IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`__________
`
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`
`__________
`
`TREND MICRO, INC.
`Petitioner,
`
`v.
`
`TAASERA LICENSING LLC
`Patent Owner.
`
`__________
`
`IPR2023-00801
`
`U.S. Patent No. 8,327,441
`
`DECLARATION OF SETH JAMES NIELSON
`
`TABLE OF CONTENTS
`
`I.
`
`II.
`
`INTRODUCTION ...............................................................................................................1
`
`QUALIFICATIONS ............................................................................................................2
`
`III. MATERIALS CONSIDERED ..........................................................................................12
`
`IV.
`
`LEGAL STANDARDS .....................................................................................................13
`
`V.
`
`Technical Background that Would Have Been Known to A POSITA ..............................16
`
`A.
`
`Remote Attestation.................................................................................................16
`
`VI.
`
`OVERVIEW OF THE CHALLENGED PATENT ...........................................................20
`
`A.
`
`B.
`
`THE ’441 PATENT SPECIFICATION AND CLAIMS .......................................20
`
`PROSECUTION HISTORY ..................................................................................23
`
`Trend Micro, Inc.
`EX1003-1
`
`IPR2023-01464
`CrowdStrike EX1003 Page 1
`
`

`

`
`
`VII. LEVEL OF SKILL IN THE ART .....................................................................................23
`
`VIII. Overview of the Prior art ...................................................................................................24
`
`A.
`
`B.
`
`OVERVIEW OF “INTEGRITY MANAGEMENT FOR TRUSTED
`COMPUTING” BY MUNETOH, ET. Al (“MUNETOH”) ..................................24
`
`OVERVIEW OF “TISA: TOWARD TRUSTWORTHY SERVICES IN A
`SERVICE-ORIENTED ARCHITECTURE” TO RAJAN ....................................28
`
`IX.
`
`GROUND 1: Claims 1-7 AND 9 are rendered obvious by MuNETOH IN VIEW
`OF RAJAN.........................................................................................................................34
`
`A.
`
`B.
`
`Motivation to Combine Munetoh and Rajan .........................................................34
`
`Claim 1 is rendered obvious by Munetoh in view of Rajan ..................................40
`
`1.
`
`2.
`
`3.
`
`4.
`
`5.
`
`6.
`
`Limitation 1[a] ..........................................................................................41
`
`Limitation 1[b] .........................................................................................49
`
`Limitation 1[c] ..........................................................................................53
`
`Limitation 1[d] .........................................................................................56
`
`Limitation 1[e] ..........................................................................................60
`
`Limitation 1[f] ..........................................................................................64
`
`C.
`
`Claim 2 is rendered obvious by Munetoh in view of Rajan ..................................68
`
`1.
`
`2.
`
`Limitation 2[a] ..........................................................................................68
`
`Limitation 2[b] .........................................................................................70
`
`D.
`
`Claim 3 is rendered obvious by Munetoh in view of Rajan ..................................72
`
`E.
`
`F.
`
`G.
`
`H.
`
`I.
`
`Claim 4 is rendered obvious by Munetoh in view of Rajan ..................................75
`
`Claim 5 is rendered obvious by Munetoh in view of Rajan ..................................78
`
`Claim 6 is rendered obvious by Munetoh in view of Rajan ..................................80
`
`Claim 7 is rendered obvious by Munetoh in view of Rajan ..................................82
`
`Claim 9 is rendered obvious by Munetoh in view of Rajan ..................................83
`
`X.
`
`Ground 2: Claims 1-7 and 9 are rendered obvious by Rajan in view of Munetoh ............84
`
`
`
`ii
`
`Trend Micro, Inc.
`EX1003-2
`
`IPR2023-01464
`CrowdStrike EX1003 Page 2
`
`

