PTAB

IPR2014-00237

Apple Inc v. ViRentx Inc

Key Events

Petition

petition

Case #: IPR2014-00237
Patent #: 8,504,697
Filed: December 6, 2013
Petitioner(s): Apple Inc.
Patent Owner(s): VirnetX, Inc. and Science Application International Corporation
Challenged Claims: 1-11, 14-25, and 28-30

Title: System and Method Employing an Agile Network Protocol for Secure Communications Using Secure Domain Names
Brief Description: The ’697 patent discloses methods and systems for establishing a secure communication link, such as a virtual private network (VPN), between two network devices. The system works by intercepting a request to look up an IP address based on a domain name, determining if the target device is available for a secure communications service, and then initiating the secure link.

Prior Art Relied Upon: Beser (Patent 6,496,867)
Core Argument for this Ground:
- Prior Art Mapping: Petitioner argued that Beser discloses every limitation of the challenged claims. Beser describes a system for establishing a secure IP tunneling association between two end devices across a public network using a trusted-third-party network device, such as a domain name server. Petitioner asserted that in Beser, a request from a first device containing a domain name of a second device is intercepted by a first network device and then sent to the trusted-third-party device. This third-party device evaluates the request, determines if the destination can establish a secure tunnel (i.e., is "available for a secure communications service"), and, if so, facilitates the automatic negotiation of the secure IP tunnel. This process was argued to meet all limitations of independent claims 1 and 16.
- Key Aspects: The argument hinges on Beser’s disclosure of a trusted-third-party device that functions like the claimed server system, intercepting a domain name-based request and determining whether to establish a secure tunnel, thereby anticipating the core inventive concept.

Prior Art Relied Upon: Beser (Patent 6,496,867) and RFC 2401 ("Security Architecture for the Internet Protocol")
Core Argument for this Ground:
- Prior Art Mapping: This ground was presented as an alternative to anticipation. Petitioner argued that to the extent Beser is found not to explicitly disclose encryption for its secure IP tunnels, adding it would have been obvious. Beser explicitly refers to the IPsec protocol as a conventional method for establishing the described tunnels. RFC 2401 defines the IPsec protocol and teaches that network traffic is automatically encrypted when sent through security gateways over a public network.
- Motivation to Combine: A POSITA would combine Beser and RFC 2401 because Beser itself directs the artisan to the IPsec protocol (defined in RFC 2401) as the standard technique for implementing its secure tunnels. The motivation was to implement Beser’s secure tunneling system using the well-known and referenced industry standard for security.
- Expectation of Success: A POSITA would have a high expectation of success because Beser’s system, which uses edge routers and gateways, is one of the network designs explicitly shown in RFC 2401. Integrating IPsec’s standard encryption into Beser’s compatible architecture would be a straightforward application of known technologies.

Prior Art Relied Upon: RFC 2543 ("SIP: Session Initiation Protocol")
Core Argument for this Ground:
- Prior Art Mapping: Petitioner argued that the Session Initiation Protocol (SIP) architecture described in RFC 2543 anticipates all challenged claims. To initiate a call (a secure communication link), a caller creates an INVITE message (a request) addressed to a callee's SIP URL, which contains a domain name. Petitioner asserted this INVITE message is intercepted by a local SIP proxy server. The server then locates the callee's server by querying a DNS server, forwards the request, and the callee's server determines if the callee is available and can support the requested call parameters (e.g., encryption), thus determining availability for a secure service. Based on this determination, a secure multimedia session is initiated.
- Key Aspects: This ground relies on mapping the steps of a standard SIP call setup to the elements of the claims, equating SIP proxy servers with the claimed intercepting servers and a SIP session with the claimed secure communication link.
Additional Grounds: Petitioner asserted additional obviousness challenges, including that claims 1-11, 14-25, and 28-30 are obvious over RFC 2543 in view of RFC 1889 (RTP) and RFC 2327 (SDP) to further detail the process of encrypting multimedia streams, and that claims 8-9 and 22-23 are obvious over RFC 2543 in view of a document on mobility support for SIP.

"Intercepting ... a request": Petitioner argued this term should be construed to mean "receiving ... a request." This position was based on prosecution history, where the Patent Owner amended the claims from "receiving" to "intercepting" to overcome a rejection but added new dependent claims (10 and 29) that defined "intercepting" as "receiving." Petitioner contended this amendment and subsequent allowance demonstrate that the broadest reasonable construction of "intercepting" must encompass "receiving," a construction that makes the claims more vulnerable to prior art.
"Secure Communication Link": Petitioner argued this term does not necessarily require all data to be encrypted. This construction was based on the doctrine of claim differentiation, as dependent claims 2 and 24 explicitly add the limitation that audio or video data is encrypted over the link. Therefore, independent claims 1 and 16, from which they depend, must be broader and cannot be limited to requiring encryption.

Petitioner requests institution of an inter partes review and cancellation of claims 1-11, 14-25, and 28-30 of the ’697 patent as unpatentable.