11198214 (P.T.A.B. Jul. 1, 2014)

ZTE Corporationv.ContentGuard Holdings, Inc.

Patent Trial and Appeal BoardJul 1, 2014

11198214 (P.T.A.B. Jul. 1, 2014)

Trials@uspto.gov Paper 57 571-272-7822 Entered: July 1, 2014 UNITED STATES PATENT AND TRADEMARK OFFICE ____________ BEFORE THE PATENT TRIAL AND APPEAL BOARD ____________ ZTE CORPORATION AND ZTE (USA) INC., Petitioner, v. CONTENTGUARD HOLDINGS, INC., Patent Owner. ____________ Case IPR2013-00138 Patent 7,139,736 B2 ____________ Before JAMESON LEE, MICHAEL W. KIM, and MICHAEL R. ZECHER, Administrative Patent Judges. ZECHER, Administrative Patent Judge. FINAL WRITTEN DECISION 35 U.S.C. § 318(a) and 37 C.F.R. § 42.73 IPR2013-00138 Patent 7,139,736 B2 2 I. BACKGROUND A. Introduction On February 11, 2013, ZTE Corporation and ZTE (USA) Inc. (collectively, “ZTE”) filed a Petition requesting inter partes review of claims 1–57 of U.S. Patent No. 7,139,736 B2 (“the ’736 patent”). Paper 4. In response to a notice of defect(s) in the Petition, ZTE filed a corrected Petition (“Pet.”) on February 15, 2013. 1 Paper 9. ContentGuard Holdings Inc. (“ContentGuard”) 2 timely filed a Patent Owner Preliminary Response. Paper 16. Taking into account ContentGuard’s Preliminary Response, the Board determined that the information presented in the Petition demonstrated that there was a reasonable likelihood that ZTE would prevail in challenging claims 1–18, 20–38, and 40–56 as unpatentable under 35 U.S.C. §§ 102(b) and 102(e). Pursuant to 35 U.S.C. § 314, the Board instituted this proceeding on July 1, 2013, only as to claims 1–18, 20–38, and 40–56 of the ’736 patent. Paper 17 (“Dec.”). After institution of trial, ContentGuard timely filed a Patent Owner Response (Paper 35, “PO Resp.”), and did not file a motion to amend. ZTE subsequently filed a Reply. Paper 40 (“Pet. Reply”). A consolidated oral hearing for IPR2013-00133, IPR2013-00137, IPR2013-00138, and 1 The term “the Petition” in this final written decision refers to the corrected petition unless indicated otherwise. 2 The mandatory notice filed pursuant to 37 C.F.R. § 42.8(b)(1) indicates that ContentGuard Holdings, Inc. and Pendrell Corporation are the real parties in interest. Paper 11, 2. IPR2013-00138 Patent 7,139,736 B2 3 IPR2013-00139, each involving the same parties, was held on February 26 and 27, 2014. The transcript of the consolidated hearing has been entered into the record. Papers 54–56. We have jurisdiction under 35 U.S.C. § 6(c). This final written decision is issued pursuant to 35 U.S.C. § 318(a). Based on the record before us, ZTE has not demonstrated by a preponderance of the evidence that the claims 1–18, 20–38, and 40–56 of the ’736 patent are unpatentable. B. Related Proceedings ZTE indicated that the ’736 patent was asserted against it in a patent infringement lawsuit titled ContentGuard Holdings Inc. v. ZTE Corp., No. 1:12-cv-0206-CMH-TCB, filed in the United States District Court for the Eastern District of Virginia on February 27, 2012. Pet. 1. According to ZTE, this patent infringement lawsuit was transferred to the United States District Court for the Southern District of California on May 21, 2012. Id. ContentGuard does not dispute that it asserted the ’736 patent against ZTE. ZTE also filed five other petitions seeking inter partes review of the following patents owned by ContentGuard: U.S. Patent No. 7,523,072 (IPR2013-00133); U.S. Patent No. 7,225,160 (IPR2013-00134); U.S. Patent No. 7,359,884 (IPR2013-00136); U.S. Patent No. 6,963,859 (IPR2013-00137); and U.S. Patent No. 7,269,576 (IPR2013-00139). Id. C. The Invention of the ’736 Patent The invention disclosed in the ’736 patent generally relates to distributing and enforcing usage rights for digital works. Ex. 1001, 1:20–21. A digital work refers to any work that has been reduced to a digital IPR2013-00138 Patent 7,139,736 B2 4 representation, including any audio, video, text, or multimedia work, and any accompanying interpreter, e.g., software, which may be required to recreate or render the content of the digital work. Ex. 1001, 6:45–49. Usage rights refer to rights granted to a recipient of a digital work that define the manner in which a digital work may be used and distributed. Ex. 1001, 4:9– 12; 6:51–55. According to the ’736 patent, objectives of the disclosed invention include the following: (1) providing the owner of a digital work the flexibility to distribute the digital work as desired; and (2) a distribution system that transports a means for billing with the digital work. Ex. 1001, 3:14–16, 65–67. The ’736 patent discloses permanently attaching usage rights to the digital work. Ex. 1001, 6:59–60. Copies of the digital work also will have the usage rights attached thereto. Ex. 1001, 6:60–61. Therefore, any usage rights and associated fees assigned by the creator and subsequent distributor of the digital