`

`
`
`A.
`
`B.
`
`Motivation to Combine Rajan and Munetoh .........................................................84
`
`Claim 1 is rendered obvious by Rajan in view of Munetoh ..................................85
`
`1.
`
`2.
`
`3.
`
`4.
`
`5.
`
`6.
`
`Limitation 1[a] ..........................................................................................85
`
`Limitation 1[b] .........................................................................................86
`
`Limitation 1[c] ..........................................................................................86
`
`Limitation 1[d] .........................................................................................87
`
`Limitation 1[e] ..........................................................................................88
`
`Limitation 1[f] ..........................................................................................89
`
`C.
`
`Claim 2 is rendered obvious by Rajan in view of Munetoh ..................................90
`
`1.
`
`2.
`
`Limitation 2[a] ..........................................................................................90
`
`Limitation 2[b] .........................................................................................90
`
`D.
`
`Claim 3 is rendered obvious by Rajan in view of Munetoh ..................................91
`
`E.
`
`F.
`
`G.
`
`H.
`
`I.
`
`Claim 4 is rendered obvious by Rajan in view of Munetoh ..................................92
`
`Claim 5 is rendered obvious by Rajan in view of Munetoh ..................................92
`
`Claim 6 is rendered obvious by Rajan in view of Munetoh ..................................93
`
`Claim 7 is rendered obvious by Rajan in view of Munetoh ..................................94
`
`Claim 9 is rendered obvious by Rajan in view of Munetoh ..................................94
`
`XI.
`
`There are no objective indicia of nonobviousness .............................................................95
`
`XII. Conclusion .........................................................................................................................95
`
`
`
`
`
`
`
`
`iii
`
`Trend Micro, Inc.
`EX1003-3
`
`IPR2023-01464
`CrowdStrike EX1003 Page 3
`
`

`

`
`
`1.
`
`I, Seth James Nielson, submit the following declaration (the “Declaration”) in
`
`connection with the proceeding identified above.
`
`I.
`
`INTRODUCTION
`
`2.
`
`I have been retained by counsel for Trend Micro, Inc. (“Trend Micro” or
`
`“Petitioner”) as a technical expert in connection with the proceeding identified above. I submit this
`
`Declaration in support of Petitioner Trend Micro’s Petition for Inter Partes Review (the “Petition”)
`
`of United States Patent No. 9,092,441 (“the ’441 patent”) against Taasera Licensing LLC
`
`(“Taasera”). All “Ex. 10XX” cites herein are to the Exhibits to the Petitions. All citations to
`
`“Section XX” are internal citations to the sections of this Declaration. All citations to “Paragraph
`
`XX” are internal citations to the paragraphs of this Declaration.
`
`3.
`
`I have been asked to consider whether the claims of the ’441 patent are obvious in
`
`light of the prior art discussed below. The ’441 patent is directed to general application of known
`
`computer security techniques to remote attestation of security posture.
`
`4.
`
`In summary, my conclusion is that the claims of the ’441 patent are obvious in light
`
`of the prior art discussed below. As set forth in detail in this declaration, I have reached the
`
`following conclusions:
`
`a. Claims 1-7 and 9 are rendered obvious to a POSITA by the combination of
`
`“Network Intrusion Detection” by Munetoh et al. (“Munetoh”) (Ex. 1005)
`
`in view of “Tisa: Toward Trustworthy Services in a Service-Oriented
`
`Architecture” by Rajan et al. (“Rajan”) (Ex. 1006).
`
`b. Claims 1-7 and 9 are rendered obvious to a POSITA by the combination of
`
`“Tisa: Toward Trustworthy Services in a Service-Oriented Architecture” by
`
`Rajan et al. (“Rajan”) (Ex. 1006) in view of “Network Intrusion Detection”
`
`by Munetoh et al. (“Munetoh”) (Ex. 1005).
`
`
`
`1
`
`Trend Micro, Inc.
`EX1003-4
`
`IPR2023-01464
`CrowdStrike EX1003 Page 4
`
`

`

`
`
`II.
`
`QUALIFICATIONS
`
`5.
`
`I am a subject matter expert in cybersecurity, computer networks, and software
`
`engineering. I am the Founder and Chief Scientist of Crimson Vista, a computer security research
`
`and engineering company. Furthermore, I hold appointments at the University of Texas at Austin
`
`as an Adjunct Associate Professor in the department of Computer Science and as a Cybersecurity
`
`Fellow in the Robert Strauss Center for International Security and Law.
`
`6.
`
`I have been working with computer networks and associated technology, including
`
`parallel processing, since January 2000. My experience includes graduate-level teaching, academic
`
`research, industry employment, and consulting practice.
`
`7.
`
`Exhibit 1004 is a current copy of my C.V. and includes all of my relevant education
`
`and work experience, a list of all publications that I have authored in the previous ten years, as
`
`well as a list of all cases in which, during the previous four years, I have testified as an expert at
`
`trial or by deposition. My experience most relevant to the opinions offered in this report is
`
`summarized below.
`
`8.
`
`I received my B.S. in Computer Science in April of 2000. During my final
`
`undergraduate semester, I worked both as a teaching assistant for a Computer Networking course
`
`and as a researcher in the Networked Computing Lab. In these capacities, I assisted students in
`
`debugging and designing TCP/IP protocol stacks, Address Resolution Protocol implementations,
`
`and Remote Procedure Call projects. In the research lab, I collaborated on work related to resource
`
`reservations in high performance networking and MPLS analyses. Our investigations into
`
`statistical traffic engineering for bandwidth allocation resulted in a published paper entitled,
`
`“Effective Bandwidth for Traffic Engineering.”
`
`9.
`
`During the Fall of 2000, I studied for one semester at Brandeis University in the
`
`Boston area and, as part of my research, I developed a parallel-processing system for DNA string
`
`
`
`2
`
`Trend Micro, Inc.
`EX1003-5
`
`IPR2023-01464
`CrowdStrike EX1003 Page 5
`
`

