Cisco Systems Inc v. KMizra LLC

1. Case Identification

• Case #: IPR2021-00593
• Patent #: 8,234,705
• Filed: March 15, 2021
• Petitioner(s): Cisco Systems, Inc.
• Patent Owner(s): BrainSpark Associates, LLC
• Challenged Claims: 1-3, 5-13, 15-19

2. Patent Overview

• Title: Method and system for protecting a network
• Brief Description: The ’705 patent describes a method for defending a computer network by analyzing the security state of a host device seeking access. If the device's security state is determined to be inadequate, it is quarantined and provided with limited network access for remediation.

3. Grounds for Unpatentability

Ground 1: Obviousness over Gleichauf, Ovadia, and Lewis - Claims 1-3, 5-13, and 15-19 are obvious over Gleichauf in view of Ovadia and Lewis.

• Prior Art Relied Upon: Gleichauf (Patent 9,436,820), Ovadia (Patent 7,747,862), and Lewis (Patent 7,533,407).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that the primary reference, Gleichauf, taught the core method of the challenged claims: controlling a computerized device's access to network resources based on its security posture. Gleichauf disclosed a policy server that assesses posture credentials from a device, quarantines the device if it is non-compliant (e.g., lacks up-to-date anti-virus software), and provides limited access to a remediation server. Petitioner asserted Ovadia taught using a Trusted Platform Module (TPM) to provide a secure, standardized, and digitally signed attestation of a device's software and firmware configuration, which maps to the ’705 patent’s "trusted computing base" and "trusted platform module" limitations. Finally, Petitioner argued Lewis taught the claimed notification and DNS query handling limitations by disclosing a system that redirects a quarantined device's web traffic to a quarantine server, which then serves a default webpage informing the user of the quarantine status and necessary corrective actions.
  • Motivation to Combine: A POSITA would combine Gleichauf with Ovadia to improve the security, reliability, and interoperability of Gleichauf’s posture-checking system. Incorporating Ovadia's standardized, TPM-based hardware security would make the posture credentials more robust and resistant to tampering by using digital signatures. A POSITA would further incorporate Lewis’s teachings to improve the user experience of the quarantine process. Redirecting a user’s existing web browser to a notification page, as taught by Lewis, is a known and more user-friendly method than Gleichauf’s approach, as it provides clear remediation instructions without requiring specialized client software to be running on the device.
  • Expectation of Success: Petitioner asserted a POSITA would have an expectation of success because the combination merely applied known techniques (TPM-based attestation, DNS redirection for captive portals) to a known system (network access control) to achieve the predictable results of enhanced security and usability. The components and functions described in the references were analogous and readily combinable by a person of ordinary skill.

4. Key Claim Construction Positions

• "trusted computing base": Petitioner proposed construing this term as "a piece of hardware or software that has been designed to be part of a mechanism that provides security to a computer system." This proposed construction was based directly on the explicit definition the patent applicant provided to the USPTO during prosecution to distinguish prior art.
• "trusted platform module": Petitioner proposed construing this term as "a secure cryptoprocessor that implements the Trusted Platform Module specification from the Trusted Computing Group." This construction was also based on the applicant's arguments during prosecution, which characterized the term not as a generic module but as a specific term of art with a standardized industry meaning tied to the Trusted Computing Group's specifications.

5. Arguments Regarding Discretionary Denial

• §325(d) (Same or Substantially Same Art): Petitioner argued denial under 35 U.S.C. §325(d) was inappropriate because the core combination of Gleichauf and Ovadia was never before the Examiner. These references allegedly provided the key "attestation" features that the applicant successfully argued were missing from the art considered during prosecution. While Lewis was previously of record, Petitioner contended it was cited for a narrow teaching (a quarantine notification page) that the applicant conceded, and the petition relied on it for the same, undisputed purpose, thus not constituting substantially the same argument.
• §314(a) (Fintiv Factors): Petitioner argued that discretionary denial under Fintiv was unwarranted because the parallel district court litigation was in a very early stage. At the time of filing, investment by the parties and court was minimal, and key deadlines like claim construction and expert discovery were many months away. Petitioner also noted that the scheduled trial date was after the statutory deadline for a Final Written Decision in the inter partes review (IPR) and that the petition's strong merits weighed heavily in favor of institution.

6. Relief Requested

• Petitioner requests institution of an IPR and cancellation of claims 1-3, 5-13, and 15-19 of Patent 8,234,705 as unpatentable.