IN THE UNITED STATES PATENT AND TRADEMARK OFFICE

U.S. Patent No.: 7,418,504

In re Patent of: Larson et al.

Attorney Docket No. 213.7001-00000

Issue Date: August 26, 2008

Appl. Serial No.: 10/714,849

Filing Date: November 18, 2003

Title: AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN NAMES

Mail Stop Patent Board Patent Trial and Appeal Board U.S. Patent and Trademark Office P .0. Box 1450 Alexandria, VA 22313-1450

PETITION FOR INTER PARTES REVIEW OF UNITED STATES PATENT NO. 7,418,504

Attorney Docket No. 213.7001-00000 IPR of U.S. Patent No. 7,418,504

TABLE OF CONTENTS I.

MANDATORY NOTICES IN ACCORDANCE WITH 37 C.F.R.

§ 42.8(a)(l ). ................................................................................................... 2 A.

Real Party-In-Interest under 37 C.F.R. § 42.8(b)(l). ............................. 2

B.

Related Matters under 37 C.F.R. § 42.8(b)(2)

C.

Lead And Back-Up Counsel under 37 C.F.R. § 42.8(b)(3). ................... 4

D.

Service Information

........................................

.

...

.

......... ..............

.

.

.........

...........

.

.................... . .

. .. 4 ..

.

II.

FEE PAYMENT

III.

REQUIREMENTS FOR INTER PARTES REVIEW UNDER 37 C.F.R. §

42.104

IV.

.

-

.

37 C.F.R. § 42.103. ........................................................ 4

...........................................................................................................

4

A.

Grounds for Standing Under 37 C.F.R. § 42.104(a). ............................. 4

B.

Identification of Challenge under 37 C.F.R. § 42.104(b)....................... 5

C.

Claim Construction under 37 C.F.R. § 42.IOO(b)................................... 5 1.

Meaning of Term "Domain Name Service System."

2.

Meaning of Term "Indication"

3.

Meaning of Term "Secure Communication Link."

4.

Meaning of Term "Transparently."

SUMMARY OF THE '504 PATENT A. Disclosure of the '504 Patent. B.

V.

2

.

.............

.

....................

.

..............

7

........... ..........

10

.............................................

12

......................................

13

..................................................... ..........

13

.

..

.

.

....

. 6

....... ...........

..............

Effective Filing Date of the '504 Patent..

.

............................... . . . . ..........

13

A REASONABLE LIKELIHOOD AT LEAST ONE CLAIM OF THE '504 PATENT FOR WHICH INTER PARTES REVIEW IS REQUESTED IS

Attorney Docket No.

213.7001-00000 IPR of U.S. Patent No. 7,418,504

UNPATENTABLE...................................................................................... 14 A.

Anticipation of Claims

1, 2, 5, 6, 15, 16, 27, 33, 36, 37, 39, 40, 51, 57, and 60 (including independent claims I, 36, and 60) based on Kiuchi (Ground 1) 14 .

VI.

...........................................................................................

1.

Discussion of Kiuchi

2.

Kiuchi Anticipates Claim I

3.

Kiuchi Anticipates Claim

36 ....................................................... 24

4.

Kiuchi Anticipates Claim

60 ....................................................... 25

5.

Kiuchi Anticipates Claims

6.

Kiuchi Anticipates Claim

5 ......................................................... 28

7.

Kiuchi Anticipates Claim

6 ......................................................... 28

8.

Kiuchi Anticipates Claims 15 and 39 .......................................... 29

9.

Kiuchi Anticipates Claims

16 and 40 .......................................... 30

10.

Kiuchi Anticipates Claims

27, 33, 51, and 57 ............................. 31

.

CONCLUSION

.

.

...........................

................................................................

.

..............................

.

..........................

19

2 and 37 ............................................ 27

...............................................................

11

15

33

Attorney Docket No. 213.7001-00000 IPR of U.S. Patent No. 7,418,504 Statutes

35 U.S.C. § 102(b)..................................................................................... l, 5, 14, 15 35 U.S.C. § 102(e) ................................................................................................... 14 35 U.S.C. 102

..........................................................................................................

15

Rules

MPEP § 706.02 Part V

.

.............................................

. .

...

..

.

....

.

......................

.......

.

...

15

Regulations

37 C.F.R. § 42.lOO(b) ................................................................................................ 5 37 C.F.R. § 42.103 ..................................................................................................... 4 37 C.F.R. § 42.104 ..................................................................................................... 4 37 C.F.R. § 42.104(a) ................................................................................................ 4 37 C.F.R. § 42.104(b) ................................................................................................ 4 37 C.F.R. § 42.108(c) .............................................................................................. 32 37 C.F.R. § 42.15(a) .................................................................................................. 4 37 C.F.R. § 42.8(a)(l) ............................................................................................... 1 37 C.F.R. § 42.8(b)(l) ............................................................................................... 2 37 C.F.R. § 42.8(b)(2) ............................................................................................... 2 37 C.F.R. § 42.8(b)(3) ............................................................................................... 3

iii

Attorney Docket No. 213.7001-00000 IPR of U.S. Patent No. 7,418,504

EXHIBITS

Exhibit 1001

U.S. Patent No. 7,418,504.

Exhibit 1002

Institution Decision dated October 15, 2014 in IPR2014-00612, IPR2014-00613, and IPR2014-00614 requested by Microsoft Corp. ("Microsoft Institution Decision").

Exhibit 1003

Right of Appeal Notice in Inter Partes Reexam. 95/001,788.

Exhibit 1004

Right of Appeal Notice in Inter Partes Reexam. 95/001,851.

Exhibit 1005

Takahiro Kiuchi and Shigekoto Kaihara, "C-HTTP -The Development of a Secure, Closed HTTP-based Network on the Internet," published by IEEE in the Proceedings of SNDSS 1996 ("Kiuchi").

Exhibit 1006

Patent Owner's Preliminary Response in IPR2013-00393.

Exhibit I 007

Patent Owner's Preliminary Response in IPR2013-00394.