`

`
`
`matching. The system that I created had a central node that managed the search space and solution
`
`aggregation. A cluster of available “worker” machines registered with the central node to indicate
`
`their availability for parallel processing. The central node would identify subdivisions of the search
`
`space that could be farmed out to the worker nodes for processing. I also studied artificial
`
`intelligence and machine learning.
`
`10.
`
`From 2001 through 2003, I worked as a software engineer at Metrowerks (formerly
`
`Lineo, Inc.), where I had substantial responsibilities relating to software architecture, computer
`
`networking, and technical project management. In particular, I developed and maintained the GUI
`
`for the Embedix SDK (Software Development Kit), created a network communication system
`
`between a Windows front-end and Linux back-end, developed an automated system to forward
`
`Linux python scripts to a Windows GUI over the network, and developed a network-deployed
`
`packaging and automated updating system for client software. To complete these assignments, I
`
`wrote tens of thousands of lines of computer code in C++, C, Python, and Perl.
`
`11.
`
`As part of my technical training and development at Lineo/Metrowerks, I also
`
`gained and employed an increased exposure to computer networking and network security. I tested
`
`and evaluated a prototype firewall product, built a custom VPN solution, and trained in the use of
`
`web server and mail server administration (including security). I ran my own personal MTA with
`
`an IMAP and POP3 server based on these tools under development. I also deployed a Squid web
`
`proxy for both caching and content filtering.
`
`12.
`
`Another major networking project involved porting the Embedix SDK from Linux
`
`to Windows. For this project I used a virtual-machine/networked solution. The underlying SDK
`
`engine remained running in a Linux VM while the GUI operated in native Windows. I developed
`
`all of the code for this remote communication system.
`
`
`
`3
`
`Trend Micro, Inc.
`EX1003-6
`
`IPR2023-01464
`CrowdStrike EX1003 Page 6
`
`

`

`
`
`13. While working at Lineo/Metrowerks, I also returned to BYU to pursue my Master’s
`
`degree in Computer Science. In addition to the graduate level course work in wireless computer
`
`networks and compilers, I pursued graduate research in software engineering topics, with a special
`
`emphasis on how programmers think while creating and modifying code. During my course work,
`
`I took a special topics class called “Programmer Cognition” as well as a graduate-level
`
`neuroscience class from the Psychology department.
`
`14. My research included a study of computer architectural patterns and how those
`
`patterns might need to change as programming languages change and evolve. Based on my
`
`research, I proposed a concept called “Design Dysphasia,” wherein a programmer or software
`
`developer becomes trapped in their approach to solving problems based on the paradigms and
`
`design approaches of the programming language. My research was published as “Design dysphasia
`
`and the pattern maintenance cycle,” in the Journal Information and Software Technology August
`
`2006. This work also was a major component of my Master’s thesis.
`
`15.
`
`Another part of my Master’s thesis was the identification of how certain
`
`programming language concepts can be “mixed” together. I investigated practical mechanisms
`
`whereby the Python programming language could be extended to support features known as
`
`“functional programming” and “logic (or declarative) programming.” Languages with this mix of
`
`features are known as “multi-paradigm” programming languages.
`
`16.
`
`After finishing my Master’s degree, I moved to Houston TX in 2004 to begin a PhD
`
`program at Rice University. I chose to focus my research into topics of network security including
`
`the security of peer-to-peer cooperative storage and computation technologies.
`
`17.
`
`During the 2004 fall semester of my Ph.D. program at Rice University, I identified
`
`a security vulnerability in the Google Desktop Search that could have allowed hackers to
`
`
`
`4
`
`Trend Micro, Inc.
`EX1003-7
`
`IPR2023-01464
`CrowdStrike EX1003 Page 7
`
`

