Apple Inc v. VirnetX

1. Case Identification

• Case #: IPR2013-00393
• Patent #: 7,418,504
• Filed: July 1, 2013
• Petitioner(s): Apple Inc.
• Patent Owner(s): VirnetX, Inc. and Science Application International Corporation
• Challenged Claims: 1-3, 5-8, and 14-60

2. Patent Overview

• Title: Agile Network Protocol for Secure Communications Using Secure Domain Names
• Brief Description: The ’504 patent describes systems and methods for establishing secure communication links, like Virtual Private Networks (VPNs), by leveraging a Domain Name Service (DNS) system. The DNS system is configured to store domain names, receive queries, and provide an "indication" that it supports secure communications, thereby initiating a secure link transparently to the user.

3. Grounds for Unpatentability

Ground 1: Anticipation - Claims 1-3, 5-8, and 14-60 are anticipated by Aventail under 35 U.S.C. §102.

• Prior Art Relied Upon: Aventail (Aventail Connect v3.01/2.5 Administrator’s Guide).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Aventail, an administrator’s guide for a commercial VPN product published by January 1999, disclosed every element of the challenged claims. The Aventail system, comprising client software (Aventail Connect) and a server (Extranet Server), functions as the claimed "domain name service system." It intercepts DNS queries on a client computer and uses locally stored "redirection rules" in a configuration file to determine if a requested domain name requires a secure connection. This file stores a "plurality of domain names and corresponding network addresses." When a DNS query matches a redirection rule, Aventail establishes a secure, encrypted VPN connection to the target resource. Petitioner asserted that the successful establishment of this secure link, or alternatively an "Indicator" pop-up window described in Aventail for displaying network traffic information, constitutes the claimed "indication that the domain name service system supports establishing a secure communication link." Petitioner contended this system anticipates independent claims 1, 36, and 60, as well as the various dependent claims reciting features like using the Internet, employing edge routers, and authenticating queries with cryptographic techniques, all of which are described functionalities of the Aventail VPN system.

Ground 2: Obviousness - Claims 3, 31, 32, 55, and 56 are obvious over Aventail in view of Beser under 35 U.S.C. §103.

• Prior Art Relied Upon: Aventail and Beser (Patent 6,496,867).

• Core Argument for this Ground:

  • Prior Art Mapping: As an alternative to anticipation, Petitioner argued that even if Aventail did not explicitly disclose every feature of certain dependent claims, combining it with Beser would have rendered them obvious. Beser described tunneling methods for establishing secure connections for a wide variety of multimedia and telephony applications, including those involving audio and video. For claims 31, 32, 55, and 56, which recite services like e-mail, video conferencing, audio, and video, Beser explicitly taught the desirability of supporting such applications over secure network links. For claim 3, which recites a "non-standard top-level domain name," Petitioner pointed to Beser's teaching that a "unique identifier" could be a domain name, email address, or a "dial-up number," arguing this would have suggested using non-standard identifiers like a telephone number within Aventail's framework.
  • Motivation to Combine: A person of ordinary skill in the art (POSA) would combine Aventail’s secure DNS framework with Beser's teachings to expand the functionality and utility of the secure connection. A POSA would have been motivated to enable the Aventail VPN system to securely support the popular multimedia, audio, and video applications described by Beser, as this was a known area of development for improving network security and functionality.
  • Expectation of Success: A POSA would have had a reasonable expectation of success in integrating Beser's known tunneling methods for various media types with Aventail's nested WinSock implementation, as both references operated within standard internet protocols to provide secure communications for various applications.

• Additional Grounds: Petitioner asserted an additional obviousness challenge against claims 31, 32, 55, and 56 based on Aventail alone, arguing that a POSA would have found it obvious to adapt Aventail's existing secure framework to support common applications and services like e-mail, audio, and video.

4. Key Claim Construction Positions

• Secure Communication Link: Petitioner argued for a broad construction that encompasses VPNs where network traffic is not necessarily encrypted and where computers do not need to "directly communicate." Petitioner contended that Patent Owner had disclaimed a narrower scope during prosecution of a related patent, and under the broadest reasonable construction standard used in an inter partes review (IPR), the claims must encompass this disclaimed subject matter. This construction was critical to mapping the Aventail system, which involves an intermediary server, to the claims.
• Domain Name Service System: Proposed as "a lookup service, comprising one or more applications or devices, that will return to a requester an IP address or an error code in response to a domain name resolution request." This broad construction was argued to be consistent with standard DNS functionality and necessary to cover the functionality of the Aventail client/server system.
• Indication: Argued to broadly encompass anything that indicates the system supports secure communications, including a visible signal or simply the successful establishment of the secure link itself. This allowed Petitioner to argue the functionality of the Aventail system met this limitation without requiring an explicit, separate notification message.

5. Arguments Regarding Discretionary Denial

• Petitioner argued that the petition was timely filed under §315(b). Although a prior complaint asserting the ’504 patent was served more than one year before the filing date, Patent Owner had served a new complaint in a separate civil action within the one-year window. Petitioner argued that the plain language of §315(b) states the one-year clock runs from the date the petitioner is served with "a complaint," not the "first complaint." Therefore, the service of the new complaint reset the one-year statutory bar, making the IPR petition timely.

6. Relief Requested

• Petitioner requested institution of an IPR and cancellation of claims 1-3, 5-8, and 14-60 of the ’504 patent as unpatentable.