Exhibit I 008

Selected Portions of Webster's Third New International Dictionary (1971).

lV

The present Petition for Inter Partes Review is directed to claims 1, 2, 5, 6, 15, 16, 27, 33, 36, 37, 39, 40, 51, 57, and 60 (including independent claims 1, 36, and 60) of U.S. Patent No. 7,418,504 ('"504 patent")

(Ex. 1001).

For the below-discussed reasons, Petitioner requests that the Board find unpatentable (and thereby cancel) claims 1, 2, 5, 6, 15, 16, 27, 33, 36, 37, 39, 40, 51, 57, and 60 of the '504 patent under 3 5 U.S.C. § 102(b) based on Kiuchi 1005). The rejection under 35 U.S.C. § I 02(b) based on Kiuchi

(Ex.

(Ex. 1005)

presented herein is substantially similar to that of Ground 1 presented in IPR201400614. IPR2014-00614 was requested by Microsoft Corp., and was instituted by the Board with respect to Ground 1 thereof in an Institution Decision dated October 15, 2014 ("Microsoft Institution Decision") attached as

Ex. 1002.

IPR2014-00614 was subsequently terminated by the Board due to settlement of the parties. In instituting IPR2014-00614, the Board found there was a reasonable likelihood that claims 1, 2, 5, 6, 15, 16, 27, 33, 36, 37, 39, 40, 51, 57, and 60 are unpatentable under 35 U.S.C. § 102(b) based on Kiuchi. For similar reasons, Petitioner requests that the present Petition for Inter Partes Review likewise be instituted by the Board.

I.

MANDATORY NOTICES IN ACCORDANCE WITH 37 C.F.R. § 42.8(a)(l). A.

Real Party-In-Interest under 37 C.F.R. § 42.8(b)(l).

Petitioner, Black Swamp IP, LLC, is the real party-in-interest. Black Swamp IP, LLC is a member-run LLC. The members are Stoneledge Trust and Rockwood Trust. David B. Colon is the sole trustee of the Stoneledge Trust, and John W. McMahon is the sole trustee of the Rockwood Trust. B.

Related Matters under 37 C.F.R. § 42.8(b)(2).

The '504 patent is the subject of a number of civil actions including: (i) Civ. Act. No. 6:13-cv-00211 (E.D. Tex.); (ii) Civ. Act. No. 6: 12-cv-00855 (E.D. Tex.); (iii) Civ. Act. No. 6:10-cv-00417 (E.D. Tex.); (iv) Civ. Act. No. 6: l l -cv-00018 (E.D. Tex.); (v) Civ. Act. No. 6: l 3-cv-00351 (E.D. Tex.); (vi) Civ. Act. No. 6: l 3-mc-00037 (E.D. Tex.); and (vii) Civ. Act. No. 9:13-mc-80769 (E.D. Fld). The '504 patent is also the subject of two inter partes reexamination nos. 95/001,788 ('788 reexamination) and 95/001,851 ('851 reexamination). On May 27, 2014, a Right of Appeal Notice (Ex. 1003) was issued in the '788 reexamination in which claims 1-60 of the '504 patent stand rejected. On February

2

26, 2015, a Right of Appeal Notice (Ex. 1004) was issued in the '851 reexamination in which claims 1-10, 12-35, and 60 of the '504 patent stand rejected. Both the '788 and '851 reexaminations are in the briefing stages of appeals to the Board. The '504 patent is also the subject of the following petitions for inter partes review: (1) IPR2013-00377 by Petitioner New Bay Capital, LLC­ terminated prior to institution; (2) IPR2013-00393 and IPR2013-00394 by Petitioner Apple Inc. - not instituted; (3) IPR2014-00176 and IPR2014-00177 by Petitioner RPX Corp. - not instituted; (4) IPR2014-00612 by Petitioner Microsoft Corp. - not instituted; (5) IPR2014-00613 and IPR2014-00614 by Petitioner Microsoft Corp. - instituted and settled; (6) IPR2015-00188 and IPR2015-00189 by Apple Inc. - not instituted.

3

C.

Lead And Back-Up Counsel under 37 C.F.R. § 42.8(b)(3).

Petitioner provides the following designation of counsel: BACK-UP COUNSEL

LEAD COUNSEL Thomas H. Martin

Wesley C. Meinerding

USPTO Registration No. 34,383

US PTO Registration No. 57,925

Telephone Number: (330) 877-0700

Telephone Number: (330) 877-0700

MARTIN & FERRARO, LLP

MARTIN & FERRARO, LLP

1557 Lake O'Pines Street, NE

1557 Lake O'Pines Street, NE

Hartville, Ohio 44632

Hartville, Ohio 44632

D.

Service Information.

Please address all correspondence and service to counsel at the address provided in Section I(C). Black Swamp IP, LLC agrees to service by email at [email protected] and [email protected]. II.

FEE PAYMENT-37 C.F.R. § 42.103. The USPTO is authorized to charge the credit card associated with the credit

card payment form submitted herewith for the fee set in 37 C.F.R. § 42.15(a) for this Petition. III.

REQUIREMENTS FOR INTER PARTES REVIEW UNDER 3 7 C.F.R. § 42.104. A.

Grounds for Standing Under 37 C.F.R. § 42.104(a).

Petitioner certifies that the '504 patent is eligible for inter partes r eview. Petitioner also certifies that it is not barred or estopped from requesting inter partes review challenging the above-identified claims of the '504 patent.

4

B.

Identification of Challenge under 37 C.F.R. § 42.104(b).

Petitioner requests that claims 1,2, 5, 6,15,16,27,33,36,37, 39,40, 51, 57, and 60 be found unpatentable (and thereby cancelled) in view of Ground 1 of rejection presented below. At the very least, Ground 1 clearly articulates where each and every element of claims 1,2, 5, 6,15, 16,27,33, 36, 37,39,40, 51,57, and 60 is found in the cited references.

Ground of Re_jection

Claims of '504 Patent

Rejection

1, 2, 5, 6, 15,16, 27, Ground 1

33,36,37,39,40,51,

§ 102 rejection based on Kiuchi.