`

`
`
`compromise users’ computers and obtain private information. After contacting Google and
`
`assisting them in closing the vulnerability, we published the details of our investigation.
`
`18.
`
`In 2005, I completed an internship at Google, where I designed and implemented a
`
`solution to privacy loss in Google Web Accelerator. The Google Web Accelerator was designed
`
`to increase the speed of browsing the Internet. Once installed on a user’s computer, the browser
`
`would request all content through a Google Proxy. The proxy performed pre-fetching and
`
`extensive caching in order to provide fast and responsive service to the user. At the time of my
`
`internship, news reports had identified odd problems in which users of the Accelerator were
`
`accessing other individual’s private pages. During my internship, I designed and implemented a
`
`prototype solution for this issue in C++.
`
`19.
`
`In 2005, I published a paper entitled, “A Taxonomy of Rational Attacks.” This
`
`paper categorized and described the various types of attacks that one might see in a decentralized,
`
`peer-to-peer network. When there is no centralized authority, users have to cooperate to obtain
`
`service. The term “rational attacks” refers to the economic incentives to not cooperate while still
`
`exploiting the system for service.
`
`20. My Ph.D. Thesis was entitled “Designing Incentives for Peer-to-Peer Systems,”
`
`and it built on this concept. Given a network where participants cannot be forced to cooperate, the
`
`operation of said network must induce cooperation by design of the outcomes. In other words, it
`
`must be in each participant’s best interest to contribute to the cooperative operation. I conducted
`
`experiments including simulated extensions to the BitTorrent peer-to-peer protocol for long-term
`
`identities and mechanisms for cooperative anonymity. These systems were predecessors to modern
`
`cryptocurrency and distributed ledger technologies.
`
`
`
`5
`
`Trend Micro, Inc.
`EX1003-8
`
`IPR2023-01464
`CrowdStrike EX1003 Page 8
`
`

`

`
`
`21.
`
`From 2005 through 2008, with the approval of my PhD adviser, I worked as a
`
`Security Analyst for Independent Security Evaluators (ISE). Much of my early work was spent
`
`developing a software encryption library, including the necessary tests and procedures for FIPS-
`
`certification. The encryption library provided advanced operations such as secure data splitting
`
`and recovery.
`
`22.
`
`In 2009, I went to work full time for ISE as a Security Analyst and later as a Senior
`
`Security Analyst. I built a number of advanced projects including a parallel-program for massive
`
`code coverage analysis, GPU hardware-accelerated AES encryption, and distributed file-system
`
`prototypes.
`
`23.
`
`In addition to the software development, I also performed security evaluation
`
`services that included port-scanning analyses, security protocol analysis using formal and
`
`exploratory methods, and investigated security breaches.
`
`24.
`
`I also designed and managed the implementation of a secure communication
`
`technology that splits trust between multiple SSL Certificate Authorities (CA), so that if one CA
`
`is compromised, the communication stream can still be safely authenticated. My work on the
`
`secure communications technology project led to the issuance of multiple patents. In total, I wrote
`
`hundreds of thousands of lines of code in C, C++, and Python, including projects where I had to
`
`implement the same functionality in two separate languages.
`
`25.
`
`In 2011, I began work as a Research Scientist at Harbor Labs and continued with
`
`that consulting firm until fall 2015. I worked with a wide range of clients, specializing in network
`
`security, network communications, software architecture, and programming languages. I analyzed
`
`an extensive collection of commercial software, including software related to secure email, cloud-
`
`based multimedia delivery, document signing, anti-virus and anti-intrusion, high-performance
`
`
`
`6
`
`Trend Micro, Inc.
`EX1003-9
`
`IPR2023-01464
`CrowdStrike EX1003 Page 9
`
`

