Petitioner
`
`Petitioner
`Riverbed Technology, Inc.
`Riverbed Technology, Inc.
`
`IPR2014-00245
`U.S. Patent No. 8,392,684
`
`
`
`Petitioner
`Riverbed Technology, Inc.
`Riverbed Technology, Inc.
`
`IPR2014-00245
`U.S. Patent No. 8,392,684
`
`
`
`Fig. 2 of McCanne ‘376
`Fig. 2 of McCanne ’376
`
`
`
`
`
`
`
`Paper No. 23 at p.10
`
`5?“Paper No.23 at p.10 1L9“ 2.,
`
`
`
`2
`
`
`
`The Sending TA Transmits the
`Data to the Receiving TA
`
`“For example, rather than transmitting and
`caching verbatim segments (i.e., segments that
`literally represent substrings or subsequences of
`the transaction data), the sending TA can
`transmit invertible functions of the segments,
`e.g., forward error correction encoded blocks of
`segments, encryptions of segments, signatures
`of segments, or the like.”
`
`Paper No. 23 at pp.8-12; RIV-1008 at pp.50-51; See RIV-1003 at ¶89 (emphasis added).
`
`3
`
`
`
`Receiving TA Stores Segment Data
`
`“The receiving TA can obtain segment data for storage in its PSS
`… as part of the traffic from the sending TA. Thus, the data
`transmitted from the sending TA to the receiving TA may include
`both references to segments and also "bindings" representing
`the mapping from a reference to the segment data.”
`Paper No. 23 at pp.8-12; Paper No. 2 at p.15; See RIV-1003 at ¶76 (emphasis added).
`
`4
`
`
`
`Data Structure of a TA’s PSS
`
`“As shown there, the bindings table stores a plurality of
`bindings, . . . where Ri is the reference label for the i-th
`binding and Si is the segment data for the i-th binding.”
`
`Paper No. 23 at pp.8-12; Paper No. 2 at p.32; See RIV-1003 at ¶87.
`
`5
`
`
`
`Other Data Structures Created in the PSS
`
`“The binding records
`might include …
`data structures.”
`
`Paper No. 23 at pp.8-12; RIV-1008 at pp.49-50; See RIV-1003 at ¶87 and Table 1.
`
`Encryption
`
`6
`
`
`
`Contents of PSS Encoded for Encryption
`
`“Some additional data structures might include
`an index of references, an index of other fields,
`an index of segments, etc., for searching or
`otherwise processing the contents of the PSS.
`Segments could be indexed in many ways that
`could be useful for the encoding process, . . . If
`the encoding method identifier is used, segment
`data can be encoded for . . . encryption, etc.”
`
`Paper No. 23 at pp.8-12; RIV-1008 at p.50; See RIV-1003 at ¶88 (emphasis added).
`
`7
`
`
`
`Contents of PSS Encoded for Encryption
`
`• That is, McCanne ‘376 explicitly discloses
`encrypting segment data when it is stored:
`– “when segment data is to be stored as part of a
`segment reference, transforming the segment
`data via. . . an encryption function,” RIV-1003,
`¶¶87-89, Claims 4 and 5.
`
`Paper No. 23 at 8-12 (emphasis added).
`
`8
`
`
`
`McCanne ‘376 Expressly Discloses the
`Patent Owner’s Alleged Point of Novelty
`Accordingly, McCanne ’376 expressly discloses:
`• the receiving TA receives original data and
`• that, when the data is stored, the data is
`encrypted.
`
`Paper No. 23 at 8-12 (emphasis added); See RIV-1003, ¶¶ 76, 78, 87-89, and 101, Table 1, and Claims 4 and 5.
`
`9
`
`
`
`McCanne ‘376 Renders Obvious the
`Patent Owner’s Alleged Point of Novelty
`Patent Owner:
`• “McCanne ‘376 only discloses performing
`encryption in a sending device.”
`• “McCanne only describes that the sender may
`encrypt the data.”
`
`SIL-2013 at ¶41 and ¶49 (emphasis original).
`
`10
`
`
`
`Each TA is Both a Sender and a Receiver
`
`• Patent Owner’s expert confirmed that McCanne ‘376 discloses that
`either transaction accelerator 20 or 22 can be a receiver that stores
`received segment data in its respective persistent segment store:
`– Q. Both transaction accelerator 20 and transaction accelerator 22, can
`be either a sender or receiver; right?
