Upload
shawn-ambwani
View
218
Download
0
Embed Size (px)
Citation preview
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
1/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
i
DOCKET NO.: 098173-0966641
Filed on behalf of Unified Patents Inc.
By: Paul C. Haughey, Reg. No. 31,836
Scott Kolassa, Reg. No. 55,337Kilpatrick Townsend & Stockton LLP
Two Embarcadero Center, Eighth Floor
San Francisco, CA 94111-3834
Tel: (415) 576-0200
Email: [email protected]
Jonathan Stroud, Reg. No. 72,518
Unified Patents Inc.
1875 Connecticut Av. NW, Floor 10
Washington D.C., 20009Tel: (202) 805-8931
Email: [email protected]
UNITED STATES PATENT AND TRADEMARK OFFICE
BEFORE THE PATENT TRIAL AND APPEAL BOARD
UNIFIED PATENTS INC.
Petitioner
v.
WILLIAM GRECIA
Patent Owner
IPR 2016-00600
Patent 8,533,860
PETITION FOR I NTER PARTESREVIEW OF
U.S. PATENT NO. 8,533,860
CHALLENGING CLAIMS 130
UNDER 35 U.S.C. 312 AND 37 C.F.R. 42.104
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
2/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
i
TABLE OF CONTENTS
I. MANDATORY NOTICES ........................................................................ - 1 -
A.
Real Party-in-Interest ....................................................................... - 1 -
B. Related Matters ................................................................................. - 1 -
C. Counsels ........................................................................................... - 2 -
D. Service Information, Email, Hand Delivery, and Postal .................. - 2 -
II. CERTIFICATION OF GROUNDS FOR STANDING ............................. - 2 -
III. OVERVIEW OF CHALLENGE AND RELIEF REQUESTED ............... - 2 -
A. Prior Art Patents and Printed Publications ....................................... - 3 -
1. U.S. Patent No. 6,891,953 (filed on June 27, 2000 and
issued on May 10, 2005) (DeMello (EX1006)), which
is prior art under 35 U.S.C. 102(b). .................................... - 3 -
2. U.S. Pub. No. 2008/0313264 (filed on Jun. 12, 2007 and
published on Dec. 18, 2008) (Pestoni (EX1007)),
which is prior art under 35 U.S.C. 102(b). ......................... - 3 -
3. U.S. Pat. 6,385,596 (filed Feb. 6, 1998 and issued May 7,
2002) (Wiser (EX1008)), which is prior art under 35
U.S.C. 102(b). Wiser is cited for the customization
module of claims 2130 and the royalty scheme of
claim 26. ................................................................................. - 3 -
4. U.S. Pub. No. 20090037388 (filed Aug. 1, 2008 and was
published Feb. 5, 2009) (Cooper (EX1009)), which is
prior art under 35 U.S.C. 102(b). Cooper is cited for the
remote operation of claim 17. ................................................ - 3 -
B. Grounds for Challenge ..................................................................... - 4 -
IV. OVERVIEW OF THE 860 PATENT ....................................................... - 4 -
A. Priority Date of the 860 Patent........................................................ - 4 -
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
3/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
ii
B. Summary of the 860 Patent ............................................................. - 5 -
C. Summary of Relevant Prosecution File History ............................ - 10 -
D.
Person of Ordinary Skill in the Art ................................................ - 11 -
V. CLAIM CONSTRUCTION ..................................................................... - 11 -
A. verified web service .................................................................... - 12 -
B. metadata of the digital content .................................................... - 13 -
C. two way data exchange session .................................................. - 13 -
D. a verification token corresponding to the digital content ..... - 14 -
VI. PROPOSED REJECTIONS SHOWING THAT PETITIONER HAS A
REASONABLE LIKELIHOOD OF PREVAILING ............................... - 15 -
A. Ground 1: Claims 120 are unpatentable as obvious over
DeMello (EX1006) in view of the admitted prior art. .................... - 15 -
B. Ground 2: Claims 120 are unpatentable as obvious over
Pestoni(EX1007) in view of the admitted prior art. ...................... - 15 -
C.
Ground 3: Claims 21-30 are unpatentable overDeMello(EX1006) in combination with Wiser(EX1008). .......................... - 48 -
D. Ground 4: Claims 21-30 are unpatentable overPestoniin
combination with Wiser(EX1008). ............................................... - 48 -
E. Ground 5: Claims 17 and 30 are unpatentable overDeMello
(EX1006)in combination with Wiser (EX1008) and Cooper
(EX1009)........................................................................................ - 58 -
VII.
CONCLUSION ......................................................................................... - 60 -
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
4/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
iii
EXHIBIT LIST
Exhibit No. Description
1001 U.S. Patent No. 8,533,860 to Grecia.
1002 U.S. Patent No. 8,402,555 to Grecia.
1003 U.S. Patent No. 8,887,308 to Grecia.
1004 Grecia v. Amazon.com, No. 2:14-cv-00530(W.D. Wash. Dec.
22, 2014) (Joint claim construction statement by Patent Owner
and Amazon), and Ex. C
1005 Sony Network Entertainment Intl v. Grecia, IPR2015-00422,Preliminary Response (PTAB Mar. 11, 2015)
1006 U.S. Patent No. 6,891,953 to DeMello et al., Prior Art under 35
U.S.C. 102(b)
1007 U.S. Pub. No. 20080313264 to Pestoni, Prior Art under 35
U.S.C. 102(b)
1008 U.S. Pat. 6,385,596 to Wiser, Prior Art under 35 U.S.C. 102(b)
1009 U.S. Pub. No. 20090037388 to Cooper, Prior Art under 35
U.S.C. 102(b)
1010 Declaration of Ravi S. Cherukuri & Exhibits AD
1011 Unified Patents Inc. Voluntary Interrogatories
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
5/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 1 -
I. MANDATORY NOTICES
A. Real Party-in-Interest
Pursuant to 37 C.F.R. 42.8(b)(1), Petitioner certifies that Unified is the real
party-in-interest, and further certifies that no other party exercised control or could
exercise control over Unifieds participation in this proceeding, the filing of this
petition, or the conduct of any ensuing trial. SeeUnified Patents Inc. Voluntary
Interrogatories (EX1011).
B.
Related Matters
U.S. Patent No. 8,533,860 ( 860 Patent (EX1001)) has a parent U.S.
Patent No. 8,402,555 ( 555 Patent (EX1002)) and a continuation U.S. Patent No.
8,887,308 ( 308 Patent (EX1003). On Dec. 6, 2013 Grecia sued Microsoft,
Google, Sony Network Entertainment International and Apple for infringement of
the 860 Patent. Between Feb. 20, 2014 and Nov. 30, 2015, Grecia has sued the
following for infringement of different combinations of the three patents: Adobe
Systems, American Express, Visa, MasterCard, Charter Communications, Time
Warner Cable, AT&T Services, DirecTV, WideOpenWest Finance, RCN Telecom
Services, Network L.C.C., Charter Communications, Time Warner Cable,
Comcast, DISH Network, Amazon.com, Samsung Telecommunications America
and Vudu.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
6/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 2 -
A petition for inter partes review was filed by Sony Network Entertainment
International LLC, IPR2015-00422, on December 14, 2014, but was dismissed
prior to institution at the request of the parties.
C.
Counsels
Lead Counsel for Petitioner is Paul C. Haughey (Reg. No. 31,836), of
Kilpatrick Townsend & Stockton LLP. Back-up Counsel is Jonathan Stroud (Reg.
No. 72,518), of Unified, and Scott E. Kolassa (Reg. No. 55,337), of Kilpatrick
Townsend & Stockton LLP.
D.
Service Information, Email, Hand Delivery, and Postal
Unified consents to electronic service at
[email protected], [email protected], and
II. CERTIFICATION OF GROUNDS FOR STANDING
Petitioner certifies pursuant to Rule 42.104(a) that the patent for which
review is sought is available for inter partes review and that Petitioner is not
barred or estopped from requesting and inter partes review challenging the patent
claims on the grounds identified in this Petition.
III.