57, and 60 As discussed below, the effective filing date of claims 1,2, 5, 6, 15, 16, 27, 33, 36, 37, 39, 40,51,57, and 60 of the '504 patent is not earlier than February 15, 2000. Kiuchi (Ex. 1005) is prior art under 35 U.S.C. § 102(b). Kiuchi (Ex. 1005) qualifies as a printed publication due to its presentation at the 1996 Symposium on Network and Distributed System Security (SNDSS) on February 22 & 23,1996, and its publication by IEEE in the Proceedings of SNDSS 1996.

C.

Claim Construction under 37 C.F.R. § 42.lOO(b).

According to 37 C.F.R. § 42.1OO(b), a claim subject to inter partes review is given its "broadest reasonable construction in light of the specification of the patent in which it appears." As discussed below,Petitioner submits the following

5

constructions for the following terms. Furthermore, Petitioner submits that the remaining terms should be given their plain meaning. 1.

Meaning of Term "Domain Name Service System."

The Patent Owner has repeatedly asserted to the Board that no construction of the claim term "domain name service system" is required. (Ex. 1006 at pages

33-35, and Ex. 1007 at pages 29-31.) According to the Patent Owner, the claims themselves define the characteristics of the domain name service system. (Ex.

1006 at page 33, and Ex. 1007 at page 29.) Thus, it is reasonable, in view of Patent Owner's position, to consider the claim term "domain name service system" to encompass any system with the features of the claims. Furthermore, from a reading of the '504 patent, it is clear that the word "system" (in the claim term "domain name service system") means one or more discrete computers or devices. To illustrate, column 40, lines 35-48, of the '504 patent (Ex. 1001) describes a domain name service system including a modified DNS server 2602 and a gatekeeper server 2603. According to the

'504 patent,

"[g]atekeeper 2603 can be implemented on a separate computer (as shown in FIG.

26) or as a function within modified DNS server 2602." ('504 patent (Ex. 1001) at column 40, lines 35-37.) Furthermore, according to the '504 patent, "although element 2602 is shown as combining the functions of two servers, the two servers

6

can be made to operate independently." ('504 patent (Ex. 1001) at column 40, lines 45-47.) Also, in the '788 and '851 reexaminations, the Examiner agreed that the broadest reasonable construction of a system in the context of the '504 patent encompasses a single or multiple devices. According to the Examiner, a "DNS system is reasonably interpreted as comprising a single device or multiple devices." (Ex. l 003 at page 17, and Ex. I 004 at page 20.) Accordingly, Petitioner submits that the claim term "domain name service system" encompasses any system with the features of the claims, where the system may include one or more computers or devices. 2.

Meaning of Term "Indication"

The Patent Owner has repeatedly asserted to the Board that no construction of "indication" is required. (Ex. I 006 at pages 39-42, and Ex. 1007 at pages 3538.) Petitioner disagrees. Petitioner notes that column 49, lines 6-12, of the '504 patent (Ex. 1001) indicates that "[p]referrably, a user enables a secure communication link using a single click of a mouse, or a corresponding minimal input from another input device, such as a keystroke entered on a keyboard or a click entered through a trackball," and "[a]ltematively, the secure link is automatically established as a default setting at boot-up of the computer (i.e., no click)." Thus, in addition to

7

disclosing enabling a secure communication link via "a single click of a mouse," the '504 patent discloses that the secure communication link can be "automatically established as a default setting at boot-up of the computer." From this disclosure, the Examiner in the '788 and '851 reexaminations found that "[i]f the user attempts to establish a secure communication link using a DNS system after booting and is able to do so, then the user has been provided a

broadly recited and discemable 'indication' that the DNS in some manner supports establishing a communication link." (Ex. 1003 at page 20, and Ex 1004 at page 23) Furthermore, from this disclosure, the Examiner found that "it would be reasonable to interpret the 'indication' (that the DNS among other systems associated with the computer supports establishing a secure communication link) to read on the ability of the user to communicate using a secure link after boot-up." (Ex. 1003 at page 20, and Ex. 1004 at page 23.) Given this disclosure of the '504 patent, the Examiner indicated that the claim term "indication" "may be construed broadly to mean a visible message or signal to a user that the DNS system supports establishing a secure communication link," and indicated that "[n]either the specification nor the claim language provides a basis for limiting 'indicating' to a visual indicator." (Ex. 1003 at pages 19-20, and Ex. 1004 at pages 22-23.)

8

As such, Petitioner submits that the claim term "indication" means a visible or non-visible message or signal that the DNS system supports establishing a secure communication link, including the establishment of the secure communication link itself. This construction of the claim term "indication" is identical to the construction promulgated by the Petitioner of IPR2014-00614. Petitioner acknowledges that the Board previously construed the claim term "indication" in IPR2014-00614. In doing so, the Board, by citing to Webster's Third New International Dictionary(1971), indicated that "[t]he term 'indication' ordinarily means 'the action of indicating' or 'something (as a signal, sign, suggestion) that serves to indicate."' (Microsoft Institution Decision (Ex. 1002) at page 12; Ex. 1008.) Furthermore, the Board indicated that the "[t]he term 'indicate' ordinarily means 'to point out or point to or toward with more or less exactness' or 'to show the probable presence or existence or nature or course of."' (Microsoft Institution Decision (Ex. 1002) at page 12; Ex. 1008.) According to the Board, "the Specification [of the '504 patent] is not inconsistent with the ordinary meaning or Petitioner's construction" in IPR2014-00614. (Microsoft Institution Decision (Ex. 1002) at page 12.) The Board then concluded that "for purposes of this Decision, the term 'indication' broadly, but reasonably, means 'something that shows the probable presence or existence or nature of," and "[i]n accordance with this construction, in

9

context of claim 1, an indication that a secure communication link is in operation constitutes an indication that the system supports establishing a secure communication link." (Microsoft Institution Decision (Ex. 1002) at pages 12-13.) It is requested that the meaning ascribed by Petitioner to the claim term "indication" be adopted by the Board in the present Petition for Inter Partes Review. Nevertheless, Petitioner submits that the claims are still unpatentable, even if the Board adopts the meaning assigned to the claim term "indication" in IPR2014-00614. That is, the claims are unpatentable under Petitioner's ascribed meaning or the Board's assigned meaning from IPR2014-00614. 3.