`

`
`
`routing, networking protocol stacks in mobile devices, PBX telecommunications software, VoIP,
`
`and peer-to-peer communications. I also analyzed security considerations for potential technology
`
`acquisitions.
`
`26.
`
`Also at Harbor Labs, I reviewed technology and source code for multiple clients
`
`related to accusations of theft and/or misappropriation of trade secrets. These engagements
`
`included an analysis of C, C++, Java, Python, and other source code languages in high-frequency
`
`trading, e-commerce, and other similar systems.
`
`27.
`
`I also assessed the security and privacy technologies and policies provided by a
`
`third-party vendor to the Center for Copyright Infringement (CCI). CCI represents content owners,
`
`such as the RIAA and the MPAA, in finding and reducing piracy online. Because this process
`
`necessarily involves collecting information about private individuals by scanning a network for
`
`illegal activity, I was asked to investigate and determine that the information collected from online
`
`computing devices was adequately safeguarded and protected.
`
`28.
`
`For other clients, I have “resurrected” or re-created legacy software systems. For
`
`example, I helped one client make remote desktop-sharing/viewing systems from the mid 90’s
`
`operational. I helped them identify the most compatible components from an old CVS repository,
`
`obtain the necessary legacy hardware and software to rebuild the source code, and diagnose why
`
`the separate components weren’t completely compatible with each other. Using tools from the era
`
`(i.e., the mid-90’s), I identified and fixed these issues in C++ and Java code, and successfully
`
`demonstrated the operational system across a small cluster of networked virtual machines.
`
`29.
`
`During my final year at Harbor Labs, I was engaged as the principal consultant with
`
`a large biomedical device firm in a twelve-month analysis of the security of their products.
`
`Notably, medical devices were for some time not considered significant threats in terms of
`
`
`
`7
`
`Trend Micro, Inc.
`EX1003-10
`
`IPR2023-01464
`CrowdStrike EX1003 Page 10
`
`

`

`
`
`computer security. However, recent demonstrations by security researchers of the various ways in
`
`which a malicious individual might harm a person using a medical device has shifted the thinking
`
`in the industry. Accordingly, I was engaged to assist this company in the analysis of their products,
`
`their process, and their future roadmap in order to ensure that patients are not harmed. I and my
`
`team analyzed design documents, hardware, and a broad range of additional resources in order to
`
`expose potential problems. The security of these systems depends, in part, on the architecture and
`
`deployment of the networks in which they operate.
`
`30.
`
`In December 2015, I left Harbor Labs to assist Ironwood Experts, LLC., as the
`
`transitional managing partner. In three months, I helped to establish a new direction, streamline
`
`operations, and wrap up difficult negotiations.
`
`31.
`
`After handing off management responsibilities at Ironwood, I founded Crimson
`
`Vista, Inc. as a boutique computer security engineering company. Similar to the work that I did at
`
`Harbor Labs, I continue to provide technical expertise to a wide range of clients in areas of
`
`programming languages, computer networks, and network security. My expertise in the area of
`
`“security engineering” provides comprehensive analysis, design, and insight into cybersecurity
`
`concerns before, during, and after development.
`
`32.
`
`For example, I have been retained by a start-up in telecommunications security to
`
`provide cryptography expertise and evaluations of their protocols and architectures. My team and
`
`I have prototyped new protocols, written up analyses, and presented to potential partners and
`
`investors.
`
`33.
`
`Another start-up company retained me for guidance in matters relating to
`
`Blockchain and Smart Contracts. This technology is very much dealing with a “fad” phase where
`
`there is a lot of misinformation and hype. I guided the start-up company through analyzing where
`
`
`
`8
`
`Trend Micro, Inc.
`EX1003-11
`
`IPR2023-01464
`CrowdStrike EX1003 Page 11
`
`

`

`
`
`these kinds of technologies would help and where they would not. I have also provided training
`
`on Blockchain at the Data Architecture Summit and Enterprise Data World conferences.
`
`34.
`
`I have also provided technical guidance to an antitrust team in the United States
`
`Department of Justice. Although the technologies and parties are confidential, I can disclose that
`
`I provided in-person training on technical topics and analyses of competing security products.
`
`35. More recently, I been retained by clients, including a Fortune 100 financial
`
`institution, to provide them with post-data-breach analyses of what went wrong, the impact of the
`
`lost data, and guidance on resolution. In these engagements, I provided reverse engineering of the
`
`data to demonstrate how an attacker can or would use the compromised information, analyzed
`
`software development to determine when the system became vulnerable, and helped identify
`
`impacted customers that had been missed in the investigations.
`
`36.
`
`I have also been retained as a vCISO (virtual Chief Information Security Officer)
`
`for a small company that needs security expertise and guidance in protecting their newly developed
`
`intellectual property. I advise the company on security policy, operations, implementations, and
`
`training.
`
`37.
`
`Through Crimson Vista, I also invest in research and development. Recent projects
`
`include engaging with a partner to implement prototypes of communications security protocols for
`
`next-generation automobiles. I also gave a talk on “Detecting Malicious Sandboxes” at the
`
`Workshop on Defensive Deception and Trust in Autonomy, in association with the 2018 Naval
`
`Applications of Machine Learning Workshop.
`
`38.
`
`I was the primary investigator on a government funded research project. The
`
`project dealt with automatic recovery from ransomware attacks and was funded by the United
`
`
`
`9
`
`Trend Micro, Inc.
`EX1003-12
`
`IPR2023-01464
`CrowdStrike EX1003 Page 12
`
`