work always will remain with the digital work. Ex. 1001, 6:61–64. The ’736 patent discloses that repositories enforce the usage rights of digital works. Ex. 1001, 4:23–24; 6:65–66. In particular, repositories store digital works, control access to digital works, bill for access to digital works, and maintain the security and integrity of the digital works stored therein. Ex. 1001, 6:66–7:2. Figure 1 of the ’736 patent, reproduced below, illustrates the basic operations of the disclosed invention. Ex. 1001, 4:48–50; 7:14–16. IPR2013-00138 Patent 7,139,736 B2 5 As shown in step 101 of Figure 1 of the ’736 patent, a creator creates a digital work. Ex. 1001, 7:16–17. At step 102, the creator determines the appropriate usage rights and fees, attaches them to the digital work, and stores the digital work with the associated usage rights and fees in repository 1. Ex. 1001, 7:17–19. At step 103, repository 1 receives a request to access the digital work from repository 2. Ex. 1001, 7:21–25. Such a request, or session initiation, includes steps that help ensure that repository 1 and repository 2 are trustworthy. Ex. 1001, 7:25–27. At step 104, repository 2 requests access to the digital work stored in repository 1 for a stated purpose, e.g., to print the digital work or obtain a copy of the digital work. Ex. 1001, 7:28–31. At step 105, repository 1 checks the usage IPR2013-00138 Patent 7,139,736 B2 6 rights associated with the digital work stored therein to determine if access to the digital work may be granted. Ex. 1001, 7:32–35. At step 106, if access is denied, repository 1 terminates the session with repository 2 by transmitting an error message. Ex. 1001, 7:39–40. At step 107, if access is granted, repository 1 transmits the digital work to repository 2. Ex. 1001, 7:40–42. At step 108, both repository 1 and 2 generate billing information prior to transmitting the billing information to a credit server. Ex. 1001, 7:42–45. The use of both repositories 1 and 2 for billing prevents attempts to circumvent the billing process. Ex. 1001, 7:45–46. Figure 2 of the ’736 patent, reproduced below, illustrates the various types of repositories and the transaction flow between them. Ex. 1001, 4:51–54; 7:47–48. As shown in Figure 2 of the ’736 patent, repository 201 represents the general instance of a repository having the following two modes of operation: (1) a server mode; and (2) a requester mode. Ex. 1001, 7:52–55. When repository 201 is in server mode, it receives and processes access IPR2013-00138 Patent 7,139,736 B2 7 requests for digital works. Ex. 1001, 7:55–57. When repository 201 is in requester mode, it initiates requests to access digital works. Ex. 1001, 7:57– 58. During the course of operation, repository 201 may communicate with a plurality of other repositories, including rendering repository 203. Ex. 1001, 7:60–65. Communication with rendering repository 203 occurs in connection with rendering a digital work. Ex. 1001, 8:8–9. According to the ’736 patent, rendering repository 203 is coupled to a rendering device, e.g., a printer device, to comprise a rendering system. Ex. 1001, 8:9–12. Figure 12 of the ’736 patent, reproduced below, illustrates the hardware components of a repository. Ex. 1001, 5:13–15, 14:12–14. As shown in Figure 12 of the ’736 patent, the repository comprises processing means 1200, storage system 1207, clock 1205, and external interface 1206. Ex. 1001, 14:14–16. Processing means 1200 comprises processor element 1201 and processing memory 1202. Ex. 1001, 14:16–18. Processor element 1201 serves as a controller that performs the following functions: (1) processes repository transactions; (2) processes usage rights IPR2013-00138 Patent 7,139,736 B2 8 transactions; (3) decrypts both digital works and transaction messages; and (4) decompresses both digital works and transaction messages. Ex. 1001, 14:18–23. Processor memory 1202 typically comprises Read Only Memories and Random Access Memories that store software instructions used by processor element 1201 to perform the aforementioned functions. Ex. 1001, 14:25–30. The ’736 patent further discloses that storage system 1207 comprises descriptor storage 1203 and content storage 1204. Ex. 1001, 14:31–32. Descriptor storage 1203 stores the description tree corresponding to the digital work, and content storage 1204 stores the associated content. Ex. 1001, 14:32–35. Clock 1205 provides time stamps for various time based conditions for usage rights, or for metering usage fees, which may be associated with the digital work. Ex. 1001, 14:42–44. Clock 1205 contains an uninterruptable power supply, e.g., a battery, in order to maintain the integrity of the time stamps. Ex. 1001, 14:44–46. External interface means 1206 provides a signal connection to other repositories and to a credit server. Ex. 1001, 14:46–48. External interface