OVERVIEW OF CHALLENGE AND RELIEF REQUESTED
Pursuant to Rules 42.22(a)(1) and 42.104(b(1)-(2), Petitioner challenges
claims 1-30 of the 860 Patent.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
7/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 3 -
A. Prior Art Patents and Printed Publications
The following references are pertinent to the grounds of unpatentability
explained below:1
1.
U.S. Patent No. 6,891,953 (filed on June 27, 2000 and issued on May 10,
2005) (DeMello (EX1006)), which is prior art under 35 U.S.C. 102(b).
2. U.S. Pub. No. 2008/0313264 (filed on Jun. 12, 2007 and published on Dec.
18, 2008) (Pestoni (EX1007)), which is prior art under 35 U.S.C.
102(b).
3. U.S. Pat. 6,385,596 (filed Feb. 6, 1998 and issued May 7, 2002) (Wiser
(EX1008)), which is prior art under 35 U.S.C. 102(b). Wiser is cited for
the customization module of claims 2130 and the royalty scheme of
claim 26.
4. U.S. Pub. No. 20090037388 (filed Aug. 1, 2008 and was published Feb. 5,
2009) (Cooper (EX1009)), which is prior art under 35 U.S.C. 102(b).
Cooper is cited for the remote operation of claim 17.
1The 860 Patent issued from a patent application filed prior to enactment of
the America Invents Act (AIA). Accordingly, pre-AIA statutory framework
applies.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
8/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 4 -
B. Grounds for Challenge
This Petition, supported by the declaration of Ravi S. Cherukuri (Cherukuri
Decl.) (EX1010) requests cancellation of challenged claims 130 of the 860
Patent as unpatentable under 35 U.S.C. 103. Two main references are used, with
additional references for dependent claims.
IV.
OVERVIEW OF THE 860 PATENT
A.
Priority Date of the 860 Patent
The 860 Patent is a continuation of Application No. 13/397,517, filed on
February 15, 2012, now Patent 8,402,555 (the 555 Patent), which is a
continuation of Application Number 12/985,351, filed on January 6, 2011, which is
a continuation of Application Number 12/728,218, filed on March 21, 2010, which
is now abandoned. Although not listed on the 860 Patent or Certificate of
Correction, in the November 27, 2012 response in the prosecution history of the
555 Patent, the Patent Owner claimed priority to his Provisional Application
Number 61/303,292 (filed Feb. 10, 2010) to swear behind U.S. Pre-Grant
Publication Number 2011/0288946 toBaiya. Petitioner does not believe the 860
Patent is entitled to the February 10, 2010 priority date, but assumes that is the
effective date for the purposes of this petition, since all the prior art presented here
has an effective date of more than a year earlier than this date.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
9/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 5 -
B. Summary of the 860 Patent
The 860 Patent is directed to Digital Rights Management (DRM). The prior
art was alleged to tie media to a particular user or limited number of devices:
The current metadata writable DRM measures do not offer a
way to provide unlimited interoperability between different
machines. Therefore, a solution is needed to give consumers the
unlimited interoperability between devices . . . .
860 Patent (EX1001) at 2:13:7.
DRM schemes for e-books include embedding credit card
information and other personal information inside the metadata
area of a delivered file format and restricting the compatibility
of the file with a limited number of reader devices and
computer applications.
Id. at 2:1822. The alleged innovation of the 860 Patent is to obtain a
membership identification reference (e.g., Facebook ID) from a website providing
membership and write it into the metadata of the media. This allows anyone with
the membership reference ID to access the media on any device. The claim
elements of claim 1 and the other challenged claims correspond to the steps of
Figure 6 of the 860 Patent, copied below:
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
10/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 6 -
Claim 1 of the 860 Patent includes many alternative limitations, and is
summarized below with the letters corresponding to the elements in the claim
charts below, and the numbers corresponding to Fig. 6 above:
[A] Preamble: Authorizing access to plural data processing devices (multiple
user devices) using a cloud (Internet).
[B] (602) Receive user request, with verification token, for content access.
[C] (604) The verification token is authenticated. The claims of the parent 555
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
11/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 7 -
Patent limited step 604 to a membership verification token (e.g., Amazon
password), while the claims of the 860 Patent list a variety of tokens. Patent
Owner admits that steps B and C are in the prior art (as discussed below).
[D] (606) Establish a connection with user communication module (module
is a GUI and API related to a web service)
[E] (608) An identification reference (e.g., Facebook login) is requested
from the user.
[F] (610) The identification reference is received.
[G] (612) The verification token or identification reference is written into the
content metadata. Patent Owner admits this step is in the prior art.
Patent Owner has suggested that the particular order set forth above is
required, and that all corresponding 6 modules of Figure 1 must be present and
separate. SeeSony Network Entertainment Intl v. Grecia, IPR2015-00422 at 34,
1718 (PTAB Mar. 11, 2015) (Preliminary Response) (Sony v. Grecia
Preliminary Response (EX1005)). However, the Provisional Application never
mentioned the word module as used in the claims, and did not have the module
diagram of Fig. 1. The module term was added to described method steps in
claim 9, and the order of the method steps (claim 1) is described in the 860 Patent
as not limiting:
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
12/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 8 -
In this document, relational terms such as `first` and
second`, and the like may be used solely to distinguish
one entity or action from another entity or action withoutnecessarily requiring or implying any actual such
relationship or order between such entities or actions.
860 Patent (EX1001), at 4:6064. Figure 3 of the 860 Patent, copied below,
shows an embodiment where a user obtains content using GUI 301 on the left,
using a verification token that is authenticated (a membership verification
token in the 555 Patent claims, but a list of options in the 860 Patent claims).
This corresponds to the first two steps, 602 and 603, which are admitted prior art.
Note the same described system performs both steps. Then, the user uses GUI 307
on the right to contact a verified web service (e.g., Facebook) to verify the user
using an electronic ID (e.g., Facebook login). The same system performs the last
three steps.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
13/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 9 -
Petitioner notes that the term excelsior enabler as used in the specification
simply means user. Patent Owner characterized it as follows: authorized users
(excelsior enablers). June 12, 2012 response to office action. The term enabler
was also originally in the parent 555 Patent claims, but was replaced with user.
Excelsior refers to the main, or first user: [T]he excelsior enabler and secondary
enablers defined comprises human beings or computerized mechanisms
programmed to process steps of the invention as would normally be done manually
by a human being. 860 Patent (EX1001), at 5:1216.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
14/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 10 -
C. Summary of Relevant Prosecution File History
The claims in the parent 555 Patent were originally rejected as obvious
under 103 over U.S. Pre-Grant Publication Number 2011/0288946 to Baiya
(Baiya) in view of U.S. Patent 7,526,650 to Wimmer (Wimmer). The
Examiners reasons for allowance noted that Baiya and Wimmer taught the first
two elements of the claims, which correspond to the first two elements of the 860
Patent claims. The 860 Patent was allowed after an Examiners Amendment and
no rejection, and the reasons for allowance listed Baiyaand Wimmeras the closest
prior art. Neither of the references show a users membership used to brand digital
content so it could be used on multiple devices. Baiya describes a content
management system for a group or a business, where libraries for documents and
other media are established and authorized users are given keys to access those
libraries. Wimmer describes branding video content with an end user's personal
identity information as a deterrent against unauthorized redistribution. Thus, the
Examiner found no reference where a users membership was used to brand digital
content so it could be used on multiple devices. The prior art references discussed
herein, however, clearly teach this feature.
In the Certificate of Correction, the claim language obtained from a verified
web service was changed to related to a verified web service.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
15/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 11 -
D. Person of Ordinary Skill in the Art
One of ordinary skill in the art at time of the earliest claimed effective filing
date of the 860 Patent (Feb. 10, 2010) would possess at least a university degree
or have equivalent professional experience related to electronics and/or software,
with some experience in digital rights management such as two years of work
experience. See Cherukuri Decl. (EX1010), at 2832, 5859. The claims of the
860 Patent are directed to a DRM system used with standard computers
communicating over known network means. Thus, one of ordinary skill in the art
requires knowledge of DRM programs, generally. Id.at 22.
V.
CLAIM CONSTRUCTION
Claim terms of a patent in inter partes review are normally given the
broadest reasonable construction in light of the specification. See 37 C.F.R.