`

`
`
`States Army. I led a team of student researchers from Johns Hopkins and Brigham Young
`
`University in developing my design and implementing a prototype.
`
`39.
`
`I am also a contributor to another small-business research project begun by a former
`
`student and funded by the National Science Foundation. We are researching the development of
`
`a new system for secure data storage that is protected even against “insider” threats, such as a
`
`rogue IT administrator. As part of this work, I am managing several interns for Summer 2022 and
`
`directing their work on performance, analysis, and vulnerability detection.
`
`40.
`
`I also continue to perform a wide range of code reviews for diverse technologies
`
`including CAD software, video game systems, digital mobile radios (DMRs), video streaming,
`
`and digital rights management (DRM). I am often retained for my expertise in software forensics
`
`and have been instrumental in multiple cases to discovering and identifying stolen source code or
`
`misappropriated trade secrets.
`
`41. Moreover, I maintain ties to academia. I held adjunct appointments at Johns
`
`Hopkins University from 2014 to 2019. From July 2016 to July 2019, I also held an appointment
`
`as the Director of Advanced Research Projects in the Johns Hopkins University Information
`
`Security Institute.
`
`42.
`
`At Johns Hopkins University I taught Network security and Advanced Network
`
`Security. I created a custom curriculum and lab experience wherein students developed their own
`
`security protocols as a class and then attempted to break their own creations. Students learned how
`
`hard it is to get security right, and how easy it is to find something wrong. I published a paper
`
`about the labwork in the Journal of Computer Science Education entitled, “PLAYGROUND:
`
`Preparing Students for the Cyber Battleground.”
`
`
`
`10
`
`Trend Micro, Inc.
`EX1003-13
`
`IPR2023-01464
`CrowdStrike EX1003 Page 13
`
`

`

`
`
`43.
`
`Beyond course instruction, I also mentored Masters students at Johns Hopkins in
`
`their capstone projects. These projects included networking security and privacy concerns across
`
`a wide range of technologies including cryptography, drone security, iOS security, BitCoin, SSL
`
`vulnerabilities, and Twitter “botnets.” My students and I have published multiple papers from
`
`these capstone projects.
`
`44.
`
`During my tenure as the Director of Advanced Research Projects, I was tasked with
`
`developing collaborative research opportunities. Through my efforts, a wide range of student
`
`capstones have been executed with partners from the Johns Hopkins Applied Physics Lab or
`
`outside corporate partners.
`
`45.
`
`For example, we coordinated with the company OnBoard Security to develop better
`
`security for anti-collision protocols for air traffic. Students demonstrated the potential issues
`
`related to leaving the protocol unsecured and built a working prototype of a secured variant.
`
`OnBoard and Johns Hopkins published press releases which were picked up by aviation-focused
`
`news sources.
`
`46.
`
`I am now an adjunct professor at the University of Texas at Austin. I have taught
`
`the undergraduate Network Security and Privacy class in the Computer Science department. I also
`
`teach the Introduction to Cybersecurity Technology class in the Law School
`
`47.
`
`I am also the co-founder and current director of the Crypto Done Right project. This
`
`project is currently hosted by Johns Hopkins University and funded by a grant from Cisco. I am
`
`transitioning the project to be hosted by my company Crimson Vista or spun out into a completely
`
`independent non-profit entity. Crypto Done Right is designed to bridge the gap between
`
`cryptography SME’s and the IT professionals that use it. It provides authoritative guidance on
`
`
`
`11
`
`Trend Micro, Inc.
`EX1003-14
`
`IPR2023-01464
`CrowdStrike EX1003 Page 14
`
`

