DCT

1:10-cv-00115

TecSec Inc v. IBM Corp

Log In
Key Events
Amended Complaint

I. Executive Summary and Procedural Information

  • Parties & Counsel:
  • Case Identification: 1:10-cv-00115, E.D. Va., 07/06/2010
  • Venue Allegations: Plaintiff alleges venue is proper in the Eastern District of Virginia because Defendants are subject to personal jurisdiction in the district and have committed acts of infringement there. Plaintiff TecSec also notes its sole office location has always been in the district.
  • Core Dispute: Plaintiff alleges that a wide range of Defendants’ enterprise software, database, security, and e-commerce products infringes a portfolio of twelve patents related to object-level data encryption, XML encryption, and cryptographic key management.
  • Technical Context: The patents address methods for securing discrete units of data ("objects") within larger files or data streams, a foundational technology for granular access control in complex software systems and secure online transactions.
  • Key Procedural History: The complaint does not reference any prior litigation, inter partes review proceedings, or licensing history concerning the patents-in-suit.

Case Timeline

Date Event
1993-10-18 Earliest Priority Date for ’702, ’452, ’755, ’781 Patents
1994-11-29 U.S. Patent No. 5,369,702 Issued
1997-10-21 U.S. Patent No. 5,680,452 Issued
1998-02-10 U.S. Patent No. 5,717,755 Issued
1999-04-27 U.S. Patent No. 5,898,781 Issued
2001-10-20 Earliest Priority Date for ’433 Patent
2003-04-01 U.S. Patent No. 6,542,608 Issued
2003-08-12 U.S. Patent No. 6,606,386 Issued
2004-02-17 U.S. Patent No. 6,694,433 Issued
2005-04-26 U.S. Patent No. 6,885,747 Issued
2006-06-27 U.S. Patent No. 7,069,448 Issued
2006-08-22 U.S. Patent No. 7,095,852 Issued
2007-05-01 U.S. Patent No. 7,212,632 Issued
2010-07-06 Second Amended Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

The complaint alleges infringement of "one or more claims" of the patents-in-suit but does not identify specific claims (Compl. ¶¶ 32, 57). For the purpose of this analysis, the principal independent claim of each lead patent is analyzed as a representative example of the asserted technology.

U.S. Patent No. 5,369,702 - "Distributed Cryptographic Object Method," issued November 29, 1994

The Invention Explained

  • Problem Addressed: The patent describes conventional encryption as inflexible for complex organizational needs, where different individuals or groups require varying levels of access to portions of the same data, or where access must be restricted to specific locations or devices (’702 Patent, col. 2:5-24).
  • The Patented Solution: The invention proposes a system using an "object-oriented key manager" to cryptographically secure discrete data "objects." These encrypted objects can then be embedded within other objects (encrypted or not), creating a nested, multi-level security hierarchy. Access to each object is controlled by "labels" that define who is permitted to decrypt it, allowing for granular control over information flow (’702 Patent, col. 3:11-34; Fig. 1).
  • Technical Importance: This approach enabled "multi-level multimedia security," moving beyond file-level encryption to allow for the protection of specific components within a larger document or data structure (’702 Patent, col. 3:6-10).

Key Claims at a Glance

  • The complaint does not specify which claims are asserted (Compl. ¶¶ 32-53). Claim 1, an independent method claim, is representative of the core invention and includes the following essential elements:
    • Accessing an object-oriented key manager
    • Selecting an object to encrypt
    • Selecting a label for the object
    • Selecting an encryption algorithm
    • Encrypting the object according to the algorithm
    • Labelling the encrypted object
    • Reading the object label, determining access authorization, and decrypting if authorized

U.S. Patent No. 5,680,452 - "Distributed Cryptographic Object Method," issued October 21, 1997

The Invention Explained

  • Problem Addressed: This patent, a continuation-in-part of the application leading to the ’702 Patent, addresses the same general problem of providing flexible, multi-level data security (’452 Patent, col. 1:12-2:68).
  • The Patented Solution: The ’452 Patent builds upon the ’702 Patent's system by introducing more specific "label attributes" to control access based on location, group, or other criteria, and to specify the type of access permitted (e.g., "read-only, write-only, and print-only") (’452 Patent, Abstract). It further discloses that information about nested, embedded objects can be presented in a "header array," allowing an authorized user to see the structure of the embedded objects and access them directly (’452 Patent, Abstract).
  • Technical Importance: This invention refined object-level security by detailing specific attribute-based access rules and providing a mechanism for navigating complex, nested encrypted data structures.

