PTAB

IPR2019-00821

Apple Inc v. MPH Technologies Oy

Log In
Key Events
Petition
petition

1. Case Identification

2. Patent Overview

  • Title: Method and System for Ensuring Secure Forwarding of Messages
  • Brief Description: The ’302 patent discloses a method for managing secure network connections for mobile devices. It addresses operability problems with Internet Protocol Security (IPSec) protocols, which are primarily designed for static IP addresses, by proposing a system that retains and reuses security parameters of previously established connections as a mobile device roams between different networks and acquires new IP addresses.

3. Grounds for Unpatentability

Ground 1: Claims 1-13 and 16 are obvious over Ahonen in view of Ishiyama.

  • Prior Art Relied Upon: Ahonen (International Publication No. WO 01/54379) and Ishiyama (Patent 6,904,466).
  • Core Argument for this Ground:
    • Prior Art Mapping: Petitioner argued that Ahonen teaches nearly all limitations of the independent claims. Ahonen describes a "mobile host" (first terminal) establishing multiple pre-existing secure connections, or Security Associations (SAs), with a "correspondent host" (second terminal) over a Virtual Private Network (VPN). When the mobile host roams to a new access network and obtains a new IP address, it can remotely "activate" the appropriate pre-existing SA without full renegotiation. Petitioner contended this maps directly to the ’302 patent’s core concept of reusing connections. However, Ahonen suggests but does not explicitly detail the mechanism by which the mobile host "checks whether the second secure connection already exists" before attempting to activate it. Petitioner argued that Ishiyama supplies this missing element. Ishiyama teaches that before transmitting a packet, an IPSec module first searches a security policy database (SPD) to determine if a security association already exists for the intended connection. If a match is found, the existing SA is used; if not, a new one is created.
    • Motivation to Combine: Petitioner asserted a person of ordinary skill in the art (POSITA) implementing Ahonen’s system would be motivated to combine it with Ishiyama's teachings. Ahonen requires the mobile host to send a "control authorisation certificate" containing parameters of a pre-existing SA (like its SPI number) to a firewall for activation. Ahonen, however, is silent on how the mobile host determines which, if any, pre-existing SA corresponds to its new network location or how it retrieves those specific parameters. Ishiyama provides a direct and well-known solution to this gap by teaching the use of a local database search to check for, identify, and retrieve the parameters of an existing SA. A POSITA would combine the references to implement a complete and functional system.
    • Expectation of Success: Petitioner argued a POSITA would have had a high expectation of success. Combining Ishiyama's database lookup with Ahonen's framework for managing pre-established SAs for roaming devices involves applying a known technique (database searching for SAs) to a known system to achieve a predictable result (efficient connection management).

Ground 2: Claims 14-15 are obvious over Ahonen and Ishiyama in view of Gupta.

  • Prior Art Relied Upon: Ahonen (WO 01/54379), Ishiyama (Patent 6,904,466), and Gupta ("Complete Computing," WWCA '98 Proceedings, Mar. 1998).
  • Core Argument for this Ground:
    • Prior Art Mapping: This ground builds on the Ahonen and Ishiyama combination to further address dependent claims 14 and 15, which recite using a generic "tunneling Protocol" and a specific "Layer 2 Tunneling Protocol (L2TP)," respectively, with IPSec. Petitioner argued that while Ahonen teaches the use of IPSec in the context of a VPN, it does not specify the underlying tunneling protocol required to implement that VPN. The Gupta reference, a journal article on mobile computing, was asserted to fill this role. Gupta teaches that tunneling is a central concept for VPNs and explicitly discusses L2TP as a common tunneling mechanism. Gupta further explains that L2TP, which is insecure on its own, is commonly combined with IPSec to provide confidentiality and had "captured the largest mindshare among VPN technologies" at the time.
    • Motivation to Combine: The motivation to add Gupta to the primary combination was presented as the need to implement the VPN functionality that Ahonen's system relies upon. A POSITA tasked with building the secure mobile communication system described in Ahonen would recognize the necessity of choosing a tunneling protocol to create the VPN. Petitioner argued that Gupta identifies L2TP with IPSec as a standard, popular, and obvious choice for this purpose. Therefore, a POSITA would combine Gupta's teachings as a straightforward implementation detail for the system disclosed by Ahonen and Ishiyama.
    • Expectation of Success: Success would be expected because combining L2TP with IPSec was a widely adopted industry standard for creating secure VPNs, as confirmed by Gupta. Implementing this known protocol within the Ahonen/Ishiyama framework would have been a routine task for a POSITA.

4. Key Claim Construction Positions

  • Petitioner proposed that the terms “a first secure connection” and “a second secure connection” should be construed to mean "establishing one or more first security associations" and "establishing one or more second security associations," respectively. This construction was argued to be necessary for consistency with the patent’s specification, which repeatedly uses "secure connection" and "security association (SA)" interchangeably and clarifies that an IPSec connection is formed from a bundle of one or more SAs.

5. Relief Requested

  • Petitioner requested the institution of an inter partes review and the cancellation of claims 1-16 of Patent 8,037,302 as unpatentable.