Microsoft Corp v. VirnetX Inc

1. Case Identification

• Case #: IPR2014-01421
• Patent #: 7,188,180
• Filed: August 29, 2014
• Petitioner(s): Microsoft Corporation
• Patent Owner(s): VirnetX, Inc. and Science Application International Corporation
• Challenged Claims: 1, 4, 6, 10, 12-15, 17, 20, 22, 26, 28-31, 33, 35, and 37

2. Patent Overview

• Title: Method for Establishing Secure Communication Link Between Computers of Virtual Private Network
• Brief Description: The ’180 patent discloses methods for creating a secure virtual private network (VPN) communication link. The system uses a specialized secure domain name service to resolve a non-standard "secure domain name" into a secure network address, enabling a client to securely access a target computer over an insecure network like the Internet.

3. Grounds for Unpatentability

Ground 1: Anticipation by Kiuchi - Claims 1, 4, 10, 12-15, 17, 20, 26, 28-31, 33, and 35 are anticipated by Kiuchi.

• Prior Art Relied Upon: Kiuchi (a 1996 IEEE publication titled "C-HTTP - The Development of a Secure, Closed HTTP-based Network on the Internet").
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Kiuchi’s "C-HTTP" protocol, designed to create a "closed HTTP-based virtual network," discloses every element of the independent claims. Petitioner mapped Kiuchi's client-side proxy to the claimed client computer, which receives a non-standard hostname (the "secure domain name") and queries a proprietary "C-HTTP name server" (the "secure domain name service"). This server returns an IP address (the "secure computer network address"), enabling the proxy to establish a secure, encrypted connection (the "VPN communication link") to a server-side proxy. The response from the name server, containing the IP address and public key, was argued to be the claimed "provisioning information."

Ground 2: Obviousness over Kiuchi and Tavs - Claims 6, 22, and 37 are obvious over Kiuchi in view of Tavs.

• Prior Art Relied Upon: Kiuchi (the 1996 IEEE publication) and Tavs (Patent 6,073,175).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that dependent claims 6, 22, and 37 add the limitation that the VPN is based on inserting a data value representing a "predetermined level of service" into data packets. While Kiuchi provides the foundational secure network, Tavs explicitly teaches a system for managing network congestion by embedding service-level information into HTTP header requests to prioritize traffic based on business relevance.
  • Motivation to Combine: A POSITA would combine Kiuchi’s secure network with Tavs's traffic prioritization to improve network performance and efficiently manage congestion, a common problem in networks. This would empower operators of the secure C-HTTP network to effectively control the priority of its network traffic.
  • Expectation of Success: Combining a known traffic management technique (Tavs) with a secure network protocol (Kiuchi) was a predictable application of existing technologies. A POSITA would have reasonably expected to successfully integrate service-level categorization into the C-HTTP data flow to enhance network efficiency.

Ground 3: Anticipation by Beser - Claims 1, 4, 6, 10, 12-15, 17, 20, 22, 26, 28-31, 33, 35 and 37 are anticipated by Beser.

• Prior Art Relied Upon: Beser (Patent 6,496,867).

• Core Argument for this Ground:

  • Prior Art Mapping: Petitioner argued that Beser discloses a complete system for establishing an IP tunneling association that anticipates all challenged claims. In Beser, an originating device sends a request with a unique identifier like a domain name (the "secure domain name") to a trusted-third-party network device, such as a domain name server (the "secure domain name service"). This trusted device negotiates private IP addresses (the "secure network addresses") to create a secure, anonymous tunnel (the "VPN communication link"). Petitioner further argued that Beser's disclosure of employing standard IP packets, which include a "Type of Service" field to indicate service quality, anticipates the level-of-service limitations in the dependent claims.

• Additional Grounds: Petitioner asserted additional obviousness challenges, including combining Kiuchi with Bhatti to supplement teachings on HTTP access requests, combining Beser with RFC 2401 to make explicit the use of IPsec encryption if Beser were found not to teach it, and combining Beser with Kiuchi to supply a non-standard domain name if Beser's unique identifier was deemed insufficient.

4. Key Claim Construction Positions

• "Virtual Private Network" / "VPN Communication Link": Petitioner proposed a construction based on a prior court ruling involving the patent family: "a network of computers that privately communicate with each other by encrypting traffic on insecure communication paths between the computers." This construction was central to mapping prior art references that explicitly taught the creation of encrypted tunnels.
• "Secure Domain Name" and "Secure Domain Name Service": Petitioner argued these terms required a non-standard domain name that cannot be resolved by a conventional DNS and a corresponding non-conventional service that can resolve it. This construction was critical for mapping prior art systems, like Kiuchi's C-HTTP name server, which operated parallel to, and distinctly from, the standard public DNS.
• "Provisioning Information": Petitioner proposed construing this term broadly as "information that enables communication in a virtual private network." This allowed Petitioner to argue that information such as an IP address, public key, and nonce values provided by a prior art name server met the limitation.

5. Relief Requested

• Petitioner requests institution of an inter partes review and cancellation of claims 1, 4, 6, 10, 12-15, 17, 20, 22, 26, 28-31, 33, 35, and 37 of the ’180 patent as unpatentable.