`• A. Right.
`– Q. Both transaction accelerators, 20 and transaction accelerator 22,
`has it's own storage medium; right?
`• A. That's correct.
`– Q. That storage medium is the persistent segment storage; right?
`• A. Yes. . . .
`– Q. So a receiver stores received segment data in it's PSS?
`• A. Yes.
`
`Paper No. 23 at p.11; See RIV-1010 at pp.24-25.
`
`11
`
`
`
`Contents of PSS Encoded for Encryption
`
`“Some additional data structures might include
`an index of references, an index of other fields,
`an index of segments, etc., for searching or
`otherwise processing the contents of the PSS.
`Segments could be indexed in many ways that
`could be useful for the encoding process, . . . If
`the encoding method identifier is used, segment
`data can be encoded for . . . encryption, etc.”
`
`Paper No. 23 at pp.8-12; RIV-1008 at p.50; See RIV-1003 at ¶88 (emphasis added).
`
`12
`
`
`
`State of the Art - Encrypting Data on
`Destination Side Was Known
`• Patent Owner’s expert acknowledges:
`– A. It was generally known to people of ordinary
`skill in the art that in certain circumstances where
`data was at risk. Encryption was one of the
`solutions available for protecting that data, so if
`the data is on the source side residing on a static
`disk, then yes, encrypting that data on that disk
`would be known to people of ordinary skill in the
`art and, similarly, for data on the destination side.
`
`Paper No. 23 at pp.12-13; See RIV-1010 at 7 (emphasis added).
`
`13
`
`
`
`Patent Owner’s Argument – Security Risk
`Allegedly Not Recognized
`Patent Owner’s expert argues that modification
`of McCanne ’376 would not have been obvious
`because a “person of ordinary skill in the art
`would not have appreciated the data security
`risks and vulnerabilities posed by WAN
`optimization appliances at the time.”
`
`Paper No. 23 at p.13 (emphasis added); See SIL-2001 ¶¶56-66 and 76.
`
`14
`
`
`
`State of the Art – Security Risk
`is the Main Concern
`“The main concern for a security-conscious organization is
`that a Steelhead data store potentially holds gigabytes of
`sensitive data. IT managers responsible for data security are
`concerned by questions of how an attacker might access
`the Steelhead data store and use the information in ways
`that might be harmful to the organization.” (“White Paper”)
`
`Paper No. 23 at pp,13-14; See RIV-1013 at p.2 (emphasis added)
`
`15
`
`
`
`State of the Art – Disk Encryption as a
`Solution
`
`• Moreover, the White Paper discloses using
`“disk encryption” as a security measure to
`protect data on the WAN optimization
`devices.
`
`Paper No. 23 at p.14; See RIV-1013 at p.3.
`
`16
`
`
`
`State of the Art – Security Risk Was a FAQ
`
`• In fact, the White Paper evidences that
`persons in the field were so aware of the
`security issue in WAN optimization devices,
`that it was a “frequently asked question[].”
`
`Paper No. 23 at p.14; See RIV-1013 at p.2.
`
`17
`
`
`
`Obvious to Modify McCanne ‘376
`Modifying McCanne ’376 to encrypt data at the
`receiving side TA would have been obvious:
`• McCanne ‘376: teaches that “when segment data is to
`be stored . . ., transforming the segment data via. . . an
`encryption function”
`• White Paper: discloses using disk encryption on WAN
`optimization device to address security risks
`• Patent Owner’s Expert: “knowledge existed” to
`“implement disk encryption both on the sending side
`and the receiving side.”
`
`Paper No. 23 at pp,12-15; See RIV-1013 at pp.2-3, RIV-1003 at ¶¶87-89, Table 1, Claims 4 and 5; and RIV-1010 at p.24.
`
`18
`
`
`
`The Record Renders Obvious the Patent
`Owner’s Alleged Point of Novelty
`
`• Accordingly, the record renders obvious
`encrypting and storing data at a receiving
`WAN optimization device – the Patent
`Owner’s alleged point of novelty.
`
`Paper No. 23 at pp.12-15; See Paper No. 16 at pp.10-15.