42.100(b): see also In re Cuozzo Speed Techs., LLC, 778 F.3d 1271, 1279-81
(Fed. Cir. 2015).
The following discussion proposes constructions and support for those
constructions. Any claim terms not included in the following discussion should be
given their ordinary meaning in light of the specification, as commonly understood
by those of ordinary skill in the art. The broadest reasonable interpretation of a
claim term may be the same as or broader than the construction under the standard
set forth inPhillips v. AWH Corp, 415 F.3d 1303 (Fed. Cir. 2005), but it cannot be
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
16/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 12 -
narrower. See Facebook, Inc. v. Pramatus AV LLC, 2014 U.S. App. LEXIS 17678,
*11 (Fed. Cir. 2014). The constructions proposed below should be applied
regardless of whether the terms are interpreted under the Phillipsstandard or the
broadest reasonable interpretation standard.
There have been no claim construction orders yet in the District Court
litigations involving the 860 Patent. There has been a joint claim construction
statement by Patent Owner and Amazon. SeeGrecia v. Amazon.com, No. 2:14-cv-
00530(W.D. Wash. Dec. 22, 2014) (Joint claim construction statement by Patent
Owner and Amazon), and Ex. C (EX1004); see also 37 C.F.R. 42.62 and F.R.E.
801(d)(2). See also SeeCherukuri Decl. (EX1010) at 4254.
A.
verified web service
Outside the claims, this term only appears once in the 860 patent:
The web service equipped with the API is usually a well-known
membership themed application in which the users must use an
authentic identification. Some example includes Facebook .
Other verif ied web services in which real member names are
required such as the LinkedIn API and the PayPal API
860 Patent (EX1001) at 10:4151 (emphasis added). In the Grecia v. Amazon
litigation, Patent Owner proposed a web service accessible with an authenticated
credential and Amazon proposed a web service that is used to authenticate the
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
17/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 13 -
identity of a user or device. Grecia v. Amazon.com, Ex. C at 16 (EX1004). The
Patent Owner term of an authenticated credential does not appear in the 860
Patent, and the example is a Facebook login name and password to authenticate the
user, not authenticate the credential. Thus, the Amazon proposal is correct: the
proper construction is any web service that is used to authenticate the identity of a
user or a device.
B.
metadata of the digital content
In the Grecia v. Amazonlitigation, Patent Owner proposed data about the
digital content and Amazon proposed data that describes the digital content, in
the same media file as the digital content. Id. (EX1004), Ex. C at 16. Petitioner
submits it is well known that metadata doesnt just describe the digital content, and
thus Amazons construction is too narrow. Also, meta data is not necessarily in the
same media file. SeeCherukuri Decl. (EX1010) at 4748. Petitioner, for the
purposes of this petition, submits the construction is data about the digital content.
C. two way data exchange session
In the Grecia v. Amazonlitigation, Patent Owner proposed requesting the at
least one identification reference from the at least one communications console and
receiving the at least one identification reference from the at least one
communications console. Amazon proposed transfer of information from a
device to a server and from the server to the device. Grecia v. Amazon.com
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
18/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 14 -
(EX1004), Ex. C at 19. The Patent Owner proposal adds in other limitations from
the claim and is thus too detailed, and Amazon adds a server and device limitation.
Petitioner submits the construction issession enabling an exchange of data.
D.
a verification token corresponding to the digital content
In the Grecia v. Amazon litigation, Patent Owner proposed the list of items
in the claim, and Amazon agreed, but added assigned to the digital content to
identify the content or access rights the user has to that content. Grecia v.
Amazon.com (EX1004), Ex. C at 12. The additions appear unnecessary, as the
term is defined in the claim. The password and email address options in the claim
list are discussed in the 860 Patent:
Examples of the token include, and are not limited to, a structured or
random password, e-mail address associated with an
e-commerce payment system used to make an authorization payment,
or other redeemable instrumentsof trade for access rights of digital
media. Examples of e-commerce systems are PayPal, Amazon
Payments, and other credit card services.
See 8:4551. Petitioner submits the construction is the list in the claim: one or
more of a password, e-mail address, payment system, credit card, authorize ready
device, rights token, or one or more redeemable instruments of trade.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
19/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 15 -
VI. PROPOSED REJECTIONS SHOWING THAT PETITIONER HAS A
REASONABLE LIKELIHOOD OF PREVAILING
The references addressed below anticipate and/or render obvious the claimed
subject matter, and are corroborated by the opinion in the Cherukuri Declaration
(EX1010).
A.
Ground 1: Claims 120 are unpatentable as obvious over DeMello
(EX1006) in view of the admitted prior art.
Grounds 1 and 2 are discussed together below for claims 2-20 in order use
the same claim charts and fit within the allowed page limits. Only independent
claim 1 is separately discussed.
B.
Ground 2: Claims 120 are unpatentable as obvious over Pestoni
(EX1007) in view of the admitted prior art.
Claim 1DeMello. DeMellodescribes a system for delivery of electronic books
or other media. Id. at 4:4149. A purchaser can link a book to a persona so that
it can be read on multiple user devices (readers) or shared with others associated
with the same persona. The user provides PASSPORT credentials (a user ID and a
passwordPASSPORT is Microsofts single sign-on service). An activation
server authenticates the user using the PASSPORT credentials in communication
with the PASSPORT servers. The PASSPORT ID is associated with the
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
20/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 16 -
purchasers persona and written to an activation certificate. Id. at 13: 2135.
As shown in Fig. 4 of DeMelloabove, the user requests content at a retail
site 71 on the left, and there is user authentication, as noted below box 72. As
described below, user authentication can be performed by establishing a
membership using authentication credentials (e.g., Amazon.com log-on
credentials), which is a verification token. A separate HTTPS connection 70 on
the right is used to establish a connection with an Activation Site 75, where a
users PASSPORT ID is used to verify the user and brand the metadata of the
content.
[A] Preamble. DeMellodiscloses a DRM system which authorizes access
to content and contains the other limitations of the preamble, using a cloud
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
21/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 17 -
system (defined in claim 25 as the Internet), with content encrypted (since the
claim says or not, this is not a limitation), and with access for a plurality of
processing devices. The claim chart below shows the specific language from
DeMellofor these limitations.
860 Patent
(emphasis added)
DeMello (EX1006)(emphasis added)
[A] 1. A method for
authorizing access to
digital content using
a cloud system, the
cloud system
comprising connected
modules in operation
as one or more of a
cloud computing or a
cloud storage in
connection with
devices and users,
wherein the digitalcontent is at least
one of encrypted or
not encrypted, the
method facilitating
access rights
between a plurality
of data processing
devices, the method
comprising:
A server architecturefor a digital rights management
system that distributes and protects rights in content.Id.
at Abstract at ll. 12.
The digital content is at least one of encrypted or not
encrypted: source sealed and individually sealed
content is encrypted. Id. at 2:610.
using a cloud system : communications over the wide
area network 52, such as the Internet. Id. at 8:2425.
[Internet=cloud]
Facilitating access rights between a plurality of dataprocessing devices: The PASSPORT object 96 provides
the required interfaces into the PASSPORT.TM. servers
that authenticate the end-users using, for example, their
hotmail accounts (or other PASSPORT credentials). In
accordance with aspects of the present invention, this
object advantageously associates the activation
certificate with a persona, instead of a single PC, thus
allowing each persona to utilize multiple readers to
read level 5 titles. Id. at 13:1724.
[B] This element (chart below) requires an access request (which eventually
results in a metadata read/write) along with a verification token from a
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
22/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 18 -
communications console (the user device). Patent Owner admits this element, and
the following element [C] are shown in the prior art:
. . . communicating access rights over the Internet to a
license server-the first and second steps of method claim
1 in the 860 patent-was well known in the digital rights
management field.
Sony v. Grecia Preliminary Response (EX1005) at 14. See also id. at 6, ll. 67
(Clearly, many prior art systems taught the verification of a token through a GUI
interface.)