Meaning of Term "Secure Communication Link."

The Patent Owner has repeatedly asserted to the Board that the claim term "secure communication link" should mean a "direct communication link that provides data security through encryption." (Ex. 1006 at pages 35-39, and Ex. 1007 at pages 31-35.) Petitioner disagrees. The claim term "secure communication link" does not require a direct communication link or encryption. Petitioner acknowledges that the Board previously construed the claim term "secure communication link" in IPR2014-00614. The Board in IPR2014-00614 indicated that the claim term "secure communication link" means "a transmission path that restricts access to data, addresses, or other information on the path, generally using obfuscation methods to hide information on the path, including, but

10

not limited to, one or more of authentication, encryption, or address hopping." (Microsoft Institution Decision (Ex. 1002) at page 11.) Petitioner agrees with the meaning assigned to the claim term "secure communication link" in IPR201400614. In assigning meaning to the claim term "secure communication link," the Board indicated that "the record does not support, and we decline to impart" an implied requirement for a "direct" communication link. (Microsoft Institution Decision (Ex. 1002) at pages

7-8.) Petitioner agrees - the '504 patent does support

a requirement of a "direct" communication link in construing the claim term "secure communication link." Furthermore, in assigning meaning to the claim term "secure communication link," the Board indicated that the '504 patent does not support a requirement for use of encryption in construing the claim term "secure communication link. (Microsoft Institution Decision (Ex. 1002) at page 10.) Petitioner also agrees. The '504 patent indicates that "[d]ata security is usually tackled using some form of data encryption." ('504 patent (Ex. 1001) at column 1, lines 55-56 (emphasis added).) As such, the '504 patent implies that the "security" may include, but does not require, encryption. The '504 provides a specific example that employs "unencrypted message packets," while using "different levels of authentication," and, under some circumstances, "a keyed hopping sequence."

11

('504 patent (Ex. 1001) at column 54, lines 40-67.) Furthermore, the '504 patent also describes "various embodiments" that form "secure communication" by "'hopping' different addresses using one or more algorithms and one or more moving windows that track a range of valid addresses to validate received packets," and using this hopping technique on "[pJackets transmitted according to one or more of the inventive principles will be generally referred to as 'secure' packets or 'secure communications."' ('504 patent (Ex. 1001) at column 21, lines 46-55.) Because of this disclosure from the '504 patent, the Board indicated that "given the different examples and general descriptions that encompass a wide variety of techniques, the '504 [patent] describes different levels of security by using different methods to obtain different security levels, rendering the term 'secure' relative." (Microsoft Institution Decision (Ex. 1002) at page 10.) Thus, the Board concluded that the claim term "secure communication link" does not require encryption. 4.

Meaning of Term "Transparently."

The Patent Owner has repeatedly asserted to the Board that the claim term "transparently" means that "the user need not be involved in creating the [secure communication link]/[secure link]." Petitioner agrees. (Exhibit I 006 at pages 4243, and Ex. 1007 at pages 38-39.)

12

IV.

SUMMARYOF THE'504PATENT. A.

Disclosure of the '504 Patent.

Generally, the '504 patent discloses a domain name service system for establishing a secure communication link. (Ex. 1001 at Abstract, and column 3, line 14.) The domain name service system of the '504 patent described therein is configured: (1) to be connected to a communication network, (2) to store a plurality of domain names and corresponding network addresses, (3) to receive a query for a network address, and (4) to comprise an indication that the domain name service system supports establishing a secure communication link. (Ex. 1001 at column 55, lines 49-56.) B.

Effective Filing Date of the '504 Patent.

U.S. Patent No. 7,418,504 issued on August 26, 2008 based on U.S. Patent Application No. 101714,849 ("'849 application"). The '849 application was filed on November 18, 2003 as a continuation of U.S. Patent Application No. 09/558,210 ("'210 application"). The '210 application was filed on April 26, 2000 as a continuation-in-part of U.S. Patent Application No. 09/504,783 ('"783 application"), now U.S. Patent No. 6,502,135. The '783 application was filed February 15, 2000 as a continuation-in-part of U.S. Patent Application No. 09/429,643 ('"643 application"), now U.S. Patent No. 7,010,604. The '643 application was filed on October 29, 1999. Each of the '849, '210, '783, and '643

13

applications claim priority to Provisional Application Nos. October

30, 1998)

and

60/137,704

(filed June

7, 1999).

Therefore, the earliest potential priority date of the

30, 1998. of the

(filed

60/106,261

'504 patent is October

Kiuchi is prior art even with respect to the earliest potential priority date

'504

patent. Kiuchi is a printed publication under

respect to the earliest potential priority date of the

'504

It is noted, however, that independent claims

35

U.S.C.

§ 102(b)

with

patent.

1, 36,

and

60

of the

'504

patent

are not entitled to the earliest potential priority date. Independent claims 1 and 60 of the

'504 patent recite "a domain name service for establishing a secure

communication link." Furthermore, independent claims 1,

36, and 60 recite "a

domain name service system." None of the applications filed prior to the

'783

application mention the phrase "domain name service," and these applications do not provide corresponding written description therefor. Thus, the earliest effective filing date of independent claims

1, 36,

and

application, i.e., February 15,

60 of the '504 patent is the

filing date

of the

'783

V.

A REASONABLE LIKELIHOOD AT LEAST ONE CLAIM OF THE

2000.

'504 PATENT FOR WHICH INTER PARTES REVIEW IS REQUESTED IS UNPATENTABLE. A.

Anticipation of Claims 1, 2, 5, 6, 15, 16, 27, 33, 36, 37, 39, 40, 51, 57, and 60 (including independent claims 1, 36, and 60) based on Kiuchi (Ground 1).