`
`19
`
`
`
`Patent Owner’s Burden
`
`Idle Free reiterated that “37 C.F.R. § 42.20(c)
`places the burden on the patent owner to show
`general patentability over prior art.”
`
`Paper No. 23 at p.4; Idle Free Paper No. 66 at p.33.
`
`20
`
`
`
`2004 WAN Optimization Market
`
`Paper No. 23 at p.5; See RIV-1011.
`
`21
`
`
`
`Not an Expert in the Market
`
`• Q. Do you know other
`than the folks that were
`present here, any of the
`companies that are
`involved in the WAN
`optimization field?
`– A. I'm not an expert in
`the market.
`
`Paper No. 23 at p.5; See RIV-1010 at p.16; See RIV-1011.
`
`22
`
`
`
`Does Not Know Who is in the Market
`
`Q. So in 2006, other than
`Riverbed, who else were you
`aware of that was in the field
`of WAN optimization?
`A. In 2006, as I said, I am not
`currently able to list people
`who are in the market for
`WAN optimization . . .
`Q. So I assume the answer
`would be the same if I asked
`you about 2005?
`A. Yes.
`Paper No. 23 at p.5; See RIV-1010 at pp.18-19; See RIV-1011.
`
`23
`
`
`
`Does Not Know What Was
`Happening in the Market
`Q. So today in 2014, who do
`you know, based on your
`knowledge today, that was a
`player in the WAN optimization
`field in 2005?
`A. Riverbed and Silver Peak.
`Q. Okay. And you didn't go back
`and look at what those
`companies may have published
`or what products they may
`have been selling in that time
`frame?
`A. That's correct.
`Paper No. 23 at p.5; See RIV-1010 at p.19; See RIV-1011.
`
`24
`
`
`
`Limited Consideration of
`the State of the Art
`• Q. What publications did you look at?
`– A. I primarily searched the SANS Security Digest …,
`and I also searched the writings of Bruce Schneier
`…
`• Q. Why did you limit yourself to those two
`sources?
`– A. Those were sources that I was familiar with,
`and those were the sources that were readily
`available to me in the time that I had to devote.
`
`Paper No. 23 at pp.4-5; RIV-1010 at pp.14-15.
`
`25
`
`
`
`State of the Art Not Considered
`
`Moreover, Patent Owner’s
`expert freely admitted he (i)
`did not conduct any searches
`generally, (ii) did not conduct
`any patent searches, and (iii)
`did not look through
`information available on the
`Internet from companies that
`are involved in WAN
`optimization.
`
`Paper No. 23 at pp.4-5; RIV-1010 at p.16.
`
`Q. You didn't do any Google
`searches?
`• A. No. . .
`Q. You didn't look in patent
`office data?
`• A. No. . .
`Q. Did you attempt to look
`through information available
`on the Internet from
`companies that are involved in
`WAN optimization?
`• A. No.
`
`26
`
`
`
`State of the Art - Disk Encryption Known
`and Used in WAN Optimization Devices
`
`• Patent Owner’s Expert:
`– “prior art publications or real-world systems relating
`to WAN optimization or data de-duplication similarly
`lacked a real focus on data security relating to the
`segments locally stored in the optimization
`appliances.” SIL-2001 at ¶54 (emphasis added).
`– “[a] person of ordinary skill in the art would not have
`appreciated the data security risks and vulnerabilities
`posed by WAN optimization appliances.” SIL-2001 at
`¶56 (emphasis added).
`
`27
`
`
`
`State of the Art - Disk Encryption Known
`and Used in WAN Optimization Devices
`
`• Evidence:
`– Expert: Limited knowledge of WAN optimization
`marketplace.
`– The White Paper: Data security in WAN
`optimization devices was a frequently asked
`question.
`– The Tolly Report: WAN optimization devices that
`maintain end-to-end security where “data stored
`within the device are encrypted and secure.”
`
`Paper No. 23 at pp.4-5; RIV-1010 at p.16; Paper No. 23 at p.14; See RIV-1013 at p.2; RIV-1012 at p.4 and Fig. 6;
`See also, RIV-1013.
`
`28
`
`
`
`Patent Owner’s Burden
`Patent Owner bears the burden of showing why
`encrypting the data received at the destination
`appliance and storing the encrypted received
`data is generally patentable over the art.
