PTAB
IPR2022-00646
Ebates Performance Marketing Inc v. IBM Corp
Key Events
Petition
Table of Contents
petition
1. Case Identification
- Case #: IPR2022-00646
- Patent #: 7,631,346
- Filed: March 28, 2022
- Petitioner(s): Ebates Performance Marketing, Inc. DBA Rakuten Rewards
- Patent Owner(s): International Business Machines Corporation
- Challenged Claims: 1-20
2. Patent Overview
- Title: Single-Sign-On Functionality in a Federated Computing Environment
- Brief Description: The ’346 patent describes methods and systems for managing user authentication using single-sign-on (SSO) functionality within a federated computing environment (FCE). The technology specifically addresses scenarios where a user, authenticated by a first system (an identity provider), seeks access to a second system (a service provider) where they do not have a pre-existing account, enabling the automatic creation of an account as part of the SSO process.
3. Grounds for Unpatentability
Ground 1: Claims 1, 3, 12, 14-15, and 18 are anticipated by Sunada or obvious over Sunada in view of Applicant Admitted Prior Art (AAPA).
- Prior Art Relied Upon: Sunada (Japanese Application # 2004-302907) and Applicant Admitted Prior Art (AAPA) from the ’346 patent.
- Core Argument for this Ground:
- Prior Art Mapping: Petitioner asserted that Sunada, which teaches an SSO system that creates user accounts on the fly, anticipates all limitations. The central dispute from prior proceedings was whether Sunada taught a "federated computing environment" (FCE), defined as involving a plurality of distinct enterprises. Petitioner argued Sunada’s disclosure of multiple web applications as "services which participate in the SSO" implies distinct, autonomous entities choosing to join the SSO system, thus forming an FCE. This interpretation is supported by the original Japanese text, where the word for "participate" means "joining a group... as a member and acting together." Alternatively, if Sunada is found to only teach an SSO system within a single enterprise, the claims are obvious. The ’346 patent’s own background (the AAPA) admits that FCEs were well-known and conventional prior art solutions for improving interoperability among enterprises.
- Motivation to Combine: For the obviousness argument, a person of ordinary skill in the art (POSITA) would combine Sunada’s SSO method with a conventional FCE (disclosed in the AAPA) to gain the known benefits of interoperability across multiple enterprises, a natural and predictable application for an SSO system designed to work over networks like the Internet.
- Expectation of Success: A POSITA would have a high expectation of success in applying Sunada's SSO system in a known FCE, as it would only require the use of conventional programming techniques to manage authentication across different enterprise systems.
Ground 2: Claims 1-9, 11-12, and 14-20 are obvious over Sunada in view of OASIS.
- Prior Art Relied Upon: Sunada (Japanese Application # 2004-302907) and OASIS (a set of documents describing the SAML V1.1 industry standard).
- Core Argument for this Ground:
- Prior Art Mapping: This combination strengthens the argument for an FCE and adds specific implementation details. Sunada provided the core SSO functionality with on-demand account creation. OASIS, describing the predominant SAML standard, explicitly taught SSO across different administrative domains and enterprises (termed "Source Site" and "Destination Site") operating in a federated model. OASIS supplied the missing technical protocols for achieving Sunada’s functionality in a standardized FCE. For example, OASIS taught using a
<NameIdentifier>element for an "alias identifier" (claim 2), a "browser/POST profile" for push authentication (claim 4), and using HTTP and SOAP for front-channel and back-channel communications (claims 6-9). - Motivation to Combine: A POSITA would combine Sunada’s SSO concept with the OASIS standard to implement it in a robust, interoperable, and non-proprietary manner. Using the well-documented SAML standard would be a logical and efficient choice to ensure communication between different enterprises in the FCE, avoiding the need to develop a new protocol from scratch.
- Expectation of Success: Success would be highly expected, as OASIS provided a well-designed and widely adopted blueprint (the SAML standard) for implementing the exact type of cross-domain SSO functionality described in Sunada using conventional and well-understood technologies like HTTP and SOAP.
- Prior Art Mapping: This combination strengthens the argument for an FCE and adds specific implementation details. Sunada provided the core SSO functionality with on-demand account creation. OASIS, describing the predominant SAML standard, explicitly taught SSO across different administrative domains and enterprises (termed "Source Site" and "Destination Site") operating in a federated model. OASIS supplied the missing technical protocols for achieving Sunada’s functionality in a standardized FCE. For example, OASIS taught using a
Ground 3: Claims 10 and 13 are obvious over Sunada in view of OASIS and Dutcher.
- Prior Art Relied Upon: Sunada (Japanese Application # 2004-302907), OASIS (SAML V1.1 Standard documents), and Dutcher (Patent 6,092,199).
- Core Argument for this Ground:
- Prior Art Mapping: This ground added Dutcher to supply specific user interaction and process-flow details absent in Sunada and OASIS. Claim 10 requires performing a "preliminary user account creation operation" before retrieving all user attributes. Dutcher taught a multi-step account creation process where a new user account is first created in a preliminary step, followed by a subsequent step to retrieve user group information and link the account to local groups. Claim 13 required "prompting the user...to provide or to select an identifier for the identity provider." Dutcher taught presenting a user with a list of available server domains for authentication, allowing the user to select the desired identity provider before proceeding.
- Motivation to Combine: A POSITA would be motivated to incorporate Dutcher's teachings into the Sunada/OASIS framework to add predictable and useful features. Staged account creation improves system workflow, and allowing users to select their identity provider enhances flexibility and security in a system with multiple federated domains.
- Expectation of Success: A POSITA would expect success in adding these features, as they represented known user interface and account management techniques that could be implemented with conventional programming.
4. Key Claim Construction Positions
- "federated computing environment": Citing the Federal Circuit's decision in Iancu, Petitioner argued this term requires a "plurality of distinct enterprises" in a "loosely coupled affiliation." This construction was central to Petitioner's argument that Sunada's "participating services" met the definition of an FCE, or that combining Sunada with the AAPA or OASIS was obvious.
- "single-sign-on operation": Following Iancu, this term was construed as a process where a user authenticates at a first entity and is not required to perform another authentication to access a resource at a second entity.
5. Arguments Regarding Discretionary Denial
- Petitioner argued discretionary denial would be improper. Under §325(d) and Advanced Bionics, it was contended that the petition presented new arguments and evidence not previously considered by the Board, including analysis of the original Japanese text of Sunada and a novel combination with the AAPA to address the FCE limitation remanded in a prior IPR. Under the Fintiv factors for §314(a), Petitioner argued the co-pending district court case was in its earliest stages, with a trial scheduled nearly two years away, ensuring an FWD would issue well in advance. Further, Petitioner had stipulated not to pursue these same invalidity grounds in the district court litigation, mitigating any concerns of inefficiency.
6. Relief Requested
- Petitioner requests institution of IPR and cancellation of claims 1-20 of the ’346 patent as unpatentable.
Analysis metadata