DCT
1:18-cv-00454
Aqua Connect Inc v. Parallels Inc
Key Events
Complaint
Table of Contents
complaint
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: Aqua Connect, Inc. (Nevada) and Strategic Technology Partners, LLC (Nevada)
- Defendant: Parallels Inc. (Delaware)
- Plaintiff’s Counsel: Stamoulis & Weinblatt LLC; Law Office of Ryan E. Hatch
- Case Identification: 1:18-cv-00454, D. Del., 03/25/2018
- Venue Allegations: Venue is alleged to be proper in the District of Delaware because the Defendant is a Delaware corporation.
- Core Dispute: Plaintiff alleges that Defendant’s Parallels Access remote desktop software infringes patents related to a specific client-server architecture for updating user sessions on Mach-derived computer systems.
- Technical Context: The technology concerns remote desktop solutions that allow a user to access and control a host computer from a remote device, a key capability for telework, IT administration, and cross-platform computing.
- Key Procedural History: The complaint notes that during the prosecution of the '386 Patent, the patent examiner expressly found the claims to be patent-eligible under the framework set forth in Alice Corp. v. CLS Bank International.
Case Timeline
| Date | Event |
|---|---|
| 2008-09-23 | Priority Date for '386 and '502 Patents |
| 2014-12-30 | '502 Patent Issued |
| 2017-05-02 | '386 Reissue Patent Issued |
| 2018-03-25 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Reissue Patent No. RE46,386 - "Updating a user session in a Mach-derived computer system environment"
Issued May 2, 2017
The Invention Explained
- Problem Addressed: The patent describes a problem in terminal server environments where conventional methods for providing remote graphical displays can be insecure and inefficient, potentially leading to information "being passed across user session boundaries" ('386 Patent, col. 2:20-22). This presents security risks and performance bottlenecks, particularly for multi-user systems ('386 Patent, col. 1:40-50).
- The Patented Solution: The invention proposes a split software architecture to address this issue. It uses an "agent server" that runs within a user's session (a "user context") and a corresponding "agent client" that runs in a separate process and context ('386 Patent, col. 7:56-65). Instead of directly exposing the user session to the network, these two components communicate with each other, for example via a shared portion of computer memory, to securely and efficiently transfer display and input data for the remote user ('386 Patent, Abstract; col. 4:47-55).
- Technical Importance: This architectural approach was intended to enable more secure and robust multi-user terminal services on Mach-derived operating systems, which had previously lacked such solutions (Compl. ¶7-8).
Key Claims at a Glance
- The complaint asserts independent claim 1 (Compl. ¶21).
- The essential elements of claim 1 include:
- Creating a user computer context on a Mach-derived computing device, which incorporates an agent server.
- Associating the agent server with an agent client, where both are executed on the device but in "separate processes and in separate Mach contexts".
- Generating, by the agent server, data corresponding to an updated user instance.
- Determining, by the agent server, that a portion of the user computer data has been updated.
- Transferring the updated data between the agent server and agent client via a "computer system communication facility."
- Transmitting the data over a communications network to a remote computer system.
- The complaint does not explicitly reserve the right to assert dependent claims, though such a reservation is common practice.
U.S. Patent No. 8,924,502 - "System, method and computer program product for updating a user session in a Mach-derived system environment"
Issued Dec. 30, 2014
The Invention Explained
- Problem Addressed: The patent identifies challenges in securely and synchronously updating remote graphical displays, especially when large amounts of data (e.g., video) must be transmitted without overwhelming the system or creating security vulnerabilities ('502 Patent, col. 2:14-28, col. 4:35-49).
- The Patented Solution: Like the '386 Patent, the '502 Patent describes a solution using a split "KVM agent" server/client system ('502 Patent, col. 2:41-43). An agent server in a first context and an agent client in a second context communicate via mechanisms like shared memory to handle the transfer of user data, such as display updates or keyboard/mouse inputs ('502 Patent, Abstract; col. 4:47-60). This architecture is designed to be protocol-independent, allowing it to adapt to different remote access protocols ('502 Patent, col. 2:50-54).
