PTAB

IPR2014-01410

IBM Corp v. Intellectual Ventures II LLC

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Security Infrastructure for Electronic Transactions
  • Brief Description: The ’574 patent discloses a public key infrastructure (PKI) for facilitating secure transactions over an unsecure network. The invention describes a hierarchical system of certification authorities and a method for updating digital certificates within that hierarchy, including propagating changes to subordinate entities.

3. Grounds for Unpatentability

Ground 1: Anticipation over Kapidzic - Claim 30 is anticipated by Kapidzic under 35 U.S.C. § 102(a).

  • Prior Art Relied Upon: Kapidzic, et al., A Certificate Management System: Structure, Functions and Protocols (“Kapidzic”), published in the Proceedings of the Symposium on Network and Distributed System Security on or before February 17, 1995.
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Kapidzic teaches every element of claim 30. The claim describes a method of updating certificates in a hierarchical certification infrastructure. Kapidzic discloses a "Certificate Management System" (CMS) which is a networked computer system using public key certificates arranged in a strict, single-root hierarchy of Certification Authorities (CAs) for secure communications. Petitioner mapped the specific limitations of claim 30 to the certificate update process detailed in Kapidzic:
      • [Element a] Updating at a first computer process: Kapidzic was alleged to disclose this limitation by describing a scenario where a CA (a computer process) must change its public and secret keys, thereby possessing a certificate that needs to be updated. The update process follows the same procedure as an original certification.
      • [Element a.1] Receiving a new signed certificate: The requesting CA in Kapidzic generates a new key pair and sends a Certificate Signature Request to its parent CA. In response, the parent CA, which is authorized to issue certificates, creates and returns a Certificate Signature Reply containing the new signed certificate. The requesting CA then "receives" this reply.
      • [Element a.2] Revoking the current certificate: Kapidzic was argued to explicitly teach that "when a certificate is updated, the old certificate must be revoked" so it can no longer be used to verify the certificates of subordinate computer processes.
      • [Element a.3] Issuing new certificates to all subordinates: After receiving its new certificate, the requesting CA in Kapidzic "re-signs all the certificates of its subordinates with the new secret key" and issues these re-signed certificates to each direct subordinate in a Certificate Re-sign message. This message also includes a copy of the CA's own new certificate for use in verification.
      • [Element b] Iteratively performing distribution: Petitioner contended Kapidzic taught this iterative process. After a direct subordinate receives the Certificate Re-sign message, it forwards the information to its own subordinates in a Certificate Path Update message. This process iterates down the hierarchy until the update has propagated to all subordinate processes, including the end-users at the bottom of the hierarchy.

4. Key Claim Construction Positions

  • Petitioner submitted that the preamble of claim 30 should be considered non-limiting for the purposes of the inter partes review (IPR).
  • Petitioner further noted that should the Board determine the preamble is limiting, Kapidzic’s disclosure of a "computer system for secure communications containing computer processes arranged in a certification infrastructure" satisfies the preamble’s limitations.
  • For all other terms in claim 30, Petitioner proposed they be given their plain and ordinary meaning.

5. Relief Requested

  • Petitioner requested institution of an IPR and cancellation of claim 30 of Patent 5,745,574 as unpatentable.