DCT

6:22-cv-01110

AttestWave LLC v. Ivanti Inc

Log In
Key Events
Complaint
complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 6:22-cv-01110, W.D. Tex., 10/26/2022
  • Venue Allegations: Plaintiff alleges venue is proper because Defendant maintains an established place of business within the district and has committed the alleged acts of patent infringement there.
  • Core Dispute: Plaintiff alleges that Defendant’s unspecified products infringe a patent related to methods for managing and validating trusted data flows in computer networks.
  • Technical Context: The technology concerns network security, specifically systems for ensuring the integrity and authenticity of software generating data traffic to prevent malicious behavior like denial-of-service attacks.
  • Key Procedural History: The complaint does not mention any prior litigation, Inter Partes Review (IPR) proceedings, or licensing history related to the patent-in-suit.

Case Timeline

Date Event
2002-03-16 ’704 Patent Priority Date
2007-12-04 ’704 Patent Issue Date
2022-10-26 Complaint Filing Date

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 7,305,704 - "Management of trusted flow system"

The Invention Explained

  • Problem Addressed: The patent’s background section describes the inherent vulnerability of TCP/IP networks where users can potentially modify end-station software to misbehave, for example by overburdening the network in a denial-of-service attack or otherwise failing to comply with agreed-upon transmission rules (’704 Patent, col. 1:20-24; col. 2:35-41).
  • The Patented Solution: The invention proposes a two-part system to ensure that data packets originate from authentic, "well-behaved" software. A "Trusted Flow Generator" (TFG) on an end-user’s machine is cryptographically "interlocked" with a "Trusted Tag Checker" (TTC) located at a network interface, such as a firewall. The TFG generates and attaches a unique, unpredictable "security tag" to data packets. The remote TTC, which knows how the tags are supposed to be generated, validates the tag. A valid tag indicates the packet comes from a trusted source and can be given priority, while an invalid tag suggests tampering or misbehavior, and the packet can be discarded (’704 Patent, Abstract; Fig. 1; col. 2:10-22).
  • Technical Importance: The described system provides a mechanism to proactively validate the integrity of a traffic source, rather than simply reacting to misbehavior after it has been detected by traditional network security tools (’704 Patent, col. 2:51-56).

Key Claims at a Glance

  • The complaint does not specify which claims are asserted, instead referencing an unattached "Exhibit B" (Compl. ¶12). Assuming the assertion of Claim 1, the first independent claim, its essential elements are:
    • A system for validating software execution at a remote location.
    • A "trusted flow generator (TFG) subsystem" at a remote network location comprising trusted software.
    • A "trusted tag checker (TTC) subsystem" at a validating location.
    • The TFG subsystem locally generates a sequence of security tags responsive only to proper execution of the software module.
    • A communications network couples the TFG and TTC subsystems.
    • The TTC subsystem has logic to generate its own sequence of security tags and validates proper execution by comparing its locally generated tags against the tags received from the TFG subsystem.
    • The validation confirms proper execution "without variation."
  • The complaint states that Plaintiff reserves the right to assert infringement of "one or more claims" of the ’704 Patent (Compl. ¶12).

III. The Accused Instrumentality

Product Identification

The complaint fails to identify any accused product, method, or service by name. It refers only to "the Defendant products identified in the charts incorporated into this Count as Exhibit B" (Compl. ¶12). This exhibit was not provided with the complaint.

Functionality and Market Context

The complaint does not provide sufficient detail for analysis of the accused instrumentality's functionality or market context.

IV. Analysis of Infringement Allegations

The complaint references claim charts in an unattached "Exhibit B" to support its infringement allegations (Compl. ¶17). Without access to these charts or any identification of the accused products, a substantive analysis of the infringement allegations is not possible.

No probative visual evidence provided in complaint.

  • Identified Points of Contention: Based on the language of independent claim 1 of the ’704 Patent, several technical and legal questions may arise during litigation.
    • Scope Questions: A central question will be whether the architecture of any accused Ivanti product maps to the patent’s required two-part structure of a remote "TFG subsystem" communicating with a "TTC subsystem." The definition and required separation of these "subsystems" will likely be a point of dispute.
    • Technical Questions: The claim requires that security tags be generated "responsive only to proper execution" of a software module. This raises the evidentiary question of whether Plaintiff can prove this exclusive causal link. Furthermore, the claim requires the TTC to validate execution "without variation," which raises the question of whether this requires literal, bit-for-bit identity in a validation process or allows for functional equivalence.

V. Key Claim Terms for Construction

  • The Term: "validating proper execution ... without variation" (Claim 1)

  • Context and Importance: This phrase is critical as it defines the standard for the validation performed by the TTC subsystem. Practitioners may focus on this term because the words "without variation" suggest a very strict, absolute standard of comparison, which could be a high bar for the Plaintiff to meet to prove infringement.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The specification describes the goal as assuring "compliance" and determining if a flow is "trusted," which could support a functional interpretation where minor, inconsequential differences do not defeat a finding of validation (’704 Patent, col. 2:12-22).
    • Evidence for a Narrower Interpretation: The plain meaning of "without variation" implies an exact match. The patent's description of a checker having "a copy of the pseudo-random generator" used by the source further suggests an identical process is contemplated for the validation to function correctly (’704 Patent, col. 2:16-18).

  • The Term: "responsive only to proper execution" (Claim 1)

  • Context and Importance: This limitation defines the required link between the software’s operation and the security tag it generates. The term "only" is a significant constraint that will be central to the infringement analysis.

  • Intrinsic Evidence for Interpretation:

    • Evidence for a Broader Interpretation: The specification’s focus is on ensuring a program is "well behaved" (’704 Patent, col. 4:36-38). A party might argue that as long as the program operates correctly, any tag it generates is fundamentally responsive to that proper execution, even if other ambient data is used in the calculation.
    • Evidence for a Narrower Interpretation: The use of "only" could be argued to exclude any other input or factor from the tag generation process. If an accused system’s tag generation is influenced by anything other than the execution of the specific software module itself (e.g., system load, external data), a defendant could argue this element is not met.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges induced infringement, asserting that Defendant’s "product literature and website materials" instruct customers on how to use the accused products in an infringing manner (Compl. ¶15).
  • Willful Infringement: The complaint does not allege pre-suit knowledge. The allegations of knowledge and willfulness are based entirely on the notice provided by the filing of the lawsuit itself (Compl. ¶14, ¶16).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A threshold issue will be one of pleading sufficiency: given that the complaint fails to identify any accused products or provide any factual basis for infringement beyond referencing an unattached exhibit, a primary question is whether the allegations are sufficient to proceed under federal pleading standards.
  • A core technical issue will be one of architectural mapping: can the functionality of an Ivanti product be convincingly mapped onto the patent’s required bipartite structure of a remote "TFG subsystem" communicating with a distinct "TTC subsystem," as claimed?
  • A key question of claim scope will be whether infringement requires meeting the strict functional limitations of the claims, specifically whether an accused product generates security tags "responsive only to proper execution" and performs validation "without variation." The interpretation of these absolute terms will likely be dispositive.