settings and/or
`
`accepts commands, via its serial interface, which can be used to read and write
`
`information.” APPLE-1001, 1:63-2:6; APPLE-1003, ¶50.
`
`The ’002 patent describes addressing security vulnerabilities associated with
`
`sensitive information stored on a cellular device by limiting device access. Figure
`
`2 shows a system in which “a cellular telephone is connected through a data
`
`connection to a reprogramming device and to a secure server.” APPLE-1001,
`
`6:66-7:2.
`
`4
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`APPLE-1001, Fig. 2
`
`
`
`Device 20 is connected to reprogramming computer 24 for “upgrading according
`
`to an upgrading configuration.” APPLE-1001, 9:1-15. Device 20 is placed in a
`
`“data mode for allowing reading and writing of data to change the settings and
`
`generally to allow reprogramming.” Id. Device 20 is “configured to restrict use of
`
`the data mode” using a “unique security setting belonging to the device.” Id. This
`
`ensures “the data mode cannot be used unless the device unique security setting is
`
`provided” and “it is no longer possible to obtain a single password and thereby
`
`compromise a large number of devices.” Id.; APPLE-1003, ¶51.
`
`5
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`Device 20 includes a “mode management unit 22” (or “an access restrictor
`
`or configuration enabler”), which may be provided “either as hardware or as
`
`software” and used to “manage the device unique security setting to ensure that the
`
`data mode can only successfully be entered upon correct use of the device unique
`
`security setting, and no otherwise.” APPLE-1001, 9:16-22. The ’002 patent
`
`describes various examples of the “device unique security setting,” such as a
`
`“physical setting,” a “setting [that] may be made in software,” a “password” (static,
`
`dynamic, one-time password), an “encoding configuration for the data mode read
`
`and write instructions.” See id., 9:23-64; APPLE-1003, ¶52.
`
`
`
` The system includes reprogramming client device 24 and server 26 to
`
`support data mode operations on device 20. Device 24 supports connection 22 to
`
`device 20 and carries out reprogramming or data configuration operations, such as
`
`“replacing or updating of the operating system” and “changing of the telephone
`
`number.” APPLE-1001, 9:1-15. Server 26 supports device 24 and in some
`
`instances where “the device unique security settings are dynamic and change
`
`rapidly[,]” provide additionally security by enabling “a live connection.” Id.,
`
`10:17-23. In such embodiments, the device unique security setting is “an encoding
`
`configuration for the data mode read and write instructions, and the data mode
`
`entry command,” “reprogramming client device 24 does not know…what the read
`
`and write commends are for the given device.” Id., 9:28-40. Server 26 “knows or
`
`6
`
`