Key Claims at a Glance

  • The complaint does not specify which claims are asserted (Compl. ¶¶ 57-78). Claim 1, an independent method claim, is representative and includes the following essential elements:
    • Accessing an object-oriented key manager
    • Selecting a first object to encrypt and a first label for it
    • Encrypting and labelling the first object
    • Displaying the first label as a header array
    • Determining access authorization based on the label and decrypting if granted

Multi-Patent Capsule: U.S. Patent No. 5,717,755

  • Patent Identification: 5717755, "Distributed Cryptographic Object Method," February 10, 1998.
  • Technology Synopsis: A continuation of the ’452 Patent, this patent further details a method for providing multi-level security where encrypted objects can be embedded within, and "covered" by, other objects, creating an access hierarchy (’755 Patent, col. 1:4-9). The claims focus on the steps of embedding and subsequently "uncovering" the object if access is authorized.
  • Asserted Claims: Not specified in the complaint (Compl. ¶¶ 82-103).
  • Accused Features: The complaint accuses enterprise software and database products of infringing by performing "sub-file, object-based encryption" (Compl. ¶ 82).

Multi-Patent Capsule: U.S. Patent No. 5,898,781

  • Patent Identification: 5898781, "Distributed Cryptographic Object Method," April 27, 1999.
  • Technology Synopsis: This patent is another continuation in the same family, directed at a system and method for multi-level multimedia security. It continues to claim the core concepts of selecting, encrypting, and labeling data objects and controlling access based on those labels (’781 Patent, Abstract).
  • Asserted Claims: Not specified in the complaint (Compl. ¶¶ 107-128).
  • Accused Features: The complaint accuses various software products of infringing by performing "sub-file, object-based encryption" (Compl. ¶ 107).

Multi-Patent Capsule: U.S. Patent No. 6,694,433

  • Patent Identification: 6694433, "XML Encryption Scheme," February 17, 2004.
  • Technology Synopsis: This patent addresses securing data within XML (Extensible Markup Language) documents. The invention describes a method where portions of an XML document are encrypted based on their associated XML tags, allowing for granular encryption of specific data elements (e.g., encrypting a <credit card> element while leaving a <name> element in plaintext) (’433 Patent, col. 1:47-51).
  • Asserted Claims: Not specified in the complaint (Compl. ¶¶ 132-154).
  • Accused Features: The complaint accuses products that perform "sub-file, object-based XML encryption," specifically targeting systems from eBay and PayPal that allegedly create and transmit "XML-based" messages with encrypted portions (Compl. ¶¶ 132, 147).

Multi-Patent Capsule: Other Patents-in-Suit

  • The complaint also asserts U.S. Patent Nos. 7069448 ("Context Oriented Crypto Processing on a Parallel Processor Array"), 6542608, 6606386, 6885747, and 7212632 (all titled "Cryptographic Key Split Combiner"), and 7095852 ("Cryptographic Key Split Binder For Use With Tagged Data Elements") (Compl. ¶ 1). The complaint alleges these patents are infringed by products that perform "encryption utilizing parallel processing" or "encryption utilizing split keys" (Compl. ¶¶ 158, 167).

III. The Accused Instrumentality

Product Identification

  • The complaint names a vast array of enterprise and commercial software products from twelve separate defendant groups. These include, among others, IBM's DB2 and WebSphere product lines; SAS's Intelligence Platform; SAP's NetWeaver and BusinessObjects applications; Cisco's ACE XML Gateway; various Java, MySQL, and Solaris products from Oracle America; Adobe Acrobat and LiveCycle; and the online payment systems of eBay and PayPal (Compl. ¶¶ 32, 34, 36, 38, 40, 42, 44, 46, 48, 50, 52).

Functionality and Market Context

  • The complaint alleges that these products, which form the backbone of many corporate IT and e-commerce systems, incorporate specific types of encryption technology. The central accused functionality is broadly described as "sub-file, object-based encryption," "XML encryption," "parallel processing encryption," and "split key encryption" (Compl. ¶ 25). The allegations against eBay and PayPal are the most specific, describing a system where financial information is collected, portions of an HTML web page or XML message are encrypted, and an "object-encrypted file" is passed to a payment processor (Compl. ¶¶ 48, 147).

IV. Analysis of Infringement Allegations

No probative visual evidence provided in complaint.

’702 Patent Infringement Allegations (Representative Claim 1)

The complaint does not provide a claim chart. The following is a summary based on the narrative allegations.

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
A) accessing an object-oriented key manager; The accused products are alleged to be systems that perform encryption on data objects, which suggests the presence of a component for managing the cryptographic keys and processes for those objects. ¶¶ 32, 46, 48 col. 4:58-61
B) selecting an object to encrypt; The complaint alleges the products perform "sub-file, object-based encryption," which implies the selection of discrete data units (objects) smaller than an entire file for the encryption process. ¶¶ 32, 46, 48 col. 7:1-12
C) selecting a label for the object; The complaint alleges the products provide security and access control, which may suggest a mechanism for associating permissions or rules with data, analogous to the claimed "label." Specific allegations regarding "labels" are not present for most accused products. ¶¶ 2, 24 col. 7:13-14
H) determining access authorization based on the object label; and I) decrypting... The core function of the accused security products is to control access to data. The complaint alleges these products encrypt and decrypt data for authorized users, which corresponds to this element. The eBay/PayPal system is alleged to use access control via username/password. ¶¶ 22, 48 col. 2:44-57

’452 Patent Infringement Allegations (Representative Claim 1)

The complaint does not provide a claim chart. The following is a summary based on the narrative allegations.