14

Kiuchi (Ex. 1005) is a printed publication under 35 U.S.C. § 102(b). Kiuchi was presented at the 1996 Symposium on Network and Distributed System Security (SNDSS) on February 22 & 23, 1996, and published by IEEE in the Proceedings of SNDSS 1996. Kiuchi is therefore prior art to the '504 patent under § 102(b) based on even the earliest potential priority date of the '504 patent, i.e., October 30, 1998. According to MPEP § 706.02 Part V, "for anticipation under 35 U.S.C. 102, the [prior art] reference must teach every aspect of the claimed invention either explicitly or impliedly." For the reasons discussed below, it is abundantly clear that Kiuchi discloses each and every recitation of claims 1, 2, 5, 6, 15, 16, 27, 33, 36, 37, 39, 40, 51, 57, and 60. As such, the claims are clearly anticipated by Kiuchi. 1.

Discussion of Kiuchi.

Kiuchi discloses a closed HTTP-based network ("C-HTTP") for a closed group of institutions, in which each member is protected by its own firewall. (Kiuchi (Ex. 1005) at page 64, Abstract.) The system disclosed in Kiuchi includes various security features to establish a C-HTTP connection (i.e., a secure communication link) between at least a client-side proxy and a server-side proxy. (Kiuchi (Ex. I 005) at page 64, Section 2.2.)

15

To illustrate, Kiuchi describes that for "hospitals and related institutions," a need exists for "[s]ecure transfer of patient information" between hospitals, and that "medical information has to be shared among some hospitals, but it should not be made available to other sites." (Kiuchi (Ex. Section

1005) at page 64,

1.) According to Kiuchi, the C-HTTP protocol allows members of the

closed group of institutions to communicate with one another via proxies. (Kiuchi (Ex.

1005) at page 64, Abstract.) In particular, communication is made possible

with a client-side proxy (for one institution), a server-side proxy (for another institution), and a C-HTTP name server. (Kiuchi (Ex.

1005) at pages 64, Section

2. 1.) In doing so, encryption is used to facilitate a secure connection,

i.e., the C­

HTTP name server provides both client-side and server-side proxies with each peer's public key and Nonce values for both request and response. (Kiuchi (Ex.

1005) at pages 64 and 65, Section 2.2.) Using the secure C-HITP connection, an end user via a user agent associated with the client-side proxy may request infonnation stored on one or more origin servers associated with the server-side proxy. (Kiuchi (Ex.

1005) at page 65, Section 2.3(1).) In doing so, an HTML document can be displayed by the user agent, and a hyperlink URL in the HTML document can be selected by the end user. (Kiuchi (Ex.

1005) at page 65, Section 2.3(1).) The

following is an example of the format of a selected hyperlink URL:

16

"http://server.in.current.connection/sample.html=@=6zdDfldfcZLj8V!i." In the selected hyperlink URL, the hostname is "server.in.current.connection," the resource being requested is "sample.html," and the connection ID is "6zdDfldfcZLj8V!i". (Kiuchi (Ex. 1005) at page 65, Section 2.3(1).) Generally, the system of Kiuchi initially performs (assuming no C-HTTP connection yet exists) in the following manner: (a) the user agent sends a request for a selected URL to the client-side proxy (Kiuchi (Ex. 1005) at page 65, Section 2.3(1)), (b) the client-side proxy asks and the C-HTTP name server determines whether it can communicate with a host (and a server-side proxy associated therewith) using the hostname specified in the selected URL (Kiuchi (Ex. 1005) at page 65, Section 2.3(1)-(2)), and (c) if the C-HTTP determines that the query is legitimate and the server-side proxy is registered, the C-HTTP server sends the IP address and public key of the server-side proxy (as well as both request and response Nonce values) to the client-side proxy, and, if the C-HTTP indicates that connection is not permitted, the C-HTTP server sends error indication to the client­ side proxy, and the client-side proxy performs a DNS lookup by behaving like an ordinary HTTP/1.0 proxy (Kiuchi (Ex. 1005) at page 65, Section 2.3(2)). In this context, it is noted that "[b ]oth the request to and response from the C-HTTP name server are encrypted and certified, using asymmetric key encryption and digital signature technology." (Kiuchi (Ex. I 005) at page 65, Section 2.3(2).)

17

Thereafter, with the IP address and public key of the server-side proxy, the client-side proxy can send the request to the server-side proxy for a C-HTTP connection "which is encrypted using the server-side proxy's public key and contains the client-side proxy's IP address, hostname, request Nonce value and symmetric data exchange key for request encryption." (Kiuchi (Ex. 1005) at page 65, Section 2.3(3).) The server-side proxy then asks the C-HTTP name server to perform a lookup of client-side proxy information - "[ w]hen a server-side proxy accepts a request for connection from a client-side proxy, it asks the C-HTTP name server whether the client-side proxy is an appropriate member of the closed network." (Kiuchi (Ex. I 005) at pages 65-66, Section 2.3(4).) After authorization of the client-side proxy is confirmed by the C-HTTP name server to access the server-side proxy, the server-side proxy generates and sends a connection ID (as well as a second symmetric data exchange key for response encryption) to the client-side proxy for facilitating establishment of the C-HTTP connection between the client-side proxy and the server-side proxy. (Kiuchi (Ex. 1005) at page 66, Section 2.3(5).) Once the connection is established, the "client-side proxy forwards HITP/1.0 requests from the user agent in encrypted form using C-HTTP format," and "[u]sing HTTP/1.0, a server-side proxy communicates with an origin server inside the firewall." (Kiuchi (Ex. 1005) at page 66, Section 2.3(6)-

18

(7).) Thus,"[f]rom the view of the user agent or client-side proxy, all resources appear to be located in a server-side proxy on the firewall." (Kiuchi (Ex.

1005)

at page 66, Section 2.3(7).) Thus, according to Kiuchi, end users at the user agents "do not even have to be conscious of using C-HTTP based communications." (Ki uchi (Ex.