Claim 1 of the parent 555 Patent describes a verification token as a
membership verification token [this was alleged vs. the Amazon Kindle logon, for
example]. The 860 Patent claim 1 recites a list of possible verification tokens
including a password and an email address, which can correspond to a
membership, but also a credit card, a rights token, etc. DeMello teaches user
authentication and establishing a membership relationship with a retailer (left of
Figure 4), which inherently would include providing a token, such as a retailer
password and/or email (e.g., Amazon log-on credentials). User authentication and
establishing a membership are obvious in view of the admitted prior art. The
admitted prior art steps are described in the parent 555 Patent as verifying
membership for site to buy content, and DeMello recites establishing such a
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
23/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 19 -
membership relationship. It would be obvious to use the verification token of the
admitted prior art to establish a membership relationship. SeealsoCherukuri Decl.
(EX1010) at 6169.
Other embodiments. DeMellodescribes a variety of DRM options, such as
individualized or fully individualized, and obtaining content before or after
activation (PASSBOOK verification). These DRM options contain various other
verifications or authentications that also meet various ones of the list of
verification token options in the claim. The list of options for the verification and
authentications could read on, for example, the fulfilment site 73 of Figure 4 and
other variations set forth in the Cherukuri Declaration (EX1010) at Ex. C, such as
the BookID, which is verified and written as metadata of content, similar to the
content code entered in the KODEKEY GUI of Figure 3 of the 860 Patent. As
described above in the Summary of the 860 Patent, the 860 Patent specifies that
other orders of steps are intended to be covered, and thus various combinations of
embodiments meet the claim. For example, activation (obtaining PASSPORT ID)
could be done, and is described as being done, before or after buying the content.
As described above, cloud is a synonym for Internet and the servers in
DeMello are accessed over the Internet, thus the cloud system combination is
shown. See alsoCherukuri Decl. (EX1010) at Ex. C.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
24/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 20 -
[B] receiving a digital content access
request from at least one
communications console of the
plurality of data processing devices,the access requestbeing a read or
write request of metadata of the digital
content, wherein the read or write
request of metadata is performed in
connection with a combination of at
least one device and the cloud system,
the request comprising a verification
tokenprovided by a first user
corresponding to the digital content,
wherein the verification token is one
or more of a password, e-mail
address, payment system, credit
card,authorize ready device, rights
token, or one or more redeemable
instruments of trade;
This element is admitted prior art
DeMello(EX1006)- Retail site (Fig. 4)
Bookstore servers 72 may communicate
with users via web browsing software
(e.g., by providing web pages for viewing
with a MICROSOFT INTERNET
EXPLORER browser or a NETSCAPE
NAVIGATOR browser). Through this
communication [access request],
bookstore servers 72 may allow users to
shop for eBook titles, establish their
membership relationship with the
retailer[verification token], pay for their
transactions, and access proof-of purchase
pages (serve-side receipts). Id. at 9:9-16.
[C] As described above, this element was also admitted by Patent Owner to
be in the prior art. DeMello shows authenticating the username and other
credentials (verification token) of this element as described in the chart below, and
also in a variety of embodiments. Since various options for the authentication
token are claimed and shown inDeMello, various options for authentication of the
token are also shown. The authentication can be of the credit card or membership
information by the retail site (e.g., Amazon log-on). For devices already activated,
there can be authentication of the PASSPORT ID or other information as described
in more detail in the Cherukuri Declaration (EX1010) at Ex. C, Element C. Also,
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
25/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 21 -
the Book ID can be the verification token. These all correspond to the admitted
prior art.
[C]
authenticating
the
verification
token;
This element is admitted prior art
DeMello (EX1006) - Retail site authentication:
After the buying customer has selected the titles he/she wishes to
purchase and decides to complete an order, the merchant will
process the order according to their existing methods (e.g., credit
card validation, billing, etc.). This may include requiring the
users to authenticate themselves (for those which require a
membership recordfrom their customers) id. at 40:23-29.]
[D] This element is establishing a connection with user communication
module which has a GUI and an API related to a verified web service (e.g.,
Facebook). Patent Owner admitted that such GUIs and APIs for verified web
services are known in the prior art:
The web service equipped with the API is usually a well-
known membership themed application in which the
users must use an authentic identification. Some example
includes Facebook in which as a rule, members are
required to use their legal name identities. A reference
number or name with the Facebook Platform API
represents this information. Other verified web services
in which real member names are required such as the
LinkedIn API and the PayPal API and even others could
be used . . .
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
26/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 22 -
308 Patent (EX1003), at 10:4151. DeMello discloses the communications
console of this element as the reader. The reader provides access to a bookstore
feature, which is the required GUI. The user is prompted at the reader (e.g., a
prompt in a GUI) to login using PASSPORT credentials to authenticate the user at
the PASSPORT server. The reader then sends the login credentials to the
PASSPORT server via the API of the PASSPORT server to authenticate the user at
the PASSPORT server. See id. at 9:614; 23:610, 23:1923. It is obvious that
the reader in DeMello would formulate its request according to the protocol
specified by the API of the verified web service (the PASSPORT server). The
PASSPORT server meets the claim construction definition of a verified web
service that authenticates the identity of a user:
The PASSPORT object 96 provides the requiredinterfaces into the PASSPORT.TM. servers that
authenticate the end-users using, for example, their
hotmail accounts (or other PASSPORT credentials).
DeMello (EX1006) at 13:3135, 13:5461. The PASSPORT web service
facilitates a two-way data exchange session to complete a verification process. See
id. at 23:610, 23:1923; 24:3335. The data exchange can include the activation
certificate, which contains the PASSPORT ID, and which corresponds to the
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
27/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 23 -
account identifier in the list of options for the identification reference in
element [E].
In addition to being admitted prior art, it is obvious that the browser of the
reader mentioned in DeMello includes a GUI, since browsers provide a GUI (see
Cherukuri Decl. (EX1010), at Ex. C), and the 860 Patent acknowledges the tie of
a browser to a GUI: a web browser interact with the API of a remote Internet
server system as desired. A Graphic User Interface (GUI) can be installed for
human interaction . 860 Patent (EX1001) at 10:3037 (emphasis added).
The PASSPORT API mentioned in DeMello facilitates communication of
PASSPORT credentials for authentication between the reader and the PASSPORT
server via the activation server. The data exchange session is shown by the
exchange of the user name and password for the activation certificate.
AlternateDeMelloembodiments show the identification reference, such as
a hardware ID, which is a serial number or a manufacturer identification in the
list of possible identification references of element [E], and which is exchanged
along with the activation certificate (with the PASSPORT ID) based on exchange
of the PASSPORT credentials). See Cherukuri Decl. (EX1010) at Ex. C, Element
D.
[D] establishing a
connectionwithDeMello(EX1006)
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
28/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 24 -
the at least one
communications
console, wherein
thecommunications
console is a
combination of a
graphic user
interface (GUI)
and an Application
Programmable
Interface (API)
wherein the API is
related to averified web
service, the web
service capable of
facilitating a two
way data exchange
session to
complete a
verification
process, whereinthe data exchange
session comprises
at least one
identification
reference;
Establishing a connection: At step 150, the reader client
opens into the integrated bookstore feature and connects, via
secure sockets layer (SSL), to the activation servers 94,
where users are prompted to login using, in this example, theirPASSPORT credentials (step 152).Id. at 23:517.
The API is related to a verified web service [PASSPORT],
which is capable of facilitating a two way data exchange
session to complete a verification process [authentication of
PASSPORT credentials]:
Activation Server 94 includes a PASSPORT object 96 and
an activation server ISAPI Extension DLL 98. ThePASSPORT object 96 provides the required interfaces into
the PASSPORT.TM. serversthat authenticate the end-
usersusing, for example, their hotmail accounts (or other
PASSPORT credentials).Id. at 13:3035.
Once user's PASSPORT.TM. credentials are authenticated
(step 156), a PASSPORT.TM.API is queried for the user
alias and e-mail address (step 158). Id.at 23:1821.