`• Patent Owner argues it would not have been
`obvious because a “person of ordinary skill in
`the art would not have appreciated the data
`security risks and vulnerabilities posed by
`WAN optimization appliances at the time.”
`
`SIL-2001 at ¶56.
`
`29
`
`
`
`Patent Owner Has Failed to Show General
`Patentability Over the State of the Art
`• White Paper: the security risks of data stored
`on WAN optimization devices was known;
`• White Paper and Tolly: it was known to
`perform disk encryption in WAN optimization
`devices to address the security risk; and
`• Patent Owner’s Expert: the “knowledge
`existed” to “implement disk encryption both
`on the sending side and the receiving side.”
`
`Paper No. 23 at pp.4-8; See RIV-1012 at pp.1-8 and Fig. 6.; See RIV1014-1022; See RIV-1013 at pp.2-6; See RIV-1010 at
`p.24.
`
`30
`
`
`
`Patent Owner’s Motion Enlarges the
`Scope of the Challenged Claims
`• Idle Free stated that “under 37 C.F.R. §
`42.121(a)(2)(ii), a substitute claim may not
`enlarge the scope of the challenged claim it
`replaces by eliminating any feature.”
`
`Paper No. 23 at p.1; Idle Free Paper No. 26 at p.5
`
`31
`
`
`
`Original Claim 1 of the ‘684 patent
`
`1. A network memory system for ensuring compliance, comprising:
`a source-site appliance comprising a first processor and a first memory
`device, and configured to be coupled to a source-site computer via a source-site local
`area network;
`a destination-site appliance comprising a second processor and a second
`memory device, and configured to be coupled to a destination-site computer via a
`destination-site local area network, the source-site computer in communication with
`the destination-site computer via a wide area network;
`the source-site appliance configured to intercept data sent from the source-
`site computer to the destination-site computer, encrypt the data, store the data in the
`first memory device, determine whether the data exists in the second memory device,
`and transmit a store instruction comprising the data if the data does not exist in the
`second memory device; and
`the destination-site appliance configured to receive the store instruction
`from the source-site appliance, store the data in the second memory device,
`subsequently receive a retrieve instruction comprising an index at which the data is
`stored in the second memory device, process the retrieve instruction to obtain
`encrypted response data, and decrypt the encrypted response data.
`
`Paper No. 23 at 1-4; RIV-1001 at p.26 (emphasis added), see also, Id. at pp.26-27 (where independent claims 8 and 15
`recite similar features).
`
`32
`
`
`
`Patent Owner’s Expert Confirms “the
`data” Transmitted is Encrypted
`• Q. Would you agree with me then that the
`system of Claim 1, the destination site
`appliance decrypts data; correct?
`– A. Yes. . . .
`• Q. In Claim 1, which side encrypts the data
`that the destination site appliance decrypts?
`– A. In Claim 1, the source site encrypts that data.
`
`Paper No. 23 at p.2; RIV-1010 at pp.20-21.
`
`33
`
`
`
`Proposed Substitute Claim 25
`
`• Proposed substitute claim 25 recites that the
`source-site appliance transmits “original data”
`to the destination-site appliance.
`– “the source-site appliance configured to . . .
`transmit a store instruction comprising the
`original data”
`
`Paper No. 23 at pp.1-4; Paper No. 26 at pp.1-2.
`
`34
`
`
`
`Proposed Substitute Claim 25
`
`Patent Owner’s expert stated that “original
`data” is unencrypted data:
`• Q. So in other words, the original data would
`be unencrypted data?
`– A. At the moment of encryption at the moment of
`interception, yes.
`
`Paper No. 23 at pp.1-4; RIV-1010 at pp.21-22.
`
`35
`
`
`
`Patent Owner Eliminated Transmitting
`Encrypted Data
`
`• Original claim 1 of the ’684 patent requires that “the
`data” transmitted by the source-site appliance to the
`destination-site appliance be in encrypted form.
`• By contrast, proposed substitute claim 25 requires that
`“the data” transmitted by the source-site appliance to
`the destination-site appliance be in unencrypted form.
`• Similarly, proposed substitute claims 32 (for claim 8)
`and 39 (for claim 15) also eliminate that “the data”
`transmitted is encrypted.