1005)

at page 68, Section 4.2(3). )

Additionally, it would readily understood that Kiuchi's client-side proxy, server-side proxy, and C-HTTP name server each are implemented using software

(i.e.,

computer readable instructions) to implement the

functions performed by those items. (Kiuchi (Ex.

1005)

at page 65, Section

4.2(2)-(3).) As evidence thereof, Kiuchi provides, in the Appendices, a summary of the source code that can be used by various components of its syste1n in implementing the functions that it provides. (Kiuchi (Ex.

1005)

at

pages 7 0 -7 5. ) 2.

Kiuchi Anticipates Claim 1

Kiuchi discloses each and every recitation of independent claim

1.

Kiuchi discloses a "system for providing a domain name service for establishing a secure communication link," as recited in independent claim

1.

As

described above, Kiuchi discloses a system with various security features for creating a secure communication link over the Internet. (Kiuchi (Ex. I 005) at page 65.) The system of Kiuchi uses a client-side proxy, a server-side proxy, and a C-

19

HTTP name server, where the C-HTTP name server automatically and transparently performs specialized functions, such as authorization, name resolution, and establishment of secure connections (including facilitating secure connections between the client-side proxy and the server-side proxy). (Kiuchi (Ex. 1005) at pages 64-65.) As such, Kiuchi discloses establishment of"a secure communication link" as defined by the Board. It is noted that the Board agreed that Kiuchi discloses this recitation of independent claim 1. (Microsoft Institution Decision (Ex. 1002) at page 18.) Kiuchi's system also includes "a domain name service system configured to be connected to a communication network" and "to store a plurality of domain names and corresponding network addresses," as recited in independent claim 1. Kiuchi's client- side proxy, server-side proxy, and C-HTTP name server operate as a domain name service system. Kiuchi discloses that the system thereof is connected to thelnternet(which is a communication network). (Kiuchi (Ex. 1005) at page 64, Section I ("In this paper, we discuss the design and implementation of a closed HTTP (Hypertext Transfer Protocol)-based network (C-HTTP) which can be built on the Internet.")) Furthermore, Kiuchi discloses that the C-HTTP name server stores IP addresses and corresponding hostnames. (Kiuchi (Ex. I 005) at page 65, Section 2.3( 1)-(2).) According to Kiuchi, when a given institution wants to participate in the system, each proxy will register an IP address and a hostname

20

(i.e., a network address and domain name, respectively) with the C-HTTP name server. (Kiuchi (Ex.

1005)

at page

65,

Section 2.2.) Thus, the registered IP

address and hostname are stored by the C-HTTP name server and correspond to one another, and, in the context of Kiuchi, the IP address is a network address and the hostname is a domain name. Therefore, it is clear that Kiuchi discloses a domain name service system connected to a communication network, and storing a plurality of domain names and corresponding network addresses. It is noted that the Board agreed that Kiuchi discloses these recitations of independent claim (Microsoft Institution Decision (Ex.

1.

1002) at pages 18-19.)

The domain name service system of Kiuchi is configured "to receive a query for a network address," as recited in independent claim

1.

Kiuchi's client-side

proxy receives a request from a user agent to retrieve a resource associated with a hostname specified in a URL. (Kiuchi (Ex.

1005)

at page

65,

Section 2.3(1).)

Thereafter, the "client-side proxy asks the C-HTTP name server whether it can communicate with the host specified in a given URL." (Kiuchi (Ex.

65, Section 2.3(2).)

1005)

at page

Then, "[i]f the name server confirms that the query is

legitimate, it examines whether the requested server-side proxy is registered. . . and is permitted to accept the connection from the client-side proxy." (Kiuchi (Ex.

1005)

at page

65,

Section 2.3(2).)

21

In other words, the client-side proxy forwards and the C-HTTP name server receives a request for a network address of the server-side proxy associated with the origin server. (Kiuchi (Ex. I 005) at page

65,

Section

2.3(2).)

The request

includes a hostname, and the C-HTTP server determines if the request is legitimate. If the request is determined to be legitimate, the C-HTTP name server examines whether the server-side proxy is registered, and, if so, provides an IP address

(i.e., a network address) to the client-proxy.

Section

2.3(2).)

(Kiuchi (Ex. I 005) at page 65,

Therefore, it is clear that Kiuchi discloses a domain name service

system that receives a query for a network address. It is noted that the Board agreed that Kiuchi discloses this recitation of independent claim Institution Decision (Ex.

1.

(Microsoft

1002) at page 19.)

The domain name service system ofKiuchi is also configured "to comprise an indication that the domain name service system supports establishing a secure communication link," as recited in independent claim

1.

Kiuchi's C-HTTP name

server, as discussed above, determines if a query from the client-proxy is legitimate and examines if the requested server-side proxy is registered. If the C-HTTP name server determines that the query is legitimate and the server-side proxy is registered, the C-HTTP name server provides an IP address, as well as a public key (and both request and response Nonce values), ofthe server-side proxy to the client-side proxy. (Kiuchi (Ex. I 005) at page

22

65,

Section

2.3(2).)

In doing

so, the C-HTTP name server facilitates the establishment and operation of a secure communication link between the client-side proxy and the server-side proxy. The establishment and operation of a secure communication link in Kiuchi between the client-side proxy and the server-side proxy is in and of itself "an indication that the domain name service system supports establishing a secure communication link" under both the meaning ascribed to the claim term "indication" by petitioner, and the meaning assigned to this claim term by the Board. That is, under Petitioner's construction, the establishment and operation of a secure communication link between the client-side proxy and the server-side proxy is an indication (i.e., a visible or non-visible message or signal) that Kiuchi's domain name service system supports the establishment of a C-HTTP connection (i.e., a secure communication link). Furthermore, under the Board's construction, the establishment and operation of a secure communication connection between the client-side proxy and the server-side proxy is an indication that a secure communication link is in operation that constitutes an indication that the system supports establishing a secure communication link. Therefore, it is clear that Kiuchi discloses a domain name service system that provides "an indication that the domain name service system supports establishing a secure communication link." It is noted that the Board agreed that Kiuchi discloses this recitation of independent claim

1. (Microsoft Institution Decision (Ex. 1002) at pages 19-20.)