The secure repository executable and activation certificate
are then downloadedto the client (steps 188 and 190). Id. at
24:3335. [the upload and download shows the two-way
data exchange]
Two-way data exchange session for PASSPORT ID:
Moreover, the activation server arrangement preferably
provides a given activation certificate(that is, an activation
certificate having a particular key pair) only after
authenticating credentials(e.g., a username and password)associated with a persona.Id. at 2:50-54.
the PASSPORT IDis contained in the activation
certificate, Id. at 16:4344.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
29/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 25 -
[E] DeMello shows the identification reference of this element is
communicated by the reader (also client or user computing devicethe
communications console). As described above,DeMelloshows two options for
the identification references listed in element [D], a password or an account
identifier, and a serial number. For example, the identification reference is
shown in the form of both a hardware ID and an activation certificate (which
includes the account identifier PASSPORT ID and other identifiers) by the
activation server. The data exchange is both explicitly described and is inherent,
since the activation certificate would not be communicated unless it was requested
or understood to be requested. See Cherukuri Decl. (EX1010) at Ex. C, Element E.
[E] requesting the at least
one identification reference
from the at least onecommunications console,
wherein the identification
reference comprises one or
more of a verified web
service account identifier,
letter, number, rights token,
e-mail, password, access
time, serial number,
address, manufacturer
identification, checksum,operating system version,
browser version, credential,
cookie, or key;
DeMello(EX1006)The identification reference is requested from the
communications console, and comprises at least apassword or a serial number:
At step 150, the reader client opens into the
integrated bookstore feature and connects, via
secure sockets layer (SSL), to the activation servers
94, where users are prompted to login[requesting]
using, in this example, their PASSPORT.TM.
credentials(step 152). Id. at 23:610.
the activation servers 94 will request that the
client (via the ActiveX control) upload a unique
hardware ID.. Id. at 23:1826.
The user provides the activation certificate to the
content server:
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
30/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 26 -
For fully individualized copies (level 5), a client-
side script will populate the body of the POST
with the activation certificate, preferably using
COM object implemented by the reader whichobtains the necessary activation certificate or
relevant information therefrom.Id. at 26:1015.
[F] The identification reference (PASSPORT ID in activation certificate or
hardware ID) is received from the communications console (the reader). This
element is part of element [E], since a requested element is clearly received.
Receiving an identification reference is also shown in the quoted sections below.
[F] receiving the
at least one
identification
reference from
the at least one
communications
console; and
DeMello (EX1006)
the client (via the ActiveX control) upload a unique
hardware ID..Id. at 23:2122.
a client-side script will populate [receiving from user] the
body of the POST with the activation certificate [identification
reference], preferably using COM object implemented by the
reader which obtains the necessary activation certificate orrelevant information therefrom. Id. at 26:1015.
[G] This element requires that the verification token or identification
reference be written into the metadata. Patent Owner admits this was shown in the
prior art for the verification token:
This disclosure corresponds to, for example, the first,
second, and sixth steps of claim 1 of the 860 patent as
illustrated in Figure 3 at 301, 303, and 305 (i.e., receiving
a write request and authentication) and 302 (i.e., writing
the verification token into the metadata). Wimmer stops
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
31/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 27 -
there, however, and critically lacks the third, fourth, and
fifth steps of claim 1 of the 860 patent .
Sony v. Grecia Preliminary Response (EX1005) at p. 13. See alsoCherukuri Decl.
(EX1010) at 27.
DeMellodiscloses this element in two different ways. The PASSPORT ID
(an identification reference) is part of the activation certificate, as described above,
and the public key of the user's activation certificate is cryptographic hashed with
meta-data. The PASSPORT ID is also written into (stores into) a registry, id. at
16:4849, which constitutes additional metadata because it is associated with the
content. SeeCherukuri Decl. (EX1010) at 63 and Ex. C, Element G.
In other embodiments, the hardware ID is written to metadata and the
purchaser credit card and name (a verification token) are written into the eBook
title metadata. Id. at 5:4548. SeeCherukuri Decl. (EX1010) at 67 and Ex. C,
Element G.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
32/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 28 -
[G] writing
at least one
of the
verificationtoken or the
identification
reference
into the
metadata.
This element is admitted prior art
DeMell o (EX1006)
PASSPORT ID as verification token written to metadata
stores the PASSPORT ID in the registry [metadata] on the
user's computing device, Id. at 16:4849.
[T]he PASSPORT ID is contained in the activation certificate,
Id. at 16:43-44. the key is a symmetric key 14A that is sealed
with a cryptographic hash of meta-data12 or, in the case of level 5
titles, with the public key of the user's activation certificate.Id. at
6:42-45.
Purchaser name as verification token written to metadata:
An "individually sealed" title is an eBook whose meta-data
includes information related to the legitimate purchaser (e.g., the
user's name or credit card number, the transaction ID .. Id.
at 5:4548.
Claim 1Pestoni (EX1007). Pestonidiscloses a networked system where
a user can obtain content from a content provider, which may refer the user to a
license server for a content license that is bound to the users domain membership
ID. Id.at Abstract, [0002], [0012]. A separate domain administrator authenticates
the user, with a password, and provides the users device, as well as any another
other of the users devices, with a domain membership license to allow access to
the content based on the users domain membership. Id. The content license is
metadata with a domain membership ID. Id. Patent Owner admits that elements
[A] and [B] are in the prior art (as discussed above).
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
33/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 29 -
[A]Preamble. Pestoni discloses a system of Internet-connected
components for authorizing and facilitating digital-media access rights between
multiple user devices [0013].
860 Patent
(emphasis added)
Pestoni(EX1007) (emphasis added)
[A] 1. A method for
authorizing access to
digital content using
a cloud system, the
cloud system
comprising connected
modules in operation
as one or more of a
cloud computing or a
cloud storage in
connection with
devices and users,
wherein the digital
content is at least
one of encrypted ornot encrypted, the
method facilitating
access rights
between a plurality
of data processing
devices, the method
comprising:
Using a cloud system: [0013] FIG. 1 illustrates an
example system 100 in which the domain management for
digital media can he employed. System 100 includes . . .
domain administrators 102, . . . content providers 104, . . .
license servers 106, [and] multiple (x) domains 108(1), . . .
, 108(x) . . .. Each of these components 102, 104, 106,
108, and 120 can communicate with one another over
network 110 . . . such as the Internet.
Encrypted digital content: [0018] . . . The pieces of
content provided to devices 112, 114 are typically
protected . . . through encryption.
Facilitating access rights: [0017] . . . Management of a
domain refers to . . . imposing restrictions on members ofthe domain, including adding devices to the domain,
removing devices from the domain . . .. When a device
112, 114 joins a domain, the device 112, 114 is given a
domain membership license . . . [that] allows the device
to access and play back any protected content that has
been bound to that domain, as discussed in more detail
below.
[B] As noted, Patent Owner has admitted as prior art this element, which
requires an access request (which eventually results in a metadata read/write) along
with a verification token from a communications console (the user device). See
Sony v. Grecia Preliminary Response (EX1005) at 6. Pestonidiscloses a domain
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
34/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 30 -
membership license obtained with a join-domain request 220 which includes user
credentials such as a user id and password. Id.at [0041].
[B] receiving a digital content
access request from at least
one communications console
of the plurality of data
processing devices, the access
requestbeing a read or
write request of metadataof
the digital content, wherein
the read or write request of
metadata is performed inconnection with a
combination of at least one
device and the cloud system,
the request comprising a
verification tokenprovided
by a first user corresponding
to the digital content, wherein
the verification token is one
or more of a password, e-mail address, payment
system, credit card, authorize
ready device, rights token, or
one or more redeemable
instruments of trade;
This element is admitted prior art
Pestoni(EX1007)- Receiving access request:
Device 202 communicateswith content provider
104 to obtainpieces of protected content[content
access request]. Protected content can be obtained
by device 202 before it joins a domain, after it
joins a domain, or concurrently with joining a
domain. Id. at 0067.
[0038] . . . To join a domain, [user] device 202issues a join-domain request 220 to domain
administrator 102.
[0044] Domain request approval module 224 [of
domain administrator 102] receives join-domain
request 220.
Verification token that is password, etc.: [0039]
The join-domain request includes various
parameters . . . [such as] a device certificate, usercredentials, and optionally a device description.
[0041] . . . The user credentialscan take any of a
variety of different forms, such as a user id and
password, a digital certificate attesting to the
users identity and digitally signed by a trust
authority, and so forth.