means 1206 also may provide network connectivity. Ex. 1001, 14:52–53. D. Illustrative Claim Claims 1, 20, and 40 are independent claims. Claims 2–18 depend directly from independent claim 1, claims 21–38 depend directly or indirectly from independent claim 20, and claims 41–56 depend directly or indirectly from independent claim 40. Independent claim 1 is illustrative of the disclosed invention and is reproduced below: IPR2013-00138 Patent 7,139,736 B2 9 1. A rendering system adapted for use in a distributed system for managing use of content, the rendering system being operative to rendering content in accordance with usage rights associated with the content, the rendering system comprising: a rendering device configured to render the content; and a distributed repository coupled to the rendering device and including a first mode of operation and a second mode of operation; wherein the first mode of operation is operative to receive content from another distributed repository and enforce usage rights associated with the content and permit the rendering device to render the content in accordance with the manner of use specified by the usage rights, and the second mode of operation is operative to request the rendering by the rendering device of the content received from said another distributed repository; and the distributed repository is operative to permit the content to be rendered only if a manner of use specified in the request corresponds to a manner of use specified in the usage rights. Ex. 1001, 52:59–53:12 (emphasis added). E. Prior Art Relied Upon ZTE relies upon the following prior art references: Leroux US 5,588,146 Dec. 24, 1996 Ex. 1011 (filed Oct. 21, 1993) Comerford EP 0268139 A2 May 25, 1988 Ex. 1012 (hereinafter “EP ’139”) F. Grounds of Unpatentability We instituted this proceeding based on the grounds of unpatentability set forth in the table below. IPR2013-00138 Patent 7,139,736 B2 10 Claims Basis Reference 1–18, 20–38, and 40–56 § 102(e) Leroux 3 1–18, 20–38, and 40–56 § 102(b) EP ’139 II. ANALYSIS ZTE has to prove unpatentability by a preponderance of the evidence. 35 U.S.C. § 316(e). In patent law, “the name of the game is the claim.” In re Hiniker Co., 150 F.3d 1362, 1369 (Fed. Cir. 1998). Therefore, we begin our analysis with claim construction, and then follow with our analysis regarding whether the prior art references anticipate claims 1–18, 20–38, and 40–56. A. Claim Construction In an inter partes review, claim terms in an unexpired patent are interpreted according to their broadest reasonable interpretation in light of the specification of the patent in which they appear. 37 C.F.R. § 42.100(b); Office Patent Trial Practice Guide, 77 Fed. Reg. 48,756, 48,766 (Aug. 14, 2012). Under the broadest reasonable interpretation standard, claim terms are given their ordinary and customary meaning as would be understood by 3 The ’736 patent claims priority to application No. 08/344,760, filed Nov. 23, 1994. Leroux was published on December 24, 1996, and was filed on October 21, 1993. Accordingly, even though the Petition identifies Leroux as prior art to the ’736 patent under 35 U.S.C. § 102(b) (Pet. 16), Leroux is actually only prior art to the ’736 patent under 35 U.S.C. § 102(e). Accord Pet. 15 (confirming that Leroux only qualifies as prior art to the ’736 patent under 35 U.S.C. § 102(e)). IPR2013-00138 Patent 7,139,736 B2 11 one of ordinary skill in the art in the context of the disclosure. In re Translogic Tech., Inc., 504 F.3d 1249, 1257 (Fed. Cir. 2007). However, if an inventor acts as his or her own lexicographer, the definition must be set forth in the specification with reasonable clarity, deliberateness, and precision. Renishaw PLC v. Marposs Societa’ per Azioni, 158 F.3d 1243, 1249 (Fed. Cir. 1998). An extraneous limitation should not be read into the claims from the specification. See e.g., E.I. du Pont de Nemours & Co. v. Phillips Petroleum Co., 849 F.2d 1430, 1433 (Fed. Cir. 1988). An extraneous limitation is one where its presence in a claim is unnecessary to make sense of the claim. See, e.g., In re Paulsen, 30 F.3d 1475, 1480 (Fed. Cir. 1994); Renishaw PLC, 158 F.3d at 1249. The construction that stays true to the claim language and most naturally aligns with the inventor’s description is likely the correct interpretation. See Renishaw PLC, 158 F.3d at 1250. The challenge is to interpret claims without unnecessarily importing limitations from the specification into the claims. See E-Pass Techs., Inc. v. 3Com Corp., 343 F.3d 1364, 1369 (Fed. Cir. 2003). “Repository” (Claims 1, 20, and 40) In its Petition, ZTE contended that the specification of the ’736 patent never mentions nor explains the claim term “repository,” and therefore, ZTE did not provide an explicit construction for that claim term. Pet. 19, n.7. In its Patent Owner Preliminary