23

For these reasons, Petitioner submits that it is clear that Kiuchi discloses each and every recitation of independent claim I, and hence, Kiuchi anticipates independent claim I. 3.

Kiuchi Anticipates Claim 36

The differences between various recitations of independent claims I and

36

are minor. To illustrate, the connecting, storing, receiving, and supporting acts of independent claim

36 directly correspond to recitations in independent claim l.

Therefore, for the reasons discussed above in Section

V.A.2 with respect to

independent claim I, Kiuchi discloses the connecting, storing, receiving, and supporting acts of independent claim I. Additionally, Kiuchi discloses "[a] machine-readable medium comprising instructions executable in a domain name service system, the instructions comprising code for" performing the acts recited in independent claim

36. As

discussed above, Kiuchi's client-side proxy, server-side proxy, and C-HTTP name server each use software (i.e., computer readable instructions) to implement the functions performed by those items. (Kiuchi (Ex. 1005) at page 65, Section

4.2(2)-(3).) As evidence thereof, Kiuchi provides, in the Appendices, a summary of the source code that can be used by v arious components of its system in implementing the functions that it provides. (Kiuchi (Ex. 1005) at

24

pages 70- 75.) Therefore, Kiuchi also discloses this recitation o f independent claim 36. For these reasons, Petitioner submits that it is clear that Kiuchi discloses each and every recitation of independent claim 36, and hence, Kiuchi anticipates independent claim 36. It is noted that the Board agreed that Kiuchi discloses the recitations of independent claim 36. (Microsoft Institution Decision

(Ex. 1002) at

page 19.) 4.

Kiuchi Anticipates Claim 60

The differences between the acts recited in independent claims 36 and 60 are minor. The connecting act of independent claim 60 overlaps the connecting act of independent claim 36, but also includes the significant portions of the supporting act of independent claim 36. Furthermore, the storing act of independent claim 60 is identical to the storing act of independent claim 36. Finally, the receiving act of independent claim 60 overlaps the receiving act of independent claim 36, but also includes the phrase "for communication." Therefore, for the reasons discussed above in Section V.A.3 with respect to independent claim 36, Kiuchi discloses the connecting, storing, and receiving acts of independent claim 60. The connecting act of independent claim 60 includes an additional phrase, "the domain name service system comprising an indication that the domain name service system supports establishing a secure communication link." This

25

additional phrase is substantially similar to the supporting act of independent claim 36 that recites "supporting an indication that the domain name service system supports establishing a secure communication link." Given that the connecting act of independent claim 60 overlaps the connecting act of independent claim 36, and also includes the significant portions of the supporting act of independent claim 36, Petitioner submits that the discussion in Section V.A.3 of the connecting and supporting acts of independent claim 36 is directly applicable to independent claim 1. Furthermore, the receiving act of independent claim 60 includes an additional phrase, "for communication." As such, the receiving act of independent claim 60 recites "receiving a query for a network address for communication." As discussed above, Kiuchi's client-side proxy forwards and the C-HTTP name server receives a request for a network address of the server-side proxy associated with the origin server and the request includes a hostname

(i.e., domain

name); and if the C-HTTP name server determines that the query is legitimate and the server-side proxy is registered, the C-HTTP name server provides an IP address

(i.e., network address) to the client-proxy. (Kiuchi (Ex. 1005) at page 65, Section 2.3(1)-(2).) Furthermore, the receipt of the request for a network address b y the C­ HTTP name server is clearly to facilitate communication at least between the

26

client-side proxy and the server-side proxy. Therefore, Kiuchi also discloses this recitation of independent claim 60. For these reasons, Petitioner submits that it is clear that Kiuchi discloses each and every recitation of independent claim 60, and hence, Kiuchi anticipates independent claim 60. It is noted that the Board agreed that Kiuchi discloses the recitations of independent claim 36. (Microsoft Institution Decision (Ex. 1002) at page 19.) 5.

Kiuchi Anticipates Claims 2 and 37

Kiuchi discloses dependent claims 2 and 37. Claim 2 depends from claim 1, and recites "wherein at least one of the plurality of domain names comprises a top­ level domain name." Claim 37 depends from claim 36, and recites "wherein the instructions comprise code for storing the plurality of domain names and corresponding network addresses including at least one top-level domain name." Kiuchi discloses a domain name that can be stored at the C-HTTP name server: "University.of.Tokyo.Branch.Hospital". (Kiuchi (Ex. 1005) at page 73.) As such, it is clear that ".Hospital" is a top level domain. Therefore, Kiuchi discloses that the domain names include a "top-level domain name."

27

6.

Kiuchi Anticipates Claim 5

Kiuchi discloses the recitation of dependent claim claim

2,

5.

Claim

5

depends from

and recites "wherein the domain name service system is configured to

authenticate the query using a cryptographic technique." As discussed above, Kiuchi's client-side proxy forwards and the C-HTTP name server receives a request for a network address of the server-side proxy associated with the origin server and the request includes a hostname

(i.e.,

domain

name); and if the C-HTTP name server determines that the query is legitimate and the server-side proxy is registered, the C-HTTP name server provides

an

(i.e., network address) to the client-proxy.

65,

2.3( 1)-(2).)

(Kiuchi (Ex.

1005)

at page

IP address Section

Kiuchi indicates that "[b]oth the request to and response from the C­

HTTP name server are encrypted and certified, using asymmetric key encryption and digital signature technology." (Kiuchi (Ex. Therefore, Kiuchi discloses dependent claim 7.

1005) at

page

65,

Section

2.3(2).)

5.

Kiuchi Anticipates Claim 6

Kiuchi discloses dependent claim 6. Claim

6 depends

from claim 1, and

recites "wherein the communication network includes the Internet." As discussed above, Kiuchi 's system is connected to the Internet. (Kiuchi (Ex.

1005) at page 64 ("In this paper, we discuss the design and implementation of

28

a closed HTTP (Hypertext Transfer Protocol)-based network (C-HTTP) which can be built on the Internet.")) Therefore, Kiuchi discloses dependent claim

8.