[C] As noted, this element was admitted by Patent Owner to be in the prior
art. Pestonishows verifying that the domain that device 202 is requesting to join
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
35/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 31 -
is the domain of the user of device 202, as identified by the user credentials in the
request. Id. at [0044].
[C]
authenticating
the
verification
token;
This element is admitted prior art
Pestoni (EX1007)[0045] Domain request approval module 224 . . . verifies that
the user credentials from request 220 are correct. This
verification can take different forms, such as comparing a
password (or hash thereof) against a stored password (or hash
thereof), accessing a remote service (not shown) to verify that the
received password matches the received user id, . . . and so forth.
Elements [D][F], as described under Ground 1 above, set forth using a GUI
and an API to communicate with a verified web service to request [E] and receive
[F] an identification reference. As described above, the use of a GUI and an API
to access a verified web service is admitted prior art. In addition, since both
DeMello and Pestoniwere assigned to Microsoft, and both relate to very similar
digital rights systems, the use of a GUI and API discussed in DeMello above is
evidence of the common practice of Microsoft programmers in implementing these
systems. SeeCherukuri Decl. (EX1010) at 80 and Ex. D, Element D.
Element [D] requires a two-way data exchange session with a verified web
service to complete a verification process using an identification reference.Pestoni
describes completing the verification process by establishing a connection with
license server 106. To do so, the user device sends to the license server a
content license request 252 that includes a domain certificate, which is an
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
36/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 32 -
identification reference. Pestoni teaches that the license server 106 is a verified
web service because the license server 106 is accessible only if the domain
certificate is authenticated and, once authenticated, the domain certificate
authenticates the identity of the domain and its associated user and device. ([0075],
[0094]). This meets the verified web service claim construction above of any web
service accessible with an authenticated credential that authenticates the identity
of a user or a device.
[D] establishing a
connection with the at
least one communications
console, wherein the
communications console
is a combination of a
graphic user interface
(GUI) and an Application
Programmable Interface(API) wherein the API is
related to a verified web
service, the web service
capable of facilitating a
two way data exchange
session to complete a
verification process
wherein the data
exchange session
comprises at least oneidentification reference;
Use of GUI & API are admitted prior art.
Pestoni (EX1007)Establishing a connection having two-way exchange
comprising identification reference to complete
verification:
[0072] Device 202 communicates with license server
106 to obtain content licenses for pieces of protected
content . . . Device 202 sends a content licenserequest 252 . . . [that] includes various parameters . . .
[such as] a key ID, a domain ID, and a domain
certificate[identification reference].
[0075] In response to content license request 252,
license server 106 validates the domain certificate
included in request 252.
[0084] The content license 254, bound to domain
204, is returned to device 202. Once device 202 has
the content license for a piece of protected content,content playback module 214 is able to access the
protected content.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
37/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 33 -
Element [E] sets forth requesting the at least one identification reference
from the at least one communications console, while Pestoni describes the device
202 sending a domain ID in content license request 252. Varying which side
initiates the request for the identification reference is an obvious matter of design
choice. One of skill in the art would recognize that the License Server could
request the domain ID in response to a license request, or the device could simply
supply the domain ID as part of the request. SeeCherukuri Decl. (EX1010) at 84
and Ex. D, Element E.
[E] requestingthe at least one identification
reference from the at least one communications
console, wherein the identification reference
comprises one or more of a verified web service
account identifier, letter, number, rights token,
e-mail, password, access time, serial number,
address, manufacturer identification, checksum,operating system version, browser version,
credential, cookie, or key;
Pestoni (EX1007)[0072] Device 202
communicates with license
server 106 to obtain content
licenses for pieces of protected
content . . . Device 202 sends a
content license request 252 . . .[that] includes various
parameters . . . [such as] a key
ID, a domain ID, and a
domain certificate.
[F] The license server 106 receives from device 202 a content license
request 252, which includes various identification references, including a key ID, a
domain ID, and a domain certificate. This element is part of element [E], since a
requested element is clearly received.
[F] receivingthe at
least one identificationPestoni (EX1007)
[0072] Device 202 communicates with license server
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
38/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 34 -
reference from the at
least one
communications
console; and
106 to obtain content licenses for pieces of protected
content . . . [License server 106 receives from device
202] . . . a content license request 252 . . . [that] includes
various parameters . . . [such as] a key ID, a domain ID,and a domain certificate.
Element [G] is shown. As noted above with respect to DeMello, this
element is admitted prior art. Pestonishows the verified web service as License
Server 106, which requests and receives Domain ID and domain certificate.
SeePestoni (EX1007), at [0072][0074]. A content license is generated, and
bound to the domain associated with the Domain ID. See id.at [0079][0082].
The content license 254, bound to domain 204, is returned to device 202, which
stores the license in content license store 210. Once device 202 has the content
license, it is able to access the protected content. See id.at [0084]. The content
license 254, bound to domain 204 and stored in content license store 210 of device
202, obviously constitutes metadata, since this is data is about the content stored in
device content store 208 of the device 202. SeeCherukuri Decl. (EX1010) at 76
and Ex. D, Element G. Additionally, Pestoni refers to the content metadata,
Pestoni [0071], as including a key ID which identifies the content, which
associates the content license, which contains the domain ID, as set forth in the
below claim chart.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
39/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 35 -
Other embodiments. The verification token is also shown by user
credentials, such as a user id and password, a digital certificate and other
parameters in Pestoni, with the identification reference being shown by the
Domain ID, Domain Certificate or other parameters as set forth in the Cherukuri
Declaration (EX1010) at Ex. D, Element G. Not only does the 860 Patent say the
order of steps can be different, as noted above, but Pestoni says the same in
paragraph [0097].
[G] writing at
least one of the
verification
token or the
identification
referenceinto
the metadata.
This element is admitted prior art
Pestoni (EX1007)
[0082] Domain binding encryption module 258 binds [writes
to metadata] the content license generated by content license
generator 260 to the domain identified in request 252.
[0084] The content license 254, bound to domain 204, is
returned to device 202. Once device 202 has the content license
for a piece of protected content, content playback module 214
is able to access the protected content and play back the
protected content in decrypted form.
Claims 25. Claim 2 is directed to a second user, who is validated by a
membership web service. This is shown by DeMellosPASSPORT membership
service and Pestonis domain membership, which both provide for validating
multiple members. SeealsoCherukuri Decl. (EX1010) at Exs. C & D.
Claim 3 requires software or webpage content in the metadata. The 860
Patent does not describe any software as metadata, and the only reference to
webpage data is Web pages often include metadata in the form of Meta tags.Id.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
40/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 36 -
at 13:2831. DeMello shows the book title and related information in the
metadata, which is also listed on the webpage where the book is sold. Thus, the
book title from the retailer web page ofDeMello, which is also in the meta tag, is
webpage content which satisfies this element. The content license ofPestoniis
specified as containing constraints which are from a web site, and are thus
webpage content.
Claim 4 merely recites the verification function of the verification token (the
function of representing verification). Thus, it doesnt add anything to claim 1 and
is invalid overDeMelloandPestonias shown in claim 1[C] above.
Claim 5 says the content is shared among multiple users with membership
status, similar to claim 2, but depending from claim 3, and is also shown by
DeMello and Pestoni. The validation is done in DeMello by authenticating the
user. Pestonisimilarly shows a validated domain. Thus, claims 25 are separately
invalid as obvious over bothDeMelloandPestoni.
860 Patent Prior Art (Emphasis added)
2. The method
according to claim 1,
wherein the access
request being a request
from the first user
through a data
processing device of the
plurality of data
processing devices;
DeMello (EX1006)
Thus, a user is unlikely to share his PASSPORT ID
and password with a large group of people, thereby
ensuring that the persona to which a reader is
activatedis genuinely associated witha particular user
(or, possibly, a family that shares a single
PASSPORT account).Id. at 13:4954.
The PASSPORT object 96 authenticate the end-
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
41/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 37 -
or wherein the access
request being a request
from one or moresecondary usersin
network to the first user;
wherein the secondary
users are validated by a
membership web
service.
users using, for example, their hotmail accounts (or
other PASSPORT credentials.Id. at 13:1724.
