Microsoft Corp v. Daedalus Group LLC

1. Case Identification

• Case #: IPR2021-00832
• Patent #: 8381209
• Filed: May 7, 2021
• Petitioner(s): Microsoft Corporation
• Patent Owner(s): Daedalus Blue, LLC
• Challenged Claims: 1-8

2. Patent Overview

• Title: Moveable Access Control List (ACL) Mechanisms for Hypervisors and Virtual Machines and Virtual Port Firewalls
• Brief Description: The ’209 patent describes a method for controlling network security during the migration of a virtual machine (VM) from one physical hardware device to another. The purported invention involves shifting the enforcement of security and routing policies from the operating system to the hypervisor layer, which allegedly simplifies the process by dynamically updating routing controls at the hypervisor level after a migration is initiated.

3. Grounds for Unpatentability

Ground 1: Obviousness over Dhawan and Clark - Claims 1, 3, and 6 are obvious over Dhawan in view of Clark.

• Prior Art Relied Upon: Dhawan (Application # 2007/0079307) and Clark (a 2005 non-patent publication titled Live Migration of Virtual Machines).
• Core Argument for this Ground:
  • Prior Art Mapping: Petitioner argued that Dhawan taught a method for securing and routing VMs that migrate between physical hosts, with a "virtual machine monitor" (a known synonym for a hypervisor) managing the process. Dhawan disclosed updating routing controls post-migration by mapping virtual network addresses to new physical addresses. To the extent Dhawan did not explicitly teach dynamic updating via network advertisement, Clark supplied this element. Clark taught that after a live VM migration, the new host generates an unsolicited Address Resolution Protocol (ARP) reply to advertise the VM's new location, which reconfigures network peers to send packets to the new physical address.
  • Motivation to Combine: A POSITA would combine Clark’s dynamic advertisement method with Dhawan’s migration system for the simple and compelling reason of ensuring functionality. Without dynamically updating routing controls, traffic would be sent to the VM's old location, rendering the migration disruptive and ineffective. The primary goal of live migration is to maintain functionality, providing a strong motivation for the combination.
  • Expectation of Success: A POSITA would have a high expectation of success, as implementing Clark’s teaching would involve well-understood code revisions to generate standard ARP messages, a common function of networking stacks.

Ground 2: Obviousness over Dhawan, Clark, and Warfield - Claims 2, 4, and 5 are obvious over Dhawan in view of Clark and further in view of Warfield.

• Prior Art Relied Upon: Dhawan (Application # 2007/0079307), Clark (a 2005 non-patent publication), and Warfield (a 2002 non-patent publication titled Isolation of Shared Network Resources in XenoServers).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground built upon the combination of Dhawan and Clark by adding Warfield to address claim limitations requiring "setting firewalls." Petitioner asserted that while Dhawan taught general security measures performed by the hypervisor, Warfield explicitly disclosed a hypervisor that acts as a "virtual firewall router." Warfield's hypervisor used a "rule-based packet classification/forwarding engine" to filter traffic, bar access to privileged ports, and prevent spoofing, thereby meeting the firewall limitations.
  • Motivation to Combine: A POSITA would combine Warfield's virtual firewall with the Dhawan/Clark system to enhance the security of the migrating VM, an obvious and well-established goal in network design. Petitioner argued that the known benefits of virtual firewalls—being inexpensive, portable, and effective at inspecting traffic within a virtualized environment—would have motivated their inclusion.
  • Expectation of Success: Success would be reasonably expected because Warfield’s virtual firewall was described as software code that could be readily integrated into the hypervisor of Dhawan/Clark. The hypervisor, acting as a natural traffic hub for its VMs, was the logical location for such a firewall.

Ground 3: Obviousness over Dhawan, Clark, and Chandika - Claims 7-8 are obvious over Dhawan in view of Clark and further in view of Chandika.

• Prior Art Relied Upon: Dhawan (Application # 2007/0079307), Clark (a 2005 non-patent publication), and Chandika (Patent 8,107,370).
• Core Argument for this Ground:
  • Prior Art Mapping: This ground added Chandika to the Dhawan/Clark combination to teach limitations related to "storing network access control lists" (ACLs) and using a "command line interface" (CLI) for configuration. While Dhawan mentioned ACLs as a security feature, Chandika provided specific implementation details. Chandika taught storing ACLs in content-addressable memory (CAM) and using a CLI to dynamically configure access rules on a packet switch/router, which a POSITA would understand could be a virtual switch.
  • Motivation to Combine: A POSITA would incorporate Chandika’s teachings to implement the ACLs mentioned in Dhawan. Using a CLI was a well-known, simple, and effective mechanism for network administrators to configure security policies, providing a clear motivation to use Chandika's method for setting the ACLs in the Dhawan/Clark system.
  • Expectation of Success: A POSITA would have a high expectation of success. Adding CAM for ACL storage was a common hardware integration task, and incorporating a CLI was a standard feature for network components at the time, involving little effort.

4. Arguments Regarding Discretionary Denial

• Petitioner argued that the Board should not exercise discretionary denial under the Fintiv factors. The parallel district court case was in its very early stages, with no trial date set and minimal investment of court resources. Critically, the litigation only involved claim 1, whereas the IPR challenged claims 1-8, meaning the Board’s review would be more comprehensive and efficient.
• Petitioner also contended that denial under 35 U.S.C. §325(d) was inappropriate because the primary references (Dhawan, Clark, Warfield, and Chandika) and the specific combination arguments presented in the petition were never considered by the examiner during prosecution.

5. Relief Requested

• Petitioner requested the institution of an inter partes review and the cancellation of claims 1-8 of the ’209 patent as unpatentable.