Claim Element (from Independent Claim 1) Alleged Infringing Functionality Complaint Citation Patent Citation
A) accessing an object-oriented key manager; (See analysis for ’702 Patent, supra) ¶¶ 57, 73 col. 3:55-58
C) selecting a first label for the first object; (See analysis for ’702 Patent, supra) The complaint alleges eBay and PayPal systems employ access control through username/password technology, which may correspond to the function of a label. ¶¶ 2, 73 col. 5:15-25
F) displaying the first label as a header array; The complaint does not contain allegations describing the display of a "header array" or any similar structure for navigating nested encrypted objects. This element appears to lack a direct factual allegation. N/A col. 6:9-14
H) determining access authorization based on the first object label; The accused products are security platforms that necessarily determine authorization before granting access to protected data, which is the function of this element. ¶¶ 57, 73 col. 6:2-9

Identified Points of Contention

  • Scope Questions: The infringement analysis may focus on the definition of an "object." It raises the question of whether the term, as defined in the patents in the context of embedding application files, can be construed to cover the varied data structures allegedly encrypted by the accused products, such as individual database fields, XML elements, or portions of HTML code (Compl. ¶¶ 32, 48, 147).
  • Technical Questions: The complaint's allegations are often high-level and functional (e.g., "perform...object-based encryption") rather than structural. A key question will be whether the accused products actually perform the specific steps recited in the claims. For the ’452 Patent, for instance, the complaint does not appear to provide evidence that the accused products use a "header array" as claimed.

V. Key Claim Terms for Construction

  • The Term: "object"

    • Context and Importance: This term is foundational to the asserted claims of the early patents in the portfolio. Its construction will be critical to determining infringement, as the dispute centers on whether database entries, XML elements, and portions of web pages constitute "objects" in the patented sense.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The ’702 Patent specification states an object can be "any distinct, separate entity" and provides a non-exhaustive list including "a bit of information, a byte of information, Sound Clips, Video Clips, Graphic Images, text," and more (’702 Patent, col. 3:49-54). This language may support a broad definition.
      • Evidence for a Narrower Interpretation: The detailed examples in the patents focus on "Program objects," "Folder objects," and "Data file objects," such as embedding an encrypted WordPerfect file inside a container object (’702 Patent, col. 4:1-12; col. 7:36-50). This focus on application-level files could suggest a narrower construction.

  • The Term: "object-oriented key manager"

    • Context and Importance: This term recites the central component of the claimed system in the ’702 and ’452 Patents. Practitioners may focus on this term because its definition will determine whether the accused products, which may have distributed key management services, contain the specific "manager" required by the claims.
    • Intrinsic Evidence for Interpretation:
      • Evidence for a Broader Interpretation: The claim language itself does not impose specific structural limitations, suggesting it could cover any software module that manages cryptographic keys on an object-by-object basis.
      • Evidence for a Narrower Interpretation: The specification explicitly refers to the invention's implementation as "the Object-Oriented Key Manager (OOKeyMan)," described as a "Microsoft Windows TM stand alone application" (’702 Patent, col. 4:58-61). This specific embodiment could be used to argue for a more limited construction of the claim term.

VI. Other Allegations

  • Indirect Infringement: The complaint alleges both induced and contributory infringement against all defendants for each asserted patent. The basis for inducement is the allegation that defendants "actively and knowingly" provide customers with "detailed explanations, instructions, information, and support services" that instruct them on how to use the products in an infringing manner (Compl. ¶ 32). Contributory infringement is alleged on the basis that the products are a "material element" of the infringing activity and are "not staples of commerce with substantial noninfringing uses" (Compl. ¶ 32).
  • Willful Infringement: The complaint alleges that defendants have "knowingly or with reckless disregard willfully infringed" the patents-in-suit, acting "despite an objectively high likelihood that their actions constituted infringement" (Compl. ¶ 209). The allegation appears to be based on knowledge as of the filing of the complaint and ongoing post-filing conduct (Compl. ¶¶ 209-210).

VII. Analyst’s Conclusion: Key Questions for the Case

  • A core issue will be one of definitional scope: can the term "object," rooted in the patents' examples of embedding application documents, be construed broadly enough to cover the diverse data structures accused of infringement, such as individual XML elements, database fields, and portions of HTML code? The resolution of this question will likely determine the reach of the patent portfolio across modern enterprise and web technologies.
  • A second central issue will be one of evidentiary mapping: does the complaint, which relies heavily on high-level functional descriptions, provide sufficient factual support to demonstrate that the accused products actually practice the specific, multi-step methods recited in the claims? The apparent absence of allegations corresponding to claim elements like the "header array" of the ’452 Patent suggests that establishing a direct technical correspondence between the accused products and the patent claims will be a primary point of contention.
  • A third key question relates to the specificity of the technology. The complaint groups a wide array of patents covering distinct-though-related concepts (object encryption, XML encryption, split-key binding) and asserts them against a vast and varied set of products. The case may require a significant effort to disentangle these technologies and determine whether, for any given product, the specific allegations align with the claims of a specific patent.