PTAB

IPR2014-00404

Microsoft Corp v. VirnetX Inc

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Method for Establishing Secure Communication Link Between Computers of Virtual Private Network
  • Brief Description: The ’274 patent relates to a method for establishing a secure virtual private network (VPN) communication link. The method involves a client device transparently querying a specialized "secure domain name service" to resolve a non-standard, secure domain name into a secure network address, and then using that address to establish an encrypted VPN connection to a target server.

3. Grounds for Unpatentability

Ground 1: Anticipation by Kiuchi - Claims 1-4, 7, 8, 10, 12, 15, and 17 are anticipated by Kiuchi under 35 U.S.C. §102.

  • Prior Art Relied Upon: Kiuchi (Takahiro Kiuchi et al., C-HTTP -- The Development of a Secure, Closed HTTP-based Network on the Internet (Feb. 1996)).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Kiuchi, which had not been considered during prosecution, discloses every element of the challenged claims. Kiuchi describes a "C-HTTP" protocol for creating a "closed HTTP-based virtual network" between trusted institutions, which directly corresponds to the claimed VPN. The system uses a client-side proxy (first network device) and a server-side proxy (second network device). To establish a connection, the client-side proxy queries a "C-HTTP name server" for the IP address of the server-side proxy. Petitioner asserted this name server is the claimed "secure domain service" as it resolves non-standard hostnames that a conventional DNS cannot. After receiving the IP address (secure network address) in an encrypted response, the client-side proxy establishes an encrypted C-HTTP connection (the VPN communication link) with the server-side proxy to send access requests. This process, Petitioner contended, maps directly to the steps recited in independent claim 1.

Ground 2: Obviousness over Kiuchi and Lindblad - Claim 5 is obvious over Kiuchi in view of Lindblad.

  • Prior Art Relied Upon: Kiuchi (a Feb. 1996 symposium proceeding) and Lindblad (Patent 6,225,993).

  • Core Argument for this Ground:

    • Prior Art Mapping: This ground addressed dependent claim 5, which adds the limitation that the services provided over the VPN link comprise "audio, video, or any combination thereof." Petitioner argued that while Kiuchi's C-HTTP system provides a secure VPN for transferring data objects (like HTML documents), it does not explicitly mention video services. Lindblad, however, teaches a method for easily incorporating motion video into HTML documents using applets for transport over standard HTTP.
    • Motivation to Combine: A POSITA would combine Kiuchi with Lindblad to enhance the capabilities of Kiuchi's secure network. Since Kiuchi’s system already transfers HTML objects over an HTTP-based protocol, incorporating Lindblad’s method for embedding video within those HTML objects was a predictable and desirable improvement to provide richer content to users within the secure network.
    • Expectation of Success: A POSITA would have a high expectation of success because both references leverage standard, compatible technologies (HTML and HTTP). Integrating a video-embedding applet (Lindblad) into an HTML document being transferred by an HTTP-based system (Kiuchi) was a straightforward application of known design principles.

  • Additional Grounds: Petitioner asserted additional obviousness challenges, including combining Kiuchi with Bhatti (Patent 8,200,837) as an alternative basis for teaching a standard HTTP access request framework (Ground 3), and combining all three references (Kiuchi, Bhatti, and Lindblad) against claim 5 (Ground 4).

4. Key Claim Construction Positions

  • "virtual private network": Petitioner proposed construing this term as "a network of computers that privately communicate with each other by encrypting traffic on insecure communication paths between the computers." This construction was based on a district court's construction of the same term in litigation involving the parent ’180 patent, arguing it reflects the broadest reasonable interpretation consistent with the specification.
  • "secure domain name": Petitioner argued this term should be construed as "a non-standard domain name that corresponds to a secure computer network address and cannot be resolved by a conventional DNS." This position was based on statements in the ’274 patent specification and arguments made by the patent owner during reexamination of the parent patent.
  • "secure domain name service": Correspondingly, Petitioner proposed construing this term as "a service that can resolve secure computer network addresses for a secure domain name for which a conventional domain name service cannot resolve addresses." This construction was asserted to be necessary to distinguish the claimed invention from conventional DNS systems, a distinction emphasized during prosecution.
  • "tunneling": For dependent claim 12, Petitioner proposed construing "tunneling" as "encapsulating a payload of a first protocol in a second protocol." This construction was intended to be broad enough to cover application-level tunneling, such as encapsulating an HTTP request within Kiuchi's secure C-HTTP protocol.

5. Relief Requested

  • Petitioner requests institution of an inter partes review and cancellation of claims 1-5, 7, 8, 10, 12, 15, and 17 as unpatentable.