- Technical Importance: This method aimed to provide a faster, more robust, and more secure remote computing environment by separating the user session management from the network communication tasks (Compl. ¶4).
Key Claims at a Glance
- The complaint asserts independent claim 37 (Compl. ¶36).
- The essential elements of claim 37 include:
- Creating a first context with an agent server and a second context with an agent client on a Mach-derived system, running in separate processes.
- Receiving, by the agent client, data over a network from a remote system.
- Transferring the data "to or from the agent server" via a system communication facility.
- Processing, by the agent server, data corresponding to the updated user instance.
- Determining, by the agent server, that user data has been updated.
- Transferring data to the agent client based on the determination.
- Transmitting data from the agent client over the network to the remote system.
- The complaint does not explicitly reserve the right to assert dependent claims.
III. The Accused Instrumentality
Product Identification
The accused instrumentality is Defendant's Parallels Access software, with version 3.2.0 identified as a representative product (Compl. ¶21, 36).
Functionality and Market Context
Parallels Access is a remote desktop application that enables users to access and control a host computer, such as one running Apple's MacOS, from another device over a network (Compl. ¶23). The complaint alleges that the software's core functionality is achieved through a split architecture. It identifies a program named prl_deskctl_agent that allegedly functions as the claimed "agent server" within the user context, and a program named prl_pm_service that allegedly functions as the claimed "agent client" within the system context (Compl. ¶23-24). These two components are alleged to communicate using shared memory and sockets to manage the remote user's session data (Compl. ¶27-28). No probative visual evidence provided in complaint.
IV. Analysis of Infringement Allegations
RE46,386 Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A computer-implemented method for updating a user instance, the method comprising: creating at least one user computer context configured to be executed on a Mach-derived computing device... wherein each of the at least one user computer context is configured to incorporate an agent server | Parallels Access creates a user context on a MacOS device (alleged to be Mach-derived) and incorporates the prl_deskctl_agent program, which is alleged to be the agent server. |
¶23 | col. 4:1-5; 13-15 |
| associating the agent server with an agent client, wherein the agent client and the agent server are configured to be executed on the Mach-derived computing device, but in separate processes and in separate Mach contexts | The prl_deskctl_agent program (agent server) is associated with the prl_pm_service program (agent client), and they run in separate processes within the user context and system context, respectively. |
¶24 | col. 4:56-65 |
| determining, by the agent server, that any portion of the user computer data has been updated | The prl_deskctl_agent program allegedly determines that user data has been updated by processing data in the sub_1006d71c0 procedure via a callback when new frames are available. |
¶26 | col. 6:21-25 |
| transferring the data corresponding to the updated user instance between the agent server and the agent client via a computer system communication facility... wherein the computer system communication facility comprises at least one of: a socket, a file, a port, a shared computer memory, or a pipe | Data is allegedly transferred between the prl_deskctl_agent and prl_pm_service programs using shared memory (via shm_open) and sockets. |
¶27-28 | col. 4:47-55 |
| transmitting the data... over a communications network to a remote computer system for update of the user instance | The prl_pm_service program (agent client) allegedly transmits data over the network to the remote system via a web server implementation. |
¶29 | col. 6:37-46 |
8,924,502 Infringement Allegations
| Claim Element (from Independent Claim 37) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| A method for transmitting and receiving data, the method comprising: creating a first context on a Mach-derived system... wherein the first context incorporates an agent server; creating a second context on the Mach-derived system, wherein the second context incorporates an agent client; wherein the agent client and the agent server are executed on the Mach-derived system, but in separate processes | Parallels Access is alleged to create a user context (first context) with the prl_deskctl_agent program (agent server) and a system context (second context) with the prl_pm_service program (agent client), running in separate processes. |
¶39-40 | col. 7:40-49 |
| receiving by the agent client the data over a network from a remote system for update of a user instance | The prl_pm_service program (agent client) allegedly listens for and handles incoming TCP/IP connections from a remote system to receive data for updating the user instance. |
¶41 | col. 8:12-19 |
| transferring the data to or from the agent server via a system communication facility | The prl_deskctl_agent program connects with the prl_pm_service program using a system communication facility such as a socket or shared memory to transfer data. |
¶43 | col. 8:59-67 |
| determining, by the agent server, that any portion of the user data has been updated | The prl_deskctl_agent program allegedly determines data has been updated and performs processing via a callback when new frames are available for the user instance. |
¶46 | col. 8:6-9 |
| transmitting from the agent client the data over the network to the remote system for update of the user instance | Data is allegedly transmitted from the prl_pm_service program (agent client) over the network to the remote system via a web server implementation, referencing log messages like "HttpServer". |
¶48 | col. 8:12-19 |
- Identified Points of Contention:
- Scope Questions: The case may raise the question of whether the "user context" and "system context" where the accused programs allegedly run constitute "separate Mach contexts" as required by the claims. The precise definition of this term could be a central point of dispute.