`

`
`
`deployment, lifecycle, and management of cryptography in IT systems, software development, and
`
`technical management.
`
`48.
`
`Finally, I am the author of “Cryptography in Python: Learning Correct
`
`Cryptography by Example.” I am authoring a second book on computer security that will be
`
`published later this year.
`
`III. MATERIALS CONSIDERED
`
`49.
`
`I have considered information from various sources in forming my opinions.
`
`Besides drawing from approximately two decades of experience in the computer industry, I also
`
`have reviewed the ’441 patent and its file history, the other documents and references as cited
`
`herein, and general technical references.
`
`50.
`
`I understand that Counsel for Petitioner have submitted a Petition that references
`
`by exhibit number. For simplicity and convenience, I have adopted the same exhibit numbering.
`
`The exhibits are:
`
`• Ex. 1001: U.S. Patent No. 8,327,441 to Kumar et al. (“’441 patent”)
`
`• Ex. 1002: Prosecution History of ’441 to Kumar et al.
`
`• Ex. 1003: Expert Declaration of Seth James Nielson, Ph.D under 37 C.F.R. § 1.68.
`
`• Ex. 1004: Curriculum Vitae of Seth James Nielson, Ph.D.
`
`• Ex. 1005: Seiji Munetoh, Integrity Management Infrastructure for Trusted Computing,
`
`IEICE TRANS. INF. & SYST., Vol. E91-D, No. 5, 1242-1251, (May 2008).
`
`(“Munetoh”)
`
`• Ex. 1006: Hridesh Rajan, Tisa: Toward Trustworthy Services in a Service-Oriented
`
`Architecture, IEEE Transactions on Services Computing, 201-213, (October-
`
`December 2008). (“Rajan”)
`
`
`
`12
`
`Trend Micro, Inc.
`EX1003-15
`
`IPR2023-01464
`CrowdStrike EX1003 Page 15
`
`

`

`
`
`• Ex. 1007: Declaration of Ingrid Hsieh-Yee, Ph.D.
`
`• Ex. 1008: Steve Anderson, Web Services Trust Language (WS-Trust), (February
`
`2005).
`
`• Ex. 1009: George Moncrief, ezHPC Security Architecture, IEEE Computer Society,
`
`(2006).
`
`• Ex. 1010: Taasera Licensing LLC, v. Trend Micro Incorporated, Plaintiff’s Disclosure
`
`of Asserted Claims and Infringement Contentions with ’441 Claim Chart, 2:21-cv-
`
`00441-JRG-RSP, (July 26, 2022).
`
`• Ex. 1011: Ajay Surie, Rapid Trust Establishment for Pervasive Personal Computing,
`
`IEEE Computing Society, 24-30, (2007).
`
`• Ex. 1012: Minjin Kwon, PROBE: A Process Behavior-based Host Intrusion Prevention
`
`System, Department of Computer Science and Engineering, Korea University, Seoul,
`
`(2008).
`
`IV.
`
`LEGAL STANDARDS
`
`51.
`
`I am not an attorney, and I have relied on instructions from counsel as to the
`
`applicable legal standards to use in arriving at my opinions in this Declaration.
`
`52.
`
`I have been informed and understand that patent claims are construed from the
`
`perspective of one of ordinary skill in the art at the time the claimed invention was made and that,
`
`during this proceeding, claims are construed using the same claim construction standard that would
`
`be used to construe the claim in a civil action. Under that standard, claim terms are to be given
`
`their plain and ordinary meaning, which is the meaning understood by a POSITA in light of the
`
`claim language, patent specification, and prosecution history.
`
`
`
`13
`
`Trend Micro, Inc.
`EX1003-16
`
`IPR2023-01464
`CrowdStrike EX1003 Page 16
`
`

`

`
`
`53.
`
`I understand that a patent may include independent claims and dependent claims.
`
`An independent claim stands by itself and only includes the limitations it recites. A dependent
`
`claim can depend on (a) an independent claim, or (2) another dependent claim. I understand that a
`
`dependent claim includes all of the limitations it recites plus the limitations recited in the claim
`
`from which it depends.
`
`54.
`
`I have been informed and understand that the subject matter of a patent claim is
`
`obvious if the differences between the subject matter of the claim and the prior art are such that
`
`the subject matter of the claim as a whole would have been obvious at the effective filing date to
`
`a person having ordinary skill in the art to which the subject matter pertains. I have also been
`
`informed that the framework for de