Kiuchi Anticipates Claims 15 and 39

Kiuchi discloses dependent claims claim

6.

15 and 39. Claim 15 depends from

1, and recites "wherein the domain name service system is configured to

provide, in response to the query, the network address corresponding to a domain name from the plurality of domain names and the corresponding network addresses." Furthermore, claim

39 depends from claim 36, and recites "wherein

the instructions comprise code for providing, in response to the query, the network address corresponding to a domain name from the plurality of domain names and the corresponding network addresses." As discussed above, when a given institution wants to participate in the system, each proxy will register an IP address and a hostname

(i.e., a network

address and domain name, respectively) with the C-HTTP name server. (Kiuchi (Ex.

1005) at page 65, Section 2.2.) As such, the registered IP address and

hostname for each proxy correspond to one another, and are stored by the C-HTTP name server. Furthermore, Kiuchi's client-side proxy, as discussed above, forwards and the C-HTTP name server receives a request for a network address of the server-side proxy associated with the origin server and the request includes a hostname

(i.e., domain name); and if the C-HTTP name server determines that the

29

query is legitimate and the server-side proxy is registered, the C-HTTP name server provides an IP address (i.e., network address) to the client-proxy. (Kiuchi (Ex. 1005) at page 65, Section 2.3(1)-(2).) Thus, the C-HTTP provides a network address corresponding to a domain name in response to the query for a network address from the client-side proxy. Therefore, Kiuchi discloses dependent claims 15 and 39. 9.

Kiuchi Anticipates Claims 16 and 40

Kiuchi discloses dependent claims 16 and 40. Claim 16 depends from claim 1, and recites "wherein the domain name service system is configured to receive the query initiated from a first location, the query requesting the network address associated with a domain name, wherein the domain name service system is configured to provide the network address associated with a second location, and wherein the domain name service system is configured to support establishing a secure communication link between the first location and the second location." Furthermore, claim 40 depends from claim 36, and recites "wherein the instructions comprise code for receiving the query for a network address associated with a domain name and initiated from a first location, and providing a network address associated with a second location, and establishing a secure communication link between the first location and the second location."

30

As discussed above, Kiuchi's client-side proxy forwards and the C-HTTP name server receives a request for a network address of the server-side proxy associated with the origin server and the request includes a hostname

(i.e., domain

name). The client-side proxy corresponds to a first location. Furthermore, as discussed above, if the C-HTTP name server determines that the query is legitimate and the server-side proxy is registered, the C-HTTP name server provides an IP address (i.e., network address) of a server-side proxy associated with the hostname to the client-proxy. (Kiuchi (Ex. 1005) at page 65, Section 2.3(1)­

(2).) The server-side proxy corresponds to a second location. Moreover, as discussed above, Kiuchi's system establishes a secure connection between the client-side proxy and the server-side proxy. (Kiuchi (Ex. 1005) at page 66, Section 2.3(5).) Therefore, Kiuchi discloses dependent claims 16 and 40. 10.

Kiuchi Anticipates Claims 27, 33, 51, and 57

Kiuchi discloses dependent claims 27, 33, 51, and 57. Claim 27 d epends from claim 1, and recites "wherein the domain name service system is configured to enable establishment of a secure communication link between a first location and a second location transparently to a user at the first location." Claim 33 also depends from claim 1, and similarly recites "wherein the domain name service system is configured to enable establishment of a secure communication link between a first location and a second location."

31

Additionally, claim 51 depends from claim 36, and recites "wherein the domain name service system is configured to enable establishment of a secure communication link between a first location and a second location transparently to a user at the first location." Claim 57 also depends from claim 36, and similarly recites "wherein the domain name service system is configured to enable establishment of a secure communication link between a first location and a second location." As discussed above, the system disclosed in Kiuchi includes various security features to establish a secure communication connection between at least a client­ side proxy and a server-side proxy. (Kiuchi (Ex. 1005) at page 64.) The client­ side proxy or the user agent associated with the client-side proxy can be considered a first location, and the server-side proxy can be considered a second location. Furthermore, according to Kiuchi, the end users at the user agents "do not even have to be conscious of using C-HTTP based communications." (Kiuchi (Ex. 1005) at page 68, Section 4.2(3).) Thus, the connection appears to b e transparent to t h e end users in Kiuchi. Therefore, Kiuchi discloses dependent claims 27, 33, 51, and 57.

32

VI.

CONCLUSION The above-discussed Ground 1 of rejection demonstrates that claims 1, 2, 5,

6, 15, 16, 27, 33, 36, 37, 39, 40, 51, 57, and 60 of the '504 patent are unpatentable. Thus, Petitioner submits that, in compliance with 37 C.F.R. § 42.108(c), the present Petition demonstrates that there is a "reasonable likelihood that at least one of the claims challenged in the petition is unpatentable." Therefore, Petitioner requests institution of an inter partes review based on Ground I of rejection. Respectfully submitted,

Dated: February 29, 2016

/Thomas H. Martin/ Thomas H. Martin, Reg. No. 34,383 MARTIN & FERRARO, LLP 1557 Lake O'Pines Street, NE Hartville, Ohio 44632 Telephone: (330) 877-0700 Facsimile: (330) 877-2030 Attorneysfor Petitioner

33

CERTIFICATE OF SERVICE The undersigned hereby certifies that a copy of this Petition for Inter Partes Review and Exhibits have been served in their entirety by Federal Express on the following counsel of record for Patent Owner: Finnegan, Henderson, Farabow, Garrett & Dunner, LLP 901 New York Avenue, NW Washington, DC 20001-4413 Counsel of record for Patent Owner Joseph E. Palys Naveen Modi Paul Hastings LLP 875 15th Street, NW Washington, D.C. 20005 Counsel of record for Patent Owner in IPR2014-00612, -00613, and-00614

Date of Service:

February 29, 2016

Signature: /Thomas H. Martin/ Thomas H. Martin, Reg. No. 34,383

34