PTAB

IPR2016-00331

Apple Inc v. VirnetX Inc

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: System and Method Employing an Agile Network Protocol for Secure Communications Using Secure Domain Names
  • Brief Description: The ’696 patent discloses systems and methods for establishing secure communications over a network. The technology centers on a modified DNS server that intercepts a request to look up an IP address for a domain name, determines if the destination supports secure communications, and, if so, initiates a virtual private network (VPN) communication link.

3. Grounds for Unpatentability

Ground 1: Obviousness over Beser and RFC 2401 - Claims 1-11, 14-25, and 28-30 are obvious over Beser in view of RFC 2401.

  • Prior Art Relied Upon: Beser (Patent 6,496,867) and RFC 2401 (“Security Architecture for the Internet Protocol,” Nov. 1998).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that the prior art combination teaches every limitation of the challenged claims. Beser discloses a system for establishing a secure IP tunneling association that meets the core steps of the independent claims (1 and 16). In Beser, a request containing a unique identifier, such as a domain name, is intercepted by an intermediary device. A trusted-third-party device, which can be a DNS server, then determines if the destination device is authorized to establish a secure tunnel by checking an internal database. If authorized, the system initiates the tunnel. Petitioner asserted this directly maps to the claimed method of intercepting a domain-name-based request, determining availability for a secure service, and initiating a communication link. While Beser provides anonymity through its private IP address scheme, RFC 2401, a well-known standard for IPsec, supplies the obvious addition of end-to-end data encryption for the communication link. Petitioner further argued that the limitations of the various dependent claims—reciting features like audio/video conferencing, telephony services, and use on mobile devices—were also disclosed in Beser or would have been obvious extensions.
    • Motivation to Combine: Petitioner asserted that a person of ordinary skill in the art (POSITA) would have been strongly motivated to combine the teachings of Beser and RFC 2401. The motivation stems directly from Beser itself, which expressly refers to the IPsec protocol (as defined in RFC 2401) as a conventional and compliant method for establishing the secure IP tunnels it describes. Beser also teaches that IP tunnels should ordinarily be encrypted to protect identifiers and IP addresses on the public network. A POSITA seeking to implement Beser’s system would therefore have been naturally led to consult the well-known RFC 2401 standard to add a robust and standardized encryption layer to the tunneled traffic.
    • Expectation of Success: A POSITA would have had a high expectation of success in combining the references. RFC 2401 was a mature standard designed for integration into existing network configurations, including the types of gateway- and router-based systems described in Beser. The combination was a simple application of a known encryption standard (IPsec from RFC 2401) to a known secure tunneling system (Beser) to achieve the predictable and highly desirable result of a communication link providing both anonymity (from Beser) and data confidentiality (from RFC 2401).

4. Key Claim Construction Positions

  • "intercept[ing] ... a request": Petitioner proposed this term be construed as "receiving a request pertaining to a first entity at another entity." This construction was argued to be consistent with the specification and necessary for the invalidity argument, as Beser describes a system where an intermediary device (e.g., a first network device or a trusted-third-party server) receives the request instead of the ultimate destination.
  • "virtual private network communication link": Petitioner proposed a construction of "a transmission path that includes a portion of a public network and restricts access to data... including, but not limited to, one or more of anonymity, authentication, or encryption." Petitioner argued this construction does not strictly require encryption. However, the petition asserted that even if encryption were required, the combination of Beser with RFC 2401 would render the claims obvious by teaching the addition of encryption to Beser’s secure tunnel.
  • "secure communications service": This term was construed as "the functional configuration of a network device that enables it to participate in a secure communications link with another computer or device." This broad interpretation allowed Beser’s system, which enables the establishment and use of a secure IP tunnel, to be considered a "secure communications service" as recited in the claims.

5. Relief Requested

  • Petitioner requested the institution of an inter partes review and the cancellation of claims 1-11, 14-25, and 28-30 of Patent 8,504,696 as unpatentable under 35 U.S.C. §103.