PTAB
IPR2016-00966
Proofpoint Inc v. Finjan Inc
Key Events
Petition
Table of Contents
petition Intelligence
1. Case Identification
- Case #: IPR2016-00966
- Patent #: 7,647,633
- Filed: April 29, 2016
- Petitioner(s): Proofpoint, Inc. and Armorize Technologies, Inc.
- Patent Owner(s): Finjan, Inc.
- Challenged Claims: 1-4, 6-8, 13, 14, 19, 28, and 34
2. Patent Overview
- Title: Malicious Mobile Code Runtime Monitoring System and Methods
- Brief Description: The ’633 patent discloses systems and methods for protecting computers from malicious downloadable content. The technology involves receiving downloadable information, determining if it includes executable code, and if so, transmitting a "mobile protection code" (MPC) to the destination computer to monitor and control the code's execution, often within a sandboxed environment.
3. Grounds for Unpatentability
Ground 1: Obviousness over Shin - Claims 1-4, 6-8, 13, 14, and 19 are obvious over Shin
- Prior Art Relied Upon: Shin (Insik Shin & John C. Mitchell, “Java Bytecode Modification and Applet Security,” a 1998 technical report).
- Core Argument for this Ground:
- Prior Art Mapping: Petitioner argued that Shin, which discloses techniques to insert run-time tests into Java applets, taught all limitations of the challenged claims. Shin's HTTP proxy server received downloadable applets, determined they contained executable code by inspecting for
<applet>tags or magic byte sequences, and then inserted "safeguarding code" (the claimed MPC) into the applet before transmitting it to a client. This process directly mapped to the steps of independent claim 1. Petitioner contended that system claims 8 and 14, and means-plus-function claim 13, were merely reformulations of method claim 1, and that Shin’s proxy server and client system disclosed or rendered obvious the corresponding hardware and software modules. - Motivation to Combine (for §103 grounds): As a single-reference ground, the motivation was inherent in Shin's stated purpose of enhancing security by modifying applets at a proxy server before they reach the browser.
- Expectation of Success (for §103 grounds): Success was expected because Shin described a functioning prototype system that implemented the claimed techniques.
- Prior Art Mapping: Petitioner argued that Shin, which discloses techniques to insert run-time tests into Java applets, taught all limitations of the challenged claims. Shin's HTTP proxy server received downloadable applets, determined they contained executable code by inspecting for
Ground 2: Anticipation by Poison Java - Claim 28 is anticipated by Poison Java
- Prior Art Relied Upon: Poison Java (Eva Chen, “Poison Java,” IEEE Spectrum, 1999).
- Core Argument for this Ground:
- Prior Art Mapping: Petitioner asserted that Poison Java explicitly disclosed every element of claim 28. Poison Java’s AppletTrap system created a sandboxed package by "wrapping" a downloaded applet (the "Downloadable") with "monitoring code" (the MPC) and an attached security policy. This complete package was then delivered to and received by the client computer. At the client, the monitoring code intercepted and processed operations attempted by the applet according to the security policy, thus teaching the causing, receiving, and initiating steps of claim 28.
Ground 3: Obviousness over Poison Java and Shin - Claim 1 is obvious over Poison Java in view of Shin
- Prior Art Relied Upon: Poison Java (a 1999 IEEE Spectrum article) and Shin (a 1998 technical report).
- Core Argument for this Ground:
- Prior Art Mapping: Petitioner argued that Poison Java disclosed the overall method of claim 1, including a proxy server that receives downloadable information (applets) and wraps them in monitoring code before transmission to a client. However, Poison Java was less specific about the "determining" step. Shin was argued to cure this by teaching specific techniques for determining whether downloadable information includes executable code, such as by filtering for
<applet>tags, file names, or magic byte sequences. - Motivation to Combine (for §103 grounds): A POSITA would combine Shin’s specific applet filtering techniques with Poison Java’s AppletTrap system to improve the system's ability to accurately identify executable applets that require security wrapping, a necessary function for the AppletTrap system to work effectively.
- Expectation of Success (for §103 grounds): A POSITA would have a reasonable expectation of success, as both references addressed the same problem of securing hosts from mobile code, and Shin described its filtering methods as being implementable at a firewall or proxy, the very architecture used by Poison Java.
- Prior Art Mapping: Petitioner argued that Poison Java disclosed the overall method of claim 1, including a proxy server that receives downloadable information (applets) and wraps them in monitoring code before transmission to a client. However, Poison Java was less specific about the "determining" step. Shin was argued to cure this by teaching specific techniques for determining whether downloadable information includes executable code, such as by filtering for
Ground 4: Obviousness over Poison Java and Brown - Claims 14, 19, and 34 are obvious over Poison Java in view of Brown
- Prior Art Relied Upon: Poison Java (a 1999 IEEE Spectrum article) and Brown (Mark W. Brown et al., “Special Edition Using Netscape 3,” a 1996 guide).
- Core Argument for this Ground:
- Prior Art Mapping: Petitioner argued Poison Java disclosed the server-side components of the claimed system, including the "information re-communicator" (its proxy server) and the creation of a sandboxed package. Brown was argued to provide the client-side component, teaching a standard Java-capable web browser (like Netscape 3.0) that functions as the claimed "mobile code executor" for receiving and running the sandboxed package from the server.
- Motivation to Combine (for §103 grounds): A POSITA would combine the server-side security system of Poison Java with the standard Java-enabled web browser taught by Brown because the server system was designed to protect such client-side browsers. Brown itself motivated the use of such browsers by explaining their built-in Java interpreter and ease of use.
- Expectation of Success (for §103 grounds): The combination was a straightforward integration of a server-side security tool with the standard client software it was designed to support, making success highly predictable.
4. Key Claim Construction Positions
- "mobile protection code ('MPC')": Petitioner proposed the construction "code that, at runtime, monitors or intercepts actually or potentially malicious code." This construction was argued to be consistent with the specification and a court construction in related litigation. The "at runtime" aspect was critical for mapping the prior art, which operated on applets as they executed on the client machine.
- "information re-communicator": Petitioner proposed the construction "server," arguing this term encompassed the firewalls, gateways, and proxy servers described in the specification and the prior art references.
- "means for receiving downloadable-information" (claim 13): Petitioner identified the function as "receiving downloadable-information" and the corresponding structure as a "server, firewall, or information monitor," linking the means-plus-function limitation to the concrete structures found in the Shin reference.
5. Relief Requested
- Petitioner requested institution of inter partes review and cancellation of claims 1-4, 6-8, 13, 14, 19, 28, and 34 of the ’633 patent as unpatentable.
Analysis metadata