Apple Inc v. VirnetX Inc

1. Case Identification

• Case #: IPR2015-00812
• Patent #: 8,850,009
• Filed: March 2, 2015
• Petitioner(s): Apple Inc.
• Patent Owner(s): VirnetX, Inc. and Science Application International Corporation
• Challenged Claims: 1-8, 10-20, and 22-25

2. Patent Overview

• Title: System and Method Employing an Agile Network Protocol for Secure Communications Using Secure Domain Names
• Brief Description: The ’009 patent discloses techniques for establishing secure communications over a network in response to a domain name service (DNS) request. The system uses a modified DNS server that, upon receiving a request for a secure destination, intercepts the request and initiates the creation of a virtual private network (VPN) to establish an encrypted communication link.

3. Grounds for Unpatentability

Ground 1: Obviousness over Beser and RFC 2401 - Claims 1-8, 10-20, and 22-25 are obvious over Beser in view of RFC 2401.

• Prior Art Relied Upon: Beser (Patent 6,496,867) and RFC 2401 (“Security Architecture for the Internet Protocol,” November 1998).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Beser discloses the core method of the challenged claims. Beser teaches a system for establishing a secure IP tunnel where an originating device sends a request with a unique identifier (which can be a domain name) to a trusted-third-party device (which can be a DNS server). This trusted device intercepts the request, checks an internal database to determine if the destination device is eligible for a secure tunnel, and then negotiates the exchange of private IP addresses to establish the connection. This process, Petitioner contended, maps directly to the key limitations of independent claims 1 and 14: sending a DNS request, interception of that request, receiving an indication of service availability and network address, and connecting to the second device. While Beser teaches that data traffic within its IP tunnel would ordinarily be encrypted, it also includes an example of unencrypted streaming audio/video. The petition asserts that the sole distinction is the claimed requirement for an "encrypted communication link."
  • Motivation to Combine: Petitioner argued a person of ordinary skill in the art (POSITA) would be motivated to combine Beser with RFC 2401 to ensure all traffic, including streaming data, is encrypted. Beser itself expressly refers to the IPsec protocol (defined in RFC 2401) as the conventional method for encrypting its IP tunnels. RFC 2401 was the well-known standard for providing robust, end-to-end encryption for IP traffic. A POSITA would combine the teachings to apply the standard encryption protocol from RFC 2401 to the secure tunneling system of Beser to achieve the predictable result of a more secure communication channel, remedying any perceived security gap in Beser’s streaming data example.
  • Expectation of Success: A POSITA would have had a high expectation of success. RFC 2401 was specifically designed to be integrated into existing network configurations like those described in Beser. Implementing IPsec encryption was a well-understood, standard practice for securing network communications, and no technical challenges would have prevented its application to the Beser system.

4. Key Claim Construction Positions

• "domain name service (DNS) request": Petitioner argued for the construction "a request for a resource corresponding to a domain name." This construction was asserted to be consistent with the patent specification and previous Board interpretations in related IPRs, ensuring that Beser’s "request containing a unique identifier" (which could be a domain name) falls within the scope of the claim.
• "interception of the DNS request": Petitioner proposed that this term includes "receiving a DNS request pertaining to a first entity at another entity." This construction is crucial for mapping Beser, where a trusted-third-party device receives and acts upon a request intended for a different terminating device, thereby "intercepting" it.
• "encrypted communication link": Petitioner proposed the construction "a transmission path that restricts access to data, addresses, or other information on the path at least by using encryption." This construction was central to the obviousness argument, focusing the inquiry on the addition of encryption (taught by RFC 2401) to the secure path disclosed by Beser.
• "provisioning information": Petitioner argued this term should be construed as "information that enables communication in a virtual private network, where the virtual private network uses encryption." This allows Beser's disclosure of exchanging private IP addresses to be considered "provisioning information," which, when combined with RFC 2401's teachings on key distribution, satisfies the claim element.

5. Relief Requested

• Petitioner requests institution of an inter partes review and cancellation of claims 1-8, 10-20, and 22-25 of the ’009 patent as unpatentable.