Apple Inc v. VirnetX Inc

1. Case Identification

• Case #: IPR2015-00189
• Patent #: 7,418,504
• Filed: October 31, 2014
• Petitioner(s): Apple Inc.
• Patent Owner(s): VirnetX, Inc. and Science Application International Corporation
• Challenged Claims: 1, 2, 5, 6, 14-17, 19-23, 26-41, 43-47, and 50-60

2. Patent Overview

• Title: Agile Network Protocol for Secure Communications Using Secure Domain Names
• Brief Description: The ’504 patent describes a system and method for creating secure communication links over a network, such as the Internet. The system uses a domain name service that can provide an indication to a user that a secure connection is supported, thereby allowing for the transparent establishment of virtual private networks (VPNs).

3. Grounds for Unpatentability

Ground 1: Anticipation by Kiuchi - Claims 1, 2, 5, 6, 14-17, 19-23, 26-41, 43-47, and 50-60 are anticipated by Kiuchi under 35 U.S.C. §102.

• Prior Art Relied Upon: Kiuchi (a 1996 IEEE publication titled “C-HTTP – The Development of a Secure, Closed HTTP-based Network on the Internet”).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Kiuchi discloses every element of the challenged claims. Kiuchi describes a “C-HTTP” system for creating a secure, closed network over the public Internet using client-side and server-side proxies in conjunction with a specialized “C-HTTP name server.” Petitioner asserted this combination constitutes the claimed “domain name service system.” When a client-side proxy queries the C-HTTP name server for a hostname, the server determines if the destination is part of the secure network. If it is, the server returns the IP address and public key of the server-side proxy; otherwise, it returns an error or forwards the request to a standard DNS. Petitioner contended this differential response serves as the claimed “indication that the domain name service system supports establishing a secure communication link.” Kiuchi's system then uses this information to establish an encrypted C-HTTP connection between the proxies, fulfilling the secure link limitation.
  • Key Aspects: Petitioner emphasized that Kiuchi's system authenticates queries using cryptographic techniques (digital signatures), anticipating claims requiring this feature (e.g., claim 5). The system is also described as "transparent" to the end-user, mapping to claims with that limitation.

Ground 2: Obviousness over Kiuchi and RFC 1034 - Claims 20, 21, 35, 44, 45, and 59 are obvious over Kiuchi in view of RFC 1034.

• Prior Art Relied Upon: Kiuchi and RFC 1034 (a 1987 IETF standard for Domain Names).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground addressed claims requiring a “domain name database.” Petitioner argued that while Kiuchi’s C-HTTP name server inherently stores and resolves hostnames, it does not explicitly use the term “database.” RFC 1034, the foundational document for the Domain Name System (DNS), explicitly discloses that name servers are repositories of information stored in a “domain name database,” which is divided into zones.
  • Motivation to Combine: A POSITA would have been motivated to implement the name and address storage of Kiuchi’s C-HTTP name server using a structured domain name database as taught by RFC 1034. Using a standard database structure allows for the fast, efficient, and scalable storage and retrieval of a potentially large number of domain names and IP addresses, which is a known benefit in network design.
  • Expectation of Success: A POSITA would have had a high expectation of success, as combining a well-understood data storage structure (a database from RFC 1034) with a name resolution service (from Kiuchi) was a routine and predictable design choice.

Ground 3: Obviousness over Kiuchi and RFC 2660 - Claims 16, 27, 33, 40, 51, and 57 are obvious over Kiuchi in view of RFC 2660.

• Prior Art Relied Upon: Kiuchi and RFC 2660 (a 1996 draft IETF standard for Secure HTTP, or S-HTTP).

• Core Argument for this Ground:

  • Prior Art Mapping: This ground addressed the limitation of establishing a secure link “between a first location and a second location,” which Petitioner argued could be interpreted to require end-to-end security (e.g., from the user agent to the origin server), rather than just between intermediary proxies as in Kiuchi’s primary embodiment. RFC 2660 explicitly teaches S-HTTP, a protocol providing end-to-end security mechanisms for HTTP clients and servers.
  • Motivation to Combine: Kiuchi itself provided the motivation, stating that its C-HTTP protocol “can coexist with” other secure HTTP proposals to provide enhanced security. Kiuchi explicitly notes that using such protocols can “assure end-to-end or individual security,” which provides a direct reason for a POSITA to incorporate a protocol like S-HTTP from RFC 2660 into the C-HTTP framework.
  • Expectation of Success: The combination would have been straightforward, as S-HTTP was designed to be compatible with HTTP and could replace standard HTTP messages within Kiuchi's system to provide the desired end-to-end encryption without altering the underlying proxy and secure name resolution architecture.

• Additional Grounds: Petitioner asserted an additional obviousness challenge based on Kiuchi in view of Lindblad (a patent on incorporating video into HTML documents) to add audio/video service capabilities to the Kiuchi system, rendering claims 32 and 56 obvious.

4. Key Claim Construction Positions

• domain name service system: Petitioner argued this term should encompass any system with the characteristics described in the claims, including systems composed of multiple discrete devices like the proxies and name servers in Kiuchi.
• indication: Petitioner asserted that under the broadest reasonable construction, this term should encompass any visible or non-visible message or signal that the system supports establishing a secure link. This includes the successful return of an IP address and security credentials (an indication of support) versus the return of an error message (an indication of no support).
• secure communication link: Petitioner adopted the Patent Owner’s asserted construction of a “direct communication link that provides data security through encryption,” arguing that the encrypted connection between proxies in Kiuchi met this limitation.
• transparently: Petitioner adopted the Patent Owner’s view that this means the "user need not be involved in creating the [secure] link," arguing Kiuchi's automated proxy-based system satisfied this requirement.

5. Arguments Regarding Discretionary Denial

• Petitioner filed an accompanying Motion for Joinder to an already-instituted IPR on the same patent (IPR2014-00614). Petitioner argued that because its petition was filed within one month of the institution of the ’614 IPR and was accompanied by a motion for joinder, the one-year time bar under 35 U.S.C. §315(b) did not apply, pursuant to §315(c).

6. Relief Requested

• Petitioner requested institution of an inter partes review and cancellation of claims 1, 2, 5, 6, 14-17, 19-23, 26-41, 43-47, and 50-60 of the ’504 patent as unpatentable.