`
`Paper No. 23 at pp.1-4.
`
`36
`
`
`
`Non-Patent Eligible Subject Matter
`
`• Proposed Substitute Claim 39 recites:
`– “A software product . . . comprising: software
`operational when executed by a processor . . .;
`and a storage medium that stores the software.”
`• Board: “Patent Owner also explained that the Board
`denied proposed substitute claims in Case IPR2013-
`00402 that recited a similar limitation because Patent
`Owner had not shown that those claims recite patent-
`eligible subject matter.”
`
`Paper No. 16 at pp.5-6; Paper No. 35 at p.2.
`
`37
`
`
`
`Ambiguous Claim Drafting
`• Proposed Substitute Claim 38 recites: “storing
`the data”
`• “there is no longer antecedent basis for “the data.” See,
`e.g., proposed claim 32 (from which claim 38 depends),
`which references “original data,” “encrypted data” and
`“encrypted received data,” but not “data.”
`• “Office has encouraged clear and unambiguous claim
`drafting . . .” See CBM2012-00001, SAP America, Inc. v.
`Versata Development Group, Inc., CBM2012-00001,
`Paper 70 at 18 (2013).
`
`Paper No. 16 at pp.5-6; Paper No. 30 at pp.2-3.
`
`38
`
`
`
`State of the Art - Known to Encrypt Data
`Stored in a Database
`The portions of the ’684 patent cited by Patent
`Owner for “describing that the destination-site
`appliance can encrypt received data” discuss
`storing encrypted data in a database. See PO
`Motion, pp.8-9 (citing to Figs. 4 & 7, ¶¶ 67 & 76
`of the filed application of the ‘684 patent).
`– Evidence: encrypting data in a database for
`security reasons was exceedingly well known in
`the art prior to the filing date of the ’684 patent.
`See RIV-1014-1022.
`
`Paper No. 23 at 6-7; Paper No. 16 at 8-9.
`
`39
`
`
`
`Proposed Substitute Claim 25
`
`25. (Proposed Substitute for Claim 1) A network memory system for ensuring compliance, comprising:
`a source-site appliance comprising a first processor and a first memory device, and
`configured to be coupled to a source-site computer via a source-site local area network;
`a destination-site appliance comprising a second processor and a second memory device, and
`configured to be coupled to a destination-site computer via a destination-site local area network, the
`source-site computer in communication with the destination-site computer via a wide area network;
`the source-site appliance configured to intercept original data sent from the source-site
`computer to the destination-site computer, encrypt the original data to generate encrypted data, store the
`encrypted data in the first memory device, determine whether a representation of the original data exists
`in the second memory device, and transmit a store instruction comprising the original data if the
`representation of the original data does not exist in the second memory device; and
`the destination-site appliance configured to receive the store instruction from the source-site
`appliance, encrypt the original data received with the store instruction at the destination-site appliance to
`generate encrypted received data, store the encrypted received data in the second memory device,
`subsequently receive a retrieve instruction comprising an index at which the encrypted received data is
`stored in the second memory device, process the retrieve instruction to obtain encrypted response data
`comprising at least a portion of the encrypted received data, and decrypt the encrypted response data.
`Paper No. 16 at pp.1-2.
`
`40
`
`
`
`UNITED STATES PATENT AND TRADEMARK OFFICE
`__________________
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`___________________
`RIVERBED TECHNOLOGY, LLC
`PETITIONER
`V.
`SILVER PEAK SYSTEMS, INC.
`PATENT OWNER
`
`PATENT NO. 8,392,684
`Inter Partes Review No. IPR2014-00245
`_____________________
`CERTIFICATE OF SERVICE
`
`The undersigned hereby certifies that service was made on Patent Owner’s counsel of record as detailed below.
`
`Date of service February 3, 2015
`
`Manner of service Electronic Mail: ddonnelly-ptab@fenwick.com; jamsel-ptab@fenwick.com;
`emancera@fenwick.com
`Documents served Petitioners Demonstrative
`Persons served Darren E. Donnelly
`Jason E. Amsel
`Fenwick & West LLP
`Silicon Valley Center, 801 California Street
`Mountain View, CA 94041
`
`/David M. O’Dell/
`David M. O’Dell
`Lead Counsel for Petitioner
`Registration No. 42,044
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