Response, ContentGuard contended that “repository” should be construed as “a trusted system for supporting usage rights.” Prelim. Resp. 17. ContentGuard then cited to several portions of IPR2013-00138 Patent 7,139,736 B2 12 the specification of the ’736 patent that allegedly support its proposed claim construction. Id. at 17–20 (citing Ex. 1001, 4:23–24, 6:65–7:2, 12:45–54, 13:51–53, 14:4–9, and 52:18–23). When instituting trial, we construed “repository” as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” Dec. 13. For reasons discussed below, we adhere to the same interpretation for this final written decision. The specification provides a glossary that explicitly sets forth a definition for “repository.” For convenience, that glossary definition is reproduced below: Conceptually a set of functional specifications defining core functionality in the support of usage rights. A repository is a trusted system in that it maintains physical, communications and behavioral integrity. Ex. 1001, 52:20–23 (emphasis added). By setting forth the term in a glossary and using the verb “is” following “repository” in the second sentence, the specification sets forth an explicit definition of “repository” as “a trusted system in that it maintains physical, communications and behavioral integrity.” The first sentence also is relevant to the definition of “repository” because it specifies that the repository supports usage rights. Accordingly, we construe “repository” as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” However, our analysis does not end here. In order to understand “a trusted system,” it is necessary to construe “physical integrity,” IPR2013-00138 Patent 7,139,736 B2 13 “communications integrity,” and “behavioral integrity.” These terms are described in a section of the specification labeled “Repositories.” Ex. 1001, 12:44–15:22. For “physical integrity,” the specification describes the following: Physical integrity refers to the integrity of the physical devices themselves. Physical integrity applies both to the repositories and to the protected digital works. Thus, the higher security classes of repositories themselves may have sensors that detect when tampering is attempted on their secure cases. In addition to protection of the repository itself, the repository design protects access to the content of digital works. In contrast with the design of conventional magnetic and optical devices-such as floppy disks, CD-ROMs, and videotapes-repositories never allow non-trusted systems to access the works directly. A maker of generic computer systems cannot guarantee that their platform will not be used to make unauthorized copies. The manufacturer provides generic capabilities for reading and writing information, and the general nature of the functionality of the general computing device depends on it. Thus, a copy program can copy arbitrary data. This copying issue is not limited to general purpose computers. It also arises for the unauthorized duplication of entertainment “software” such as video and audio recordings by magnetic recorders. Again, the functionality of the recorders depends on their ability to copy and they have no means to check whether a copy is authorized. In contrast, repositories prevent access to the raw data by general devices and can test explicit rights and conditions before copying or otherwise granting access. Information is only accessed by protocol between trusted repositories. Ex. 1001, 12:55–13:14 (emphases added). The description reproduced above makes use of permissive terms such as “may” and “can,” and, thus, do not reflect or indicate a required limitation for “physical integrity.” The IPR2013-00138 Patent 7,139,736 B2 14 specification also appears to use the terms or phrases in each of the following three groups interchangeably: 1. data, content, digital work, information; 2. non-trusted system, general device; and 3. “never allow access” and “prevent access.” When referring to the relationship between the repository and data, the specification uses absolute terms such as “never” and “only.” In light of the foregoing, we construe “physical integrity” as “preventing access to information by a non-trusted system.” For “communications integrity,” the specification describes the following: Communications integrity refers to the integrity of the communications channels between repositories. Roughly speaking, communications integrity means that repositories cannot be easily fooled by “telling them lies.” Integrity in this case refers to the property that repositories will only communicate with other devices that are able to present proof that they are certified repositories, and furthermore, that the repositories monitor the communications to detect “impostors” and malicious or accidental interference. Thus the security measures involving encryption, exchange