PTAB

IPR2019-00073

Juniper Networks Inc v. Finjan Inc

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Method and System for Protecting a Computer and a Network from Hostile Downloadables
  • Brief Description: The ’926 patent describes a system for managing computer security by hashing an incoming executable file ("Downloadable") to generate a unique ID. This ID is then used to retrieve a corresponding "Downloadable security profile" from a database, where profiles are indexed by these IDs. The security profile contains a list of suspicious operations the Downloadable might attempt.

3. Grounds for Unpatentability

Ground 1: Obviousness over Browne and Islam - Claims 15 and 22 are obvious over Browne in view of Islam.

  • Prior Art Relied Upon: Browne et al., "Location-Independent Naming for Virtual Distributed Software Repositories" (ACM 1995) (“Browne”), and Islam et al., "A Flexible Security System for Using Internet Content" (IBM 1997) (“Islam”).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Browne taught the core framework of the challenged claims. Browne disclosed a system for managing software in a distributed repository where each file is assigned a Location Independent File Name (LIFN), which functions as a unique ID. Crucially, this LIFN is generated by computing an MD5 hash of the file's contents. Browne further taught using this hash-based LIFN as a unique key to retrieve "value-added information," such as quality assessments, about the file from a simple key/data database. Petitioner asserted this directly maps to the claimed method of hashing a downloadable to create an ID and using that ID to retrieve profile data from an indexed database.
    • Motivation to Combine: Petitioner contended that Browne, while providing the system architecture, did not explicitly detail the security aspects of the "value-added information." Islam, however, directly addressed this by teaching a system for safely executing downloaded content. Islam disclosed attaching a "content stamp" to a downloadable, which serves as a security profile. This stamp included a "requested domain" that listed potentially suspicious operations the content would seek to perform (e.g., reading private files, modifying executables). A person of ordinary skill in the art (POSITA) would combine Islam's security-focused "content stamp" with Browne's system because Browne expressly invited the attachment of "value-added information" to improve its software repository. A POSITA would look to contemporary security art like Islam and recognize that incorporating its security profiles was a logical and beneficial way to implement Browne's suggestion, thereby enhancing the security and utility of the software repository.
    • Expectation of Success: A POSITA would have a high expectation of success in this combination. Browne provided a robust framework with a hash-based unique ID (the LIFN) and a database indexed by that ID, designed specifically to store and retrieve associated data. Islam provided the exact type of data—a security profile—that would be valuable in such a system. The integration was a straightforward matter of storing Islam's security data within Browne's existing database structure, using the pre-existing LIFN as the lookup key.

4. Key Claim Construction Positions

  • "incoming Downloadable": Petitioner argued this term should be construed broadly as "a Downloadable that is arriving at a location in a computer network." This construction was critical to their obviousness argument, as the "receiving" of the software resource in Browne's system occurs at an intermediary "publisher" computer, not necessarily an end-user device. Petitioner argued against a narrower construction that would limit the location to an internal network or end-user machine, noting the patent specification described embodiments where protection engines operate on servers and firewalls.
  • "Downloadable security profile": Petitioner proposed construing this term as "information that describes characteristics of a Downloadable for use in protecting a computer system." This broad construction was intended to encompass the "value-added information such as...quality assessments" disclosed by Browne, especially when combined with the security-specific "content stamps" from Islam.

5. Arguments Regarding Discretionary Denial

  • Petitioner argued that discretionary denial under 35 U.S.C. §325(d) was inappropriate because the petition presented new prior art and arguments not previously considered by the USPTO. The primary references, Browne and Islam, were not cited during prosecution or in any of the four prior, unsuccessful IPR petitions filed by other parties against the ’926 patent. Petitioner asserted that Browne and Islam directly remedy the specific deficiencies the Board identified in those prior IPRs. For instance, prior art combinations failed to show a hash of the downloadable itself being used as an ID to retrieve a security profile from a separate database; Browne was argued to teach these exact features. Therefore, Petitioner contended the new grounds were not cumulative and warranted consideration on the merits.

6. Relief Requested

  • Petitioner requests institution of an inter partes review and cancellation of claims 15 and 22 of the ’926 patent as unpatentable.