- Technical Questions: The infringement allegations rely heavily on function names and procedures identified via a disassembler, with the complaint acknowledging that "Actual source code function names may be different" (Compl. ¶22, 37). A primary technical question will be whether the accused
prl_deskctl_agentandprl_pm_serviceprograms, in their actual operation, perform the specific functions recited in the claims (e.g., "determining... that any portion of the user computer data has been updated") or if there is a functional mismatch.
V. Key Claim Terms for Construction
The Term: "agent server" / "agent client"
- Context and Importance: These terms define the core components of the claimed invention. The infringement case depends entirely on mapping Defendant’s
prl_deskctl_agentandprl_pm_serviceprograms to these respective claim terms. Practitioners may focus on these terms because their scope will determine whether the accused architecture falls within the patent's boundaries. - Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The '502 Patent specification describes the components functionally, stating they "can provide remote input and output for a user context" ('502 Patent, col. 4:13-15). This may support an interpretation covering any two software modules that perform these server and client roles in a separated architecture.
- Evidence for a Narrower Interpretation: The specification also describes the components as a "KVM agent" server/client system ('502 Patent, col. 2:41-43, emphasis on Keyboard, Video, Mouse) and illustrates a specific embodiment in Figure 1. This could support a narrower construction limited to systems that more closely track this specific KVM-focused implementation.
- Context and Importance: These terms define the core components of the claimed invention. The infringement case depends entirely on mapping Defendant’s
The Term: "separate Mach contexts"
- Context and Importance: This limitation is crucial for establishing the novel architectural separation that is central to the patents' claimed solution. Infringement hinges on whether running one process in a "user context" and another in a "system context" satisfies this requirement (Compl. ¶24).
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patents describe that in some implementations, "each user context... is kept separate from all other existing user contexts" with "separate memory utilization, file system access, and/or process execution" ('502 Patent, col. 3:63-4:2). This functional description could support a broad reading.
- Evidence for a Narrower Interpretation: The term's explicit reference to "Mach" could be argued to require a specific type of separation grounded in the technical features of the Mach kernel, rather than a more general operating system-level separation of processes with different user privileges.
VI. Other Allegations
- Indirect Infringement: The complaint alleges direct and indirect infringement pursuant to 35 U.S.C. § 271(a), (b), and (c) (Compl. ¶30, 49). However, it does not plead specific facts to support the knowledge and intent elements required for induced infringement or contributory infringement, such as references to user manuals or marketing materials that instruct infringing use.
- Willful Infringement: The complaint does not contain allegations of willful infringement.
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of definitional scope: can the claim terms "agent server" and "agent client", as defined in the context of the patent's "KVM agent" embodiments, be construed broadly enough to read on the accused
prl_deskctl_agentandprl_pm_serviceprograms as they function within the Parallels Access software? - A key evidentiary question will be one of technical proof: beyond inferences from disassembled function names, what evidence will demonstrate that the accused software performs the specific, multi-step methods of the asserted claims? In particular, the case may turn on whether Parallels Access's method for detecting screen changes is functionally the same as the claimed step of "determining... that any portion of the user computer data has been updated."
Analysis metadata