Pestoni (EX1007)[0016] Each domain 108 is associated with a
particular user or group of users [secondary users].
[0041] The user can have each devicethat he or she
ownsjoin his or her domain. Alternatively, domain
administrator could employ a domain policy that allows
multiple users [secondary users]to share a domain
.
3. The method
according to claim 2,
wherein the metadata
comprises one or more
of a software or contents
of a web page.
DeMello (EX1006)these servers host the commercial web site that
allow users to perform actions such as shopping for
eBook titles.Id. at 11:24.
the download server 76 adds the consumer's name to
the title meta-dataId. at 26:1920.
Pestoni (EX1007)[0029] The constraintson the use of the content are
typically as part of a content license.
Alternatively, the constraints could be made known inother manners, such as separate notification being
given of the constraints (e.g., obtaining the
constraints from a web site, etc.), and so forth.
Claims 68. Claim 6 sets forth that the users can be humans or
computerized mechanisms in a network, which is met by the user of DeMello
andPestoni. The 860 Patent doesnt describe any separate network of users, just
the cloud/internet, which is also shown in the below quoted sections of DeMello&
Pestoni.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
42/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 38 -
Claim 7 says the user device is a computer or phone (with OS), which
DeMello&Pestonishow in the below quoted sections.
Claim 8 says the verification token represents a purchase, rental or
membership permission, as indicated by any one of the laundry list of a letter,
number, etc. TheDeMelloBookID is a purchase permission, which is verified and
written to metadata as described above under claim 1 [B]. This is similar to the
content code entered in the KODEKEY GUI of Fig. 3 of the 860 Patent. DeMello
also shows establishing a membership relationship, which is a membership
permission (see claim 1 [B] discussion). This is also shown by the Pestoni user
credentials for joining a domain with a domain membership license, which allows
access (e.g., purchase) of content. SeeCherukuri Decl. (EX1010) at Exs. C and D.
860 Patent Prior Art (emphasis added)6. The method according
to claim 5, wherein the
one or more users are a
network of recognized
human beings using
machines or recognized
automated computerized
mechanisms programmed
by human beings, the
recognition of the one or
more users being
validated by the
membership status of the
membership web service.
DeMello (EX1006)The personal computer or network server 20 may
operate in a networked environment Such
networking environments are commonplace in offices,
enterprise-wide computer networks, Intranets and the
Internet.Id. at 8:518.
Pestoni (EX1007)[0041] The user credentials are various credentials
that identify the user of device.
[0013]Network 110 can be any of a variety of
networks, such as the Internet, a local area network, a
cellular phone network, other public and/or proprietary
networks, combinations thereof, and so forth.
7. The method according DeMello (EX1006)
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
43/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 39 -
to claim 6, wherein the
digital content access
request is from a user
using at least one of acomputer or a phone
hosting an operating
system running an
application.
a "reader" (which, as more particularly discussed
below, is a user application that enables the reading
of eBooks on a computing device, such as a PC, a
laptop, a Personal Digital Assistant (PDA), PocketPC,or a purpose-built reading device).Id. at 5: 5963.
Pestoni (EX1007)[0001] Examples of such digital media playback
devices include portable music players, desktop and
laptop computers, cellular phones, and so forth.
8. The method of claim 7,
wherein the verification
token comprises at least
one token selected from
the group consisting of a
purchase permission, a
rental permission, and a
membership permission;
wherein the at least one of
purchase permission,
rental permission, and
membership permission isrepresented by one or
more of a letter, number,
combination of letters and
numbers, rights token,
successful payment
reference, phrase, name,
membership credentials,
image, logo, tag, service
name, authorization, list,
interface button,
downloadable program,
or an instrument of trade.
DeMello (EX1006)
Verification token:
Through this communication, bookstore servers 72
may allow users to shop for eBook titles, establish
their membership relationship with the retailer[verification token], pay for their transactions, and
access proof-of purchase pages (serve-side receipts).
Id. at 9:916.
As used herein, a "persona" is a unique identifier that
can be tied to a user and can be securely authenticated
by an out-of-band process--e.g., a username and
password form on a web browser for use over asecure socket layer (SSL) is an example embodiment
of such a process.Id. at 2: 4550.
It is also preferable that activation servers 94 rely on
the MICROSOFT.RTM. PASSPORT.TM.
membership system for associating activation
certificatesto end-user personas, as will be described
below (although PASSPORT is merely exemplary of a
namespace authority that may be used for this
purpose).Id. at 10: 5863.
Pestoni (EX1007)
Verification token that is password, etc.: [0039] The
join-domain request includes various parameters . . .
[such as] a device certificate, user credentials, and
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
44/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 40 -
optionally a device description.
[0041] . . . The user credentials can take any of a
variety of different forms, such as a user id andpassword, a digital certificate attesting to the users
identity and digitally signed by a trust authority, and
so forth.
Claim 9. This claim is nearly identical to claim 1, converting method
references to a system, and using synonyms for claim 1 limitations (The cloud is
the Internet, which is known to be a worldwide cloud; computing over the
cloud is known to be done by a server, and storage is known to mean a
database; a system is understood to be infrastructure.). The one addition is
that the system works as a front-end agent. The term front-end agent only
appears in claims 9 and 27. There is one relevant use of front-end in the body of
the 860 Patent: As explained earlier, the system we will discuss will work as a
front-end to encrypted files as an authorization agent for decrypted access. Id.at
5:3739. The term front-end is also used to describe the user GUI, which is a
different use. Id.at 11:1011. DeMellodescribes the activation process being on
front-end activation servers, and thus shows this.
Pestoni also shows a system accessed over the Internet, and Pestoni
discloses that the devices can interact with the domain management system
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
45/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 41 -
directly; that is, as a front-end agent. SeeCherukuri Decl. (EX1010) at 81 & Exs.
C and D, Cl. 9.
860 Patent Prior Art (Emphasis added)
Marked to show additions and
[deletions] compared to claim 1.
[A] [1]9. A system [method] for
authorizing access to digital
content using a worldwide cloud
system infrastructure, the
worldwide cloud system
infrastructure comprising
connected modules in operation as
[one or more of a cloud]
computing [or] and [cloud] storage
[in connection with], the
computing and storage comprising
a server, a database, devices and
users, wherein the digital content
is at least one of encrypted or not
encrypted, the [method] system
facilitating access rights between aplurality of data processing
devices,
[A1] the system working as a
front-end agent for access rights
authentication between the
plurality of data processing
devices, the system further
comprising:
Seeclaim 1, element [A]above.
[A1] DeMello (EX1006)
The activation server ISAPI Extension DLL
98 carries out tasks associated with the
activation process on the front-end
activation servers,. Id.at 13:6264.
Fully individualized content cannot be
accessed in the absence of a "activation
certificate," which are issued by the activation
server.Id.at 2:2228.
Moreover, the activation server
arrangement preferably provides a given
activation certificate (that is, an activation
certificate having a particular key pair) only
after authenticating credentials (e.g., ausername and password) associated with a
persona.Id.at 2:5054.
Pestoni (EX1007)
[0003] In accordance with one or more
aspects, a device accesses a domain
administrator in order to obtain a domain
membership license.
Element [B] is the same as claim 1, except saying the step is performed by a
module, and adding the software/webpage metadata limit already discussed under
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
46/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 42 -
dependent claim 3 above. The substance of elements [C][G] is the same as claim
1.
[B] a first receipt module, the first receipt module receiving a
digital content access request .. wherein the read or write
request of metadata is performed in connection with a
combination of a device, the server, the database and the cloud
system, the metadata further comprises one or more of a
software or contents of a web page, the request comprising a
verification token provided by a [first] user ;
Seeclaim 1,
element [B]
above and claim
3 (for the
metadata as
software/webpage
contents).
[C] an authentication module, the authentication module
authenticating the verification token;
Seeclaim 1,
element [C]
above.
[D] a connection module, the connection module establishing a
connection ;
Seeclaim 1,
element [D]
above.
[E] a request module, the request module requesting the at
least one identification reference ;
Seeclaim 1,
element [E]
above.
[F] a secondary receipt module, the secondary receipt module
receiving the at least one identification reference from the at
least one communications console; and
Seeclaim 1,
element [F]
above.
