NetApp, Inc. v. KOM Software, Inc.

1. Case Identification

• Case #: IPR2019-00605
• Patent #: 7,536,524
• Filed: January 28, 2019
• Petitioner(s): NetApp, Inc. and Hewlett Packard Enterprise Co.
• Patent Owner(s): KOM Software, Inc.
• Challenged Claims: 1-4, 9, 11, 18, 19, 24, and 29-32

2. Patent Overview

• Title: Data Storage Access Control
• Brief Description: The ’524 patent relates to systems and methods for regulating access to computer storage media. The technology uses a "trap layer" logically positioned between an application layer and a file system layer to intercept attempted file operations, compare them to defined access privileges, and enforce policies such as data retention.

3. Grounds for Unpatentability

Ground 1: Claims 2-4, 18, and 19 are obvious over Walker in view of Denning

• Prior Art Relied Upon: Walker (Canadian Patent No. 2,270,651) and Denning (Cryptography and Data Security (1982)).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner asserted that Walker taught the core limitations of independent claim 1, including a "trap layer" to intercept operations and implement access privileges based on the operation type, not the user identity. Denning was argued to disclose the additional limitations of the dependent claims, including enforcing access control policies (claim 2), managing operations according to those policies (claim 3), identifying data attributes (claim 18), and creating hash keys to validate authenticity (claim 19).
  • Motivation to Combine: A Person of Ordinary Skill in the Art (POSITA) would combine Denning’s well-known, systematic access control models (e.g., authorization lists, policy enforcement) with Walker’s trap layer architecture. This combination was presented as a straightforward way to create a more finely-grained and flexible file security system, as both references address access control in file systems and separate the policy from the enforcement mechanism.
  • Expectation of Success: The combination would yield predictable results because it involved applying a known security technique (Denning) to a known system (Walker) to achieve the expected improvement of enhanced access control.

Ground 2: Claims 9, 11, and 29-32 are obvious over Walker and Denning in view of McGovern

• Prior Art Relied Upon: Walker (Canadian Patent No. 2,270,651), Denning (Cryptography and Data Security (1982)), and McGovern (Application # 2005/0097260).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground built upon the Walker/Denning combination by adding McGovern to teach the "retention policy" limitations central to claims 9, 11, and 29-32. McGovern described a Write-Once-Read-Many (WORM) file system where files are locked against modification or deletion for a specified retention period. Petitioner argued this directly taught applying a restricted state, preventing modification, and associating an expiration time with the restriction.
  • Motivation to Combine: A POSITA would be motivated to integrate McGovern’s WORM retention features into the Walker/Denning system to provide enhanced data integrity and comply with common enterprise or regulatory data retention requirements. Adding such functionality was presented as a logical extension of an access control system.
  • Expectation of Success: Success was expected because both Walker and McGovern were designed to operate on a Windows NT platform, and McGovern's system used conventional operating system functionality, making its features readily implementable within Walker's architecture.

Ground 3: Claim 24 is obvious over Walker in view of Kung

• Prior Art Relied Upon: Walker (Canadian Patent No. 2,270,651) and Kung (Patent 5,265,159).

• Core Argument for this Ground:

  • Prior Art Mapping: Petitioner argued that while Walker taught the foundational access control method of claim 1, Kung taught the specific limitation of claim 24: "forcing a secure erasure for a delete operation...comprising overwriting the contents." Kung explicitly described secure file deletion techniques, including overwriting a file with 0s and 1s or using encryption to make the original data unrecoverable.
  • Motivation to Combine: A POSITA would look to Kung to improve the security of Walker’s system. While Walker prevents unauthorized writes, Kung’s methods would prevent unauthorized reads of supposedly deleted files. This was argued to be a known and desirable security enhancement.
  • Expectation of Success: The combination was presented as straightforward, as Kung described its overwriting methods as "conventional" and provided a clear teaching for implementing secure erasure to address the known risk of data recovery.

• Additional Grounds: Petitioner also asserted that claim 1 is anticipated by Walker under §102 and that claim 32 is obvious over Vossen (Patent 6,026,402) in view of McGovern.

4. Key Claim Construction Positions

• "trap layer" (Claim 32): This term was presented as a key point of dispute.
  • Petitioner's Position: Argued for a structural construction of "Windows NT filter driver logically disposed between the application layer and the file system layer."
  • Patent Owner's Position: Contended the term is functional, meaning "a code layer that limits operations performed on the storage medium to those supported by the read/write device."
  • Importance: Petitioner argued the Patent Owner's construction improperly imported a functional limitation not required by the specification, which showed the trap layer performing a broader variety of functions.
• Means-Plus-Function Terms (Claim 32): Petitioner contended that several terms in claim 32 (e.g., "means for associating," "means for intercepting") were means-plus-function limitations governed by §112, ¶6. Petitioner proposed constructions identifying the function recited in the claim and the corresponding structure in the specification as a "Windows NT filter driver."

5. Key Technical Contentions (Beyond Claim Construction)

• Defective Priority Claim: A central argument was that the '524 patent was not entitled to its claimed priority date. Petitioner asserted the priority chain was broken because an intermediate application (for the '864 patent) was filed one day after its parent (the '175 patent) issued, violating the "before the patenting" co-pendency requirement of 35 U.S.C. §120. This would move the effective priority date for all claims forward to at least January 2, 2002.
• New Matter in Challenged Claims: Irrespective of the co-pendency issue, Petitioner argued that claims 2-4, 9, 11, 19, 24, and 29-32 contained new subject matter (e.g., "retention policy," "hash key," "secure erasure") that was first introduced in the application for the '524 patent itself. Therefore, these specific claims were only entitled to the '524 patent's filing date of July 7, 2006, making more art available against them.

6. Relief Requested

• Petitioner requested institution of an inter partes review and cancellation of claims 1-4, 9, 11, 18, 19, 24, and 29-32 of the ’524 patent as unpatentable.