of digital certificates, and nonces described below are all security measures aimed at reliable communication in a world known to contain active adversaries. Ex. 1001, 13:15–27 (emphases added). We construe “communications integrity” as “only communicates with other devices that are able to present proof that they are trusted systems, e.g., by using security measures such as encryption, exchange of digital certificates, and nonces.” The Encyclopedia IPR2013-00138 Patent 7,139,736 B2 15 of Cryptography defines “nonce” as “[a] number used in a cryptographic protocol to indicate the unique character of a message.” ENCYCLOPEDIA OF CRYPTOGRAPHY 197 (1997) (Ex. 3001). For “behavioral integrity,” the specification describes the following: Behavioral integrity refers to the integrity in what repositories do. What repositories do is determined by the software that they execute. The integrity of the software is generally assured only by knowledge of its source. Restated, a user will trust software purchased at a reputable computer store but not trust software obtained off a random (insecure) server on a network. Behavioral integrity is maintained by requiring that repository software be certified and be distributed with proof of such certification, i.e. a digital certificate. The purpose of the certificate is to authenticate that the software has been tested by an authorized organization, which attests that the software does what it is supposed to do and that it does not compromise the behavioral integrity of a repository. If the digital certificate cannot be found in the digital work or the master repository which generated the certificate is not known to the repository receiving the software, then the software cannot be installed. Ex. 1001, 13:28–44 (emphases added). We construe “behavioral integrity” in the context of a repository as “requiring software to include a digital certificate in order to be installed in the repository.” We acknowledge that the record is not without evidence contrary to our claim interpretation. The nature of claim interpretation is to come to the appropriate conclusion in light of all of the evidence. All of the evidence does not have to point uniformly in a single direction. IPR2013-00138 Patent 7,139,736 B2 16 For instance, Table 2 in the specification indicates ten different levels of security for repositories. The lowest level, i.e., level “0,” is described as follows: Open system. Document transmission is unencrypted. No digital certificate is required for identification. The security of the system depends mostly on user honesty, since only modest knowledge may be needed to circumvent the security measures. The repository has no provisions for preventing unauthorized programs from running and accessing or copying files. The system does not prevent the use of removable storage and does not encrypt stored files. Ex. 1001, 15:54–60. Thus, according to Table 2, repositories are not all trusted systems. Level “0” security means having an open system lacking in physical, communications, and behavioral integrity, and without support for managing usage rights. That is directly contrary to the meaning of “repository” as defined in the glossary. For reasons discussed below, we adhere to the definition provided in the glossary. The contrary evidence based on level “0” security shown in Table 2 is insufficient to outweigh the rest of the evidence including, in particular, the explicit definition provided in the glossary. We make our determination based on the totality of the evidence. As noted above, the disclosed invention is about distribution and usage rights enforcement of digital works. The problems described in the background portion of the specification concern unauthorized and unaccounted distribution or usage of electronically published materials. See generally Ex. 1001, 1:25–3:3. The ’736 patent states that it solves preexisting problems by both permanently attaching usage rights to digital IPR2013-00138 Patent 7,139,736 B2 17 works and placing elements in repositories that enforce those usage rights. Ex. 1001, 6:59–7:2. Here, the definition set forth in the glossary for “repository” is consistent fully with the description of the acknowledged prior art, and the objective or goal to be achieved by the invention of the ’736 patent. The specification also contains detailed preferred embodiments utilizing repositories, which are trusted systems to provide usage control for digital works. Ex. 1001, 7:48–8:18, 8:36–37, 13:62–14:3, 14:10–12, 14:64–15:9, 18:29–31, 27:2–29:62, 41:60–42:61. The bulk of the disclosure consistently is directed to repositories, which are trusted systems for providing usage control for digital works. For example, the specification states: The enforcement elements of the present invention are embodied in repositories. Among other