`

`generates the settings” such that the live connection permits data mode operation
`
`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`on device 20. Id., 10:17-23; APPLE-1003, ¶53.
`
`B.
`
`Prosecution History
`
`During prosecution of the ’002 patent, the Examiner rejected the claims over
`
`U.S. Pat. No. 6,259,908 (“Austin”) and U.S. Pat. App. Pub. No. 2004/0235455
`
`(“Jiang”). See APPLE-1002, 211-26. During prosecution, the examiner did not
`
`consider any of Shahbazi, Fam, Geiger, and Shirai, which renders the Challenged
`
`Claims obvious. APPLE-1003, ¶¶54-57.
`
`C. Claim Construction
`
`All claim terms should be construed according to the Phillips standard.
`
`Phillips v. AWH Corp., 415 F.3d 1303 (Fed. Cir. 2005); 37 C.F.R. §42.100.
`
`Additionally, “claim terms need only be construed to the extent necessary to
`
`resolve the controversy.” Wellman, Inc. v. Eastman Chem. Co., 642 F.3d 1355,
`
`1361 (Fed. Cir. 2011). Because the Challenged Claims are obvious under any
`
`reasonable interpretation, no express constructions are required in this proceeding.3
`
`
`3 Apple is not conceding that the Challenged Claims satisfy all statutory require-
`
`ments, such as 35 U.S.C. §112. Apple is not waiving any arguments concerning
`
`other grounds that can only be raised in district court or waiving the right to raise
`
`formal claim constructions in district court.
`
`7
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`To be clear, Petitioner reserves the right to address any construction proposed by
`
`Patent Owner or the Board. Petitioner also reserves the right to pursue
`
`constructions in district court that are necessary to decide matters of infringement.
`
`III. THE CHALLENGED CLAIMS ARE UNPATENTABLE
`
`A.
`
`[GROUND 1] – Shahbazi Renders Obvious Claims 1-29
`
`1.
`
`Shahbazi
`
`Shahbazi describes a software framework that links security technologies to
`
`enforce security and data protection policies across mobile devices. APPLE-1004,
`
`5:26-31; APPLE-1011,4 7-8. It recognizes that the prominence of mobile devices
`
`as a standard computing platform has led to “security threats to data stored in and
`
`access by these types of mobile devices” and has “created a heightened awareness
`
`and increased need for security.” APPLE-1004, 2:11-21; APPLE-1011, 3. It also
`
`identifies prior art technologies—e.g., “Trusted Mobile Suite”—used to secure
`
`various computing environments and “set access control, encryption, and other
`
`parameters and push them to such mobile devices” to “protect against fraud, theft,
`
`sabotage, malicious hacking, and other adverse exposure caused by data
`
`compromise.” Id., 2:22-41; APPLE-1011, 3. This “allows administrators and
`
`users to secure all or selected applications[]” from “unwanted or unauthorized
`
`
`4 Reference to page numbers of APPLE-1011 are to document page numbers.
`
`8
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`access.” Id.; APPLE-1003, ¶59.
`
`Shahbazi recognizes “a need for an efficient and flexible system and method
`
`for securing data in mobile devices used in varying operating environments.”
`
`APPLE-1004, 3:5-17; APPLE-1011, 4-5. This involves an identity status that is
`
`“akin to DNA information of an organism” and includes “information [that]
`
`characterizes or identifies different mobile devices.” APPLE-1004, 9:16-46;
`
`APPLE-1011, 7-9. The identity status enables a “security profile” used for device
`
`protection and includes parameters “relating to protection of the mobile device,
`
`restriction on use of an internal resource and external resource, and configuration
`
`of a resource.” APPLE-1004, 3:60-4:6; APPLE-1011, 7-9. This enables the
`
`Shahbazi system to “intelligently create and enforce security and data protection
`
`policies across [a] dynamic set of mobile devices and end points in a timeless,
`
`network, and device independent manner, with low maintenance requirement.”
`
`APPLE-1004, 5:26-31; APPLE-1011, 7-9; APPLE-1003, ¶60.
`
`Figure 1 illustrates system 100 implementing Shahbazi’s security
`
`framework.
`
`9
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`APPLE-1004, Fig. 15
`
`
`
`System 100 “supports security amongst computing nodes 102 and mobile devices
`
`104. APPLE-1004, 5:45-59; APPLE-1011, 9. Computing device 102 “can be any
`
`type of wired or wireless network node, a client station connected, a server station,
`
`a router, a hub, or an access point.” Id. A security server 106 “provides central
`
`functionality for implementing security parameters.” Id. Mobile device 104 is
`
`“any type of device,” including a “handheld device, personal digital assistant,
`
`
`5 Figures 1 and 2 in APPLE-1004 and APPLE-1011 are identical.
`
`10
`
`

