PTAB

IPR2014-00481

Apple Inc v. VirnetX Inc

Key Events

Petition

petition Intelligence

Case #: IPR2014-00481
Patent #: 7,188,180
Filed: March 7, 2014
Petitioner(s): Apple Inc.
Patent Owner(s): VirnetX, Inc. and Science Application International Corporation
Challenged Claims: 1, 4, 6, 10, 12-15, 17, 20, 22, 26, 28-31, 33, 35, and 37

Title: Method for Establishing Secure Communication Link Between Computers of Virtual Private Network
Brief Description: The ’180 patent discloses methods for establishing a secure communication link for a virtual private network (VPN). The system uses a specialized domain name service to resolve non-standard, secure domain names, which cannot be resolved by a conventional domain name service (DNS), to initiate a secure connection.

Prior Art Relied Upon: Provino (Patent 6,557,037).
Core Argument for this Ground:
- Prior Art Mapping: Petitioner argued that Provino disclosed every limitation of the challenged claims. Provino described a two-phase process for an external device to connect to a server within a VPN. First, a secure tunnel is created. Second, to communicate with an internal server, the external device must query a special nameserver located inside the VPN firewall. This internal nameserver resolves a "human-readable Internet address" for the internal server into an integer IP address. Petitioner contended this internal nameserver is the claimed "secure domain name service," and the human-readable address is the "secure domain name" because a conventional, external nameserver is unable to resolve it. The subsequent steps of receiving the resolved address and using it to request access to the server were alleged to map directly to the remaining limitations of independent claims 1, 17, and 33.

Prior Art Relied Upon: Provino (Patent 6,557,037), Guillen (a 1993 conference paper on QoS Routing), and Kosiur (a 1998 book on VPNs).
Core Argument for this Ground:
- Prior Art Mapping: This ground addressed dependent claims requiring a response message to contain "provisioning information" or the VPN to be based on a "predetermined level of service." Petitioner argued that while Provino provided the foundational VPN architecture, it did not explicitly disclose these features. Guillen, however, taught the use of Quality of Service (QoS) parameters to ensure network communications meet the needs of specific applications, such as multimedia, by controlling bandwidth and latency. These QoS parameters, which enable and control communication characteristics, were argued to constitute the claimed "provisioning information" and define a "level of service."
- Motivation to Combine: A Person of Ordinary Skill in the Art (POSITA) would combine Guillen's well-known QoS techniques with Provino's VPN system to support the increasing demand for real-time applications requiring guaranteed performance. Modifying Provino's internal nameserver to also store and provide QoS parameters for internal servers was presented as a simple and logical design choice.
- Expectation of Success: A POSITA would have had a high expectation of success in integrating established QoS protocols into a VPN architecture, as it was a predictable improvement to enhance network functionality.

Prior Art Relied Upon: RFC 2543 ("SIP: Session Initiation Protocol").
Core Argument for this Ground:
- Prior Art Mapping: Petitioner asserted that the Session Initiation Protocol (SIP) described in RFC 2543 inherently taught the claimed method. In SIP, a user is identified by a SIP URL (e.g., user@domain), which Petitioner equated to the "secure domain name." A caller locates a callee by querying a SIP proxy server, which resolves the SIP URL into the callee's current IP address. Petitioner argued this SIP server functions as the "secure domain name service" because it is a specialized service required to resolve the non-standard SIP URL. The process of a caller sending an INVITE message (query), receiving a response with the callee's IP address, and then sending session data (access request) was argued to directly map to the claimed method steps. Furthermore, RFC 2543 disclosed that the INVITE message contains session parameters specifying bandwidth and quality of service, which Petitioner mapped to the claimed "provisioning information."
Additional Grounds: Petitioner asserted an additional obviousness challenge based on combining RFC 2543 with other related standards (RFC 1889, RFC 2327, and RFC 2401) but relied on a similar theory of combining known, complementary protocols explicitly designed to work together.

"virtual private network": Petitioner argued for the broad construction of "a network of computers that privately communicate with each other by encrypting traffic on insecure communication paths," based on a construction adopted in prior district court litigation involving the ’180 patent family.
"secure domain name": Petitioner proposed the construction "a non-standard domain name that corresponds to a secure computer network address and cannot be resolved by a conventional DNS." This construction was central to arguing that both Provino's internal human-readable addresses and RFC 2543's SIP URLs met the limitation.
"secure domain name service": Correspondingly, Petitioner argued this term means "a service that can resolve secure computer network addresses for a secure domain name for which a conventional domain name service cannot resolve addresses," positioning both Provino's internal nameserver and RFC 2543's SIP server as anticipating prior art.

Petitioner requests institution of an inter partes review and cancellation of claims 1, 4, 6, 10, 12-15, 17, 20, 22, 26, 28-31, 33, 35, and 37 of the ’180 patent as unpatentable.