PTAB

IPR2019-00258

Apple Inc. v. Uniloc 2017 LLC

Log In

1. Case Identification

2. Patent Overview

  • Title: Security-Focused Object-Oriented Authentication System
  • Brief Description: The ’298 patent describes a system for authenticating a user to access a computer resource. The invention focuses on using a "security object" that encapsulates security data (e.g., passwords, biometrics), attributes (e.g., password policies), and methods for operating on that data, allowing the object itself to provide security for other items.

3. Grounds for Unpatentability

Ground 1: Obviousness over Morogan and Chapman - Claims 1-51 are obvious over Morogan in view of Chapman.

  • Prior Art Relied Upon: Morogan (“A Local Authentication Module for Mobile Devices,” a 2001 symposium presentation) and Chapman (“Java for Engineers and Scientists,” a 1999 textbook).

  • Core Argument for this Ground:

    • Prior Art Mapping: Petitioner asserted that Morogan, which was not considered during prosecution, discloses a Java-based security system analogous to the ’298 patent. Morogan teaches using "generic security objects," such as an AuthenticationObject, to authenticate users and control access to sensitive data (e.g., private keys) on mobile devices or computers. Morogan’s AuthenticationObject receives user credentials (passwords, PINs, biometrics), contains data and attributes (e.g., minimum password length), and includes methods to verify a login. Petitioner argued this overcomes the prosecution-history distinction over a prior art reference, Shanton, which used a separate standalone application rather than a self-sufficient object.

    While Morogan describes the components of an object-oriented system, Petitioner contended it does not explicitly use the term "encapsulation" to describe the bundling of data and methods. To supply this teaching, Petitioner introduced Chapman, a Java programming textbook. Chapman explicitly teaches the fundamental object-oriented principle of "encapsulation," where data and the methods that operate on it are bundled into discrete, self-sufficient objects. This practice, per Chapman, enhances modularity, simplifies modification, and reduces software bugs. Petitioner argued that combining Chapman's foundational teaching of encapsulation with Morogan's specific AuthenticationObject renders the limitations of independent claims 1, 18, and 38 obvious. Dependent claims were addressed by pointing to further specific disclosures in the combined references, such as Morogan’s teaching of using smart cards (claim 7), biometrics (claim 5), and obtaining methods from a class structure, as detailed in Chapman (claim 2).

    • Motivation to Combine (for §103 grounds): Petitioner argued a person of ordinary skill in the art (POSITA) would have been motivated to apply the standard encapsulation techniques from the Chapman textbook to the Java-based security system of Morogan. The motivation would be to gain the well-understood benefits described in Chapman, such as increased modularity, improved security through information hiding, and reduced vulnerability to attack, which are all highly desirable in a security system.
    • Expectation of Success (for §103 grounds): A POSITA would have had a reasonable expectation of success in this combination because both references operate in the same technical field of Java-based object-oriented systems. Applying a fundamental programming concept (encapsulation from Chapman) to a specific implementation (the security system in Morogan) would have been a straightforward and predictable design choice.

4. Key Claim Construction Positions

  • "the security object may be retrieved": This term appears in claims 7, 24, and 44. Petitioner argued that, in the context of the ’298 patent specification, "retrieved" should be construed to mean "the security object may be accessed from storage." Critically, Petitioner contended this construction does not require the object to be transmitted or sent from its storage location. This interpretation was central to Petitioner's argument that Morogan's disclosure of a smart card—where an AuthenticationObject is accessed and operates locally on the card without being sent to a client device—meets this claim limitation.
  • Means-Plus-Function Terms: The petition addressed several means-plus-function limitations in the apparatus claims (e.g., claims 35, 38, 39, 44). For each, Petitioner proposed a corresponding structure based on the specification and expert testimony.
    • "means for encapsulating..." (Claim 38(c)): The corresponding structure was identified as software written in Java for generating "self-sufficient" security object modules.
    • "means for receiving security object data" (Claim 38(a)): The structure was identified as graphical user interfaces (GUIs) and their equivalents.
    • "means for providing the security object to a security system" (Claim 44): The structure was identified as a computer capable of programming a smart card and its equivalents.

5. Key Technical Contentions (Beyond Claim Construction)

  • Status of Morogan as Prior Art: A significant portion of the petition was dedicated to establishing that Morogan, a symposium poster presentation from April 2001, qualifies as a "printed publication" under pre-AIA §102. Petitioner presented a declaration from the author, Dr. Morogan, and applied the Klopfenstein factors to argue for its public accessibility before the patent's priority date. The arguments included that the poster was displayed for approximately four hours to an expert audience, there was no expectation of confidentiality, and attendees received a CD containing a copy of the poster, making it easy to copy and retain.

6. Relief Requested

  • Petitioner requested that the Board institute an inter partes review and cancel claims 1-51 of Patent 7,093,298 as unpatentable.