[G] a branding module, the branding module writing at least
one of the verification token or the identification reference into
the metadata.
Seeclaim 1,
element [G]
above.
Claim 10. This claim is nearly identical to claim 8, converting method
references to a system, and is invalid for the same reasons.
860 Patent Prior Art
Marked to show additions and [deletions] compared to claim 8.[8] 10. The system [method] of claim 9 [7], wherein the verification
token comprises .
Seeclaim 8.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
47/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 43 -
Claim 11. This is a program code claim corresponding to method claim 1,
with the addition that the code is either (1) part of an operating system or (2) is
downloaded in sections from a web server. Other than claim 11, the only mention
of sections in the 890 Patent is copied below, which equates sections with an
API or script:
A program apparatus, scripts, often calls these APIs or
sections of code residing on user computerized devices.
For example, a web browser running on a user computer,
cell phone, or other device can download a section of
JavaScript or other code from a web server, and then use
this code to in turn interact with the API of a remote
Internet server system as desired.
Id. at 10:2430. DeMello describes both an operating system as well as the
common technique of using scripts (sections) previously downloaded to a client
reader. Pestonidescribes downloading modules, which are the claimed sections or
would form part of an operating system. SeeCherukuri Decl. (EX1010) at 64
77 & Ex. D, Cl. 11.
860 Patent Prior Art (emphasis added)Marked to show additions and
[deletions] compared to claim 1.
[A][1] 11. [A method for
authorizing access to digital content
using a cloud system, the cloud
system comprising connected
DeMell o (EX1006)Seeclaim 1, element [A]above.
A number of program modules may be
stored on the hard disk, magnetic disk 29,
optical disk 31, ROM 24 or RAM 25,
including an operating system 35 (e.g.,
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
48/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 44 -
modules in operation as one or more
of a cloud computing or a cloud
storage in connection with devices
and users, wherein the digital contentis at least one of encrypted or not
encrypted, the method] A non-
transitory computer medium
comprising a program code, the
program code being a part of an
operating system software or
downloaded in sections from a web
server, the operating system software
program coupled with a user
executing a method for authorizingaccess to digital content wherein the
program code, when executed in a
processor for facilitating access
rights between a plurality of data
processing devices, performs the
following steps of:
Windows.RTM. 2000, Windows
NT.RTM., or Windows 95/98), one or
more application programs 36, other
program modules 37 and program data 38.Id.at 7:5257.
Using a browser or the "bookstore pages"
or reader 90 or 92, user chooses book(s) via
mechanisms that the retail site implements
(step 200). For fully individualized
copies (level 5), a client-side script will
populate the body of the POST with the
activation certificate .Id. at 26:1-15.
Pestoni (EX1007)
[0109] Generally, software includes
routines, programs, objects, components,
data structures,. An implementation of
these modules may be transmitted
.
[B]receiving a digital content
request , wherein the read or write
request of metadata is performed inconnection with a combination of [at
least one device] the operating
system software program and [the] a
cloud system, the request comprising
a verification token provided by [a
first] the user corresponding to the
digital content,;
Seeclaim 1, element [B]above.
[C]authenticating the verification
token;
Seeclaim 1, element [C]above.
[D]establishing a connection ; Seeclaim 1, element [D]above.
[E]requesting the at least one
identification reference from the at
least one communications console,
wherein the identification reference
[comprises] is one or more of ;
Seeclaim 1, element [E]above.
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
49/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 45 -
[F]receiving the at least one
identification reference from the at
least one communications console;
and
Seeclaim 1, element [F]above.
[G]writing at least one of the
verification token or the
identification reference into the
metadata.
Seeclaim 1, element [G]above.
Claims 1215. These claims correspond to claims 4-6 and 8, discussed
above, and are invalid for the same reasons.
860 Patent - Marked to show additions and [deletions]
12. The non-transitory computer medium according to claim 11,
wherein the access request is a request from the user providing a
credential to a membership web service through a data processing
device of the plurality of data processing devices, the user being a
human user establishing a permission to the digital content.
Seeclaim 6.
[8] 13. The [method] non-transitory computer medium of claim [7]
12, wherein the verification token comprises at least one [token
selected from the group consisting] of , logo, [tag] service name,
authorization, list, key, file, .
Seeclaim 8.
14. The non-transitory computer medium according to claim 13,
wherein the verification token represents verification from a
provider that a product was acquired.
Seeclaim 4.
[5] 15. The [method] non-transitory computer medium according to
claim [3] 13, wherein the digital content is accessed [shared among
one or more users] according to a membership status.
Seeclaim 5.
Claim 16. DeMelloshows the membership status connected to an API as in
claim 16. In Pestoni, it is inherent that the device uses the API associated with
joining the domain. For example, according to [0041] and [0058] of Pestoni, the
domain administrator server 102, after verifying the users credentials, establishes
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
50/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 46 -
secure connection by employing the secure key exchange protocol [i.e.,
application programmable interface (API) protocol] that the user device can access
to securely obtain the domain membership license 222/300. SeeCherukuri Decl.
(EX1010) at 72 & Ex. D, Cl. 16.
16. The non-
transitory
computer
medium
according to
claim 15,wherein the
membership
status is
connected to
an application
programmable
interface.
DeMello (EX1006)
It is also preferable that activation servers 94 rely on the
MICROSOFT.RTM. PASSPORT.TM. membership system for
associating activation certificates to end-user personas, as will be
described below (although PASSPORT is merely exemplary of a
namespace authority that may be used for this purpose). Id. at10:5863.
Once user's PASSPORT.TM. credentials are authenticated (step
156), a PASSPORT.TM.APIis queried for the user alias and e-
mail address (step 158).Id. at 23:1821.
Pestoni (EX1007)Seeclaim 1 [D] above.
Claim 17. Claim 17 simply says wherein a remote control operation exist
[sic]. The term remote control only appears in the claims. The term remote is
used to refer to a remote server (accessed over a network, such as the Internet) and
a remote procedure call. Id. at 10:2234. Thus, accessing a remote device,
through a remote procedure call or otherwise, satisfies this element. DeMello
describes such a remote API interaction for both IS and PASSPORT APIs, which
use calls (remote procedure call) just like the 860 Patent. Pestoni also shows
using remote communications, which would be understood by a person of ordinary
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
51/65
IPR2016-00600 Petition
U.S. Patent 8,533,860
- 47 -
skill in the art (POSA) to involve remote procedure calls.See Cherukuri Decl.
(EX1010) at Ex. D, Cl. 17.
17. The
non-
transitory
computer
medium
according
to claim
15,
wherein a
remotecontrol
operation
exist.
DeMello (EX1006)
A download server ISAPIExtension 78 is provided, which is an IIS
extension DLL that preferably handles the incoming requests to the
content servers 76. Id.at 9:6710:3.
Once user's PASSPORT.TM. credentials are authenticated (step 156),
a PASSPORT.TM. APIis queried for the user alias and e-mail address
(step 158).Id. at 13:1724.
At step 7 the LIT file is downloaded by IIS to the end-user via HTTP.
When the download is complete, IIS will callback into the ISAPI DLL78 to notify that the pending request was fulfilled and the connection
closed. The ISAPI 78 will then purge all temporary memory used
during step 5. Id. at 27:45-48.
Pestoni (EX1007)
[0032] . Content provider 104 is typically a remote device or
service from which protected (e.g., encrypted) content can be
obtained.
[0045] Domain request approval module 224 obtains and verifies thatthe user credentials [by]accessing a remote service.
Claims 1820. Claim 18 says the API is connected to the GUI. As noted
above, Patent Owner admits the use of a GUI and API to access a web service is
well known. Also, DeMello teachesa reader that provides a prompt [a GUI] to
receive login credentials to authenticate the user with the PASSPORT server via an
API of the PASSPORT server (a verified web service). See Cherukuri Decl.
(EX1010) at Ex/ C. Pestoni also inherently uses a GUI, which would interface
with an API. SeeCherukuri Decl. (EX1010) at 80. Thus, the API is connected to
7/24/2019 Unified Patents v. Grecia, IPR2016-00600,
52/65
IPR2016-00600 Petitio