`

`phone, smart phone, pager, etc.” Id., 5:60-65; APPLE-1011, 9-10; APPLE-1003,
`
`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`¶61.
`
`
`
`Figure 2 illustrates security between computing node 102 and mobile device
`
`104.
`
`APPLE-1004, Fig. 2
`
`
`
`Computing node 102 “acts as a gateway between the mobile devices 104 and other
`
`network resources 124.” APPLE-1004, 6:41-67; APPLE-1011, 11-12. Node
`
`security program or agent 202 is executed in computing node 102 for interfacing
`
`with device security program or agent 204 executed at mobile device 104 or
`
`11
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`resource device 124. Id. Device security program 204 interprets device security
`
`profile 206 to implement mobile device security. Node security program 202
`
`interprets node security profile 208 to determine one or more security parameters
`
`for managing the security between computing node 102, resource device 124, and
`
`mobile devices 104. This includes “controlling transfer of data, files, device
`
`profiles, applications, and programs between the computing node 102, resource
`
`device 124, and the mobile devices 104.” Id. One example is “preventing data
`
`synchronization between the mobile device 104 and resource device 124.” Id.
`
`Other examples include “prevent[ing] remote execution, utilization of any
`
`application, or file on the mobile device 104 or resources 124.” Id.; APPLE-1003,
`
`¶62.
`
`2.
`
`Shahbazi Under §103
`
`Given its comprehensive teachings regarding a software framework that
`
`addresses data security, Shahbazi describes every feature recited in the Challenged
`
`Claims.6 Yet Shahbazi’s disclosure of some relevant features arguably span more
`
`than one embodiment. Regardless, the Shahbazi disclosure would have rendered
`
`the ’002 patent claims obvious, as demonstrated by this petition.
`
`
`6 See §§III.A.3-8, infra (substantively applying Shahbazi to features recited in the
`
`Challenged Claims), citing, e.g., APPLE-1004, 5:26-31; APPLE-1011, 7-8.
`
`12
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`Shahbazi recognizes that “[v]arious types of security software incorporating
`
`different data security encryption standards have been used in the past for securing
`
`network, desktop, laptop, and PDA environments.” APPLE-1004, 2:22-41. And,
`
`it also observes that “society continues to adopt handheld devices as a standard
`
`computing platform.” Id., 2:12-21. Dr. Traynor explains how a POSITA would
`
`have perceived Shahbazi teaching that “different security standards are required to
`
`adequately secure different computing environments and further recognizes that
`
`growing adoption of handheld devices means that they would be used as a
`
`replacement for these computing requirements, creating a need for different mobile
`
`device security standards.” APPLE-1003, ¶76. With this perspective, a POSITA
`
`seeking to implement Shahbazi would have found it obvious to combine its various
`
`teachings in different ways to accommodate different mobile device security
`
`standards. Id. This would have motivated a POSITA to combine, adapt, and/or
`
`substitute specific teachings found in Shahbazi based on what she would have
`
`perceived as Shahbazi’s broader disclosure of using those teachings to address the
`
`various specific security needs of handheld devices. Id. More, “a POSITA would
`
`have recognized that embodiments in which identity status is connection-specific
`
`(e.g., tied to an identified location from which mobile device 104 attempts to
`
`connect to a computing node 102) are advantageous when there is a desire to
`
`restrict the capability to perform a synchronization operation in certain designated
`
`13
`
`

`

`secure locations, such as a user’s home over a local area network.” Id., ¶77 (citing
`
`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`APPLE-1004, 7:65-8:12, APPLE-1022, [0065]).
`
`3.
`
`Claim 1
`
`[1.1]
`
`Shahbazi renders the preamble obvious to the extent it is deemed limiting.
`
`The Shahbazi system includes mobile devices 104 (e.g., “cellular communication
`
`device”) for which security is managed using computer nodes 102 and security
`
`server 106. APPLE-1003, ¶¶74, 78; APPLE-1004, 6:60-65; APPLE-1011, 11-12.
`
`APPLE-1004, Fig. 1
`
`
`
`According to Shahbazi, “security threats to data stored in and access by these types
`
`14
`
`

`

`Attorney Docket No. 50095-0122IP1
`IPR of U.S. Patent No. 9,642,002
`
`
`of mobile devices have become a serious concern and have created a heightened
`
`awareness and increased need for security.” APPLE-1004, 2:12-41; APPLE-1011,
`
`3. Further, “[v]arious types of security software incorporating different data
`
`security encryption standards have been used in the past for securing network,
`
`desktop, laptop, and PDA environments.” Id.
`
`Figure 2 shows a technique for managing security between mobile device
`
`104 and computing node 102. Mobile device 104 is “any handheld device,
`
`personal digital assistant, phone, smart phone, pager, etc., where various types of
`
`mobile devices operating within the system 100 can be discover