things, repositories are used to store digital works, control access to digital works, bill for access to digital works and maintain the security and integrity of the system. Ex. 1001, 6:65–7:2 (emphasis added). Other references to “repository” in the specification recite necessary features of repositories and also support the definition in the glossary that a repository is a trusted system. For example, the specification states: The core repository services 1302 comprise a set of functions required by each and every repository. The core repository services 1302 include the session initiation transactions which are defined in greater detail below. This set of services also includes a generic ticket agent which is used to “punch” a digital ticket and a generic authorization server for processing authorization specifications. IPR2013-00138 Patent 7,139,736 B2 18 Ex. 1001, 14:64–15:3 (emphasis added). In another example, the specification discloses that “[a]s a prerequisite to operation, a repository will require possession of an identification certificate,” and that “identification certificates 1306 are required to enable the use of the repository.” Ex. 1001, 13:62–63, 15:9–10 (emphasis added). In yet another example, the specification states “[p]rovisions for security and privacy are part of the requirements for specifying and implementing repositories and thus form the need for various transactions.” Ex. 1001, 26:65–67 (emphasis added). Indeed, by using words such as “require” and “requirements,” these examples amply support the definition provided in the glossary that a repository is a trusted system. In summary, even applying the rule of broadest reasonable interpretation consistent with the specification, the weight of the evidence supports the definition provided in the glossary. We regard as significant that the definition states in an unequivocal manner that a repository “is a trusted system.” ContentGuard’s Contentions According to ContentGuard, our claim interpretation of “repository” is incorrect because it is too broad in one respect and too narrow in another. PO Resp. 8–11. For the reasons discussed below, however, the specification of the ’736 patent does not support adequately either contention. As a consequence, we are not persuaded by ContentGuard’s contentions. We first address ContentGuard’s contention that our construction is too broad, and then its contention that our construction is too narrow. IPR2013-00138 Patent 7,139,736 B2 19 1. ContentGuard contends that our claim construction regarding “behavioral integrity” as “requiring software to include a digital certificate in order to be installed in the repository” is “excessively broad” and should be limited to software that makes the repository operative—otherwise known as “repository software.” Id. at 8. For convenience, ContentGuard’s argument is reproduced below: [The Board’s construction] is too broad because it is not restricted to what the ’736 patent refers to as “repository software”—that is software that makes the repository operative. (See Ex. 1001, 13:28–44.) According to the ’736 patent specification, “[b]ehavioral integrity refers to the integrity in what repositories do.” (Ex. 1001, 13:28–29.) What repositories do, in turn, “is determined by the software that they execute.” (Id., 13:29–30.) But not all software relates “to the integrity in what repositories do.” (Ex. 1001, 13:28–29) Repositories, along with usage rights, are used to manage the use and distribution of digital content. (See, e.g., id., 52:20–21, 6:28–29, 14:64– 15:9.) For example, part of a repository’s function is to permit the rendering of content in accordance with the usage rights associated with the content. (E.g., id., cl. 1.) But content itself does not supply that function to a repository. (Ex. 2013, [Declaration of Dr. Michael T. Goodrich] ¶¶ 40–41.) Rather, repository software implements the repository functions that are used to manage the use and distribution of the content. (Ex. 1001, 14:4–9, 27–30.) Thus, since “[b]ehavioral integrity refers to the integrity in what repositories do,” the relevant software is not any “software . . . to be installed in the repository,” but the software the repository uses to manage the use and distribution of content. (Ex. 2013 ¶¶ 40–41.) IPR2013-00138 Patent 7,139,736 B2 20 PO Resp.8–9. With respect to what repositories do, ContentGuard’s argument overlooks and fails to discuss the portions of the specification which indicate that repositories, themselves, also can be rendering devices that run and execute the software type digital works, the usage rights of which they control. For instance, the ’736 patent states the following with regard to software capable of being run on a repository: An Install transaction is a request to install a digital work as runnable software on a repository. In a typical case, the requester repository is a rendering repository and the software would be a new kind or new version of a player. Ex. 1001, 42:46–49 (emphases added). This disclosure in the specification does not support ContentGuard’s contention that a repository merely manages the use and distribution of digital content, such as software, and does not perform, run, or execute that digital content. The disclosure quoted above refers to a digital work that is “runnable software on a repository,” and states that, in a typical case, the repository asking for the digital work is itself a rendering repository that identifies the software digital work as application software—not as operating software. As such, the specification conveys information contrary to ContentGuard’s contention. ContentGuard does not explain the disclosure identified above, nor does it point to any testimony of its expert witness that addresses such disclosure in light of its “excessively broad” contention. Because a repository, itself, may run and execute software, the usage and distribution of which is managed by the repository, we are not persuaded IPR2013-00138 Patent 7,139,736 B2 21 that the reference to “repository software” in the portion of the specification discussing “behavioral integrity” (Ex. 1001, 13:28–44) is restricted to software that only manages usage rights. Indeed, in the context of installing software identified as “a new kind or new version of a player,” which does not control usage rights, the specification discusses extracting a copy of the digital certificate for that software (Ex. 1001, 42:58–61), in the same manner that the specification describes requiring a digital certificate in the digital work to ensure behavioral integrity of the repository (Ex. 1001, 13:34–37). Moreover, some repositories are rendering repositories. Ex. 1001, 42:46–49. “Repository software,” as used in the specification, is broad enough to cover application software, such as the “player” referenced in the specification (id.), as well as what ContentGuard refers to as “operating software,” which enables the repository to regulate usage rights. We do not credit the testimony of ContentGuard’s expert, Dr. Michael T. Goodrich, in paragraphs 40 and 41 of his Declaration (Ex. 2013). In those paragraphs, Dr. Goodrich attests that, in his opinion, a person of ordinary skill in the art in 1994 would have understood that the term “repository software” in the ’736 patent identifies and refers to the operating software of the repository, and not the software digital works the usage rights of which are controlled by the repository. Dr. Goodrich’s testimony is unpersuasive because it does not account for the disclosure of the specification, discussed above, which conveys that some repositories are rendering depositories that run and execute the software digital works the rights of which they control, such as a new version of a “player.” IPR2013-00138 Patent 7,139,736 B2 22 2. ContentGuard contends that our claim construction regarding “behavioral integrity” as “requiring software to include a digital certificate in order to be installed in the repository” is “excessively narrow” because it unnecessarily requires the inclusion of a “digital certificate” to maintain behavioral integrity. PO Resp. 9–11. According to ContentGuard, in order to maintain behavioral integrity, it is necessary only that the broader purpose of a repository doing what it is supposed to do is satisfied. Id. at 10. ContentGuard’s contention that our construction is too narrow is inconsequential to the outcome of this proceeding because a broader interpretation of “behavioral integrity” would not render inapplicable any teaching of the prior art which was applied under the narrower construction. For convenience, ContentGuard’s argument is reproduced below: The Board’s construction is also too narrow because it requires “a digital certificate.” After explaining that “[b]ehavioral integrity refers to the integrity in what repositories do” and that “[w]hat repositories do is determined by the software that they execute,” the ’736 patent says that “[t]he integrity of the software is generally assured only by knowledge of its source.” (Ex. 1001, 13:30–31.) Although the specification does say that “behavioral integrity is maintained by requiring that repository software be certified and be distributed with proof of such certification, i.e., a digital certificate,” the specification continues by explaining the broader purpose of the certificate. (Id., 13:34–37.) “The purpose of the certificate is to authenticate that the software has been tested by an authorized organization, which attests that the software does what it is supposed to do and that it does not IPR2013-00138 Patent 7,139,736 B2 23 compromise the behavioral integrity of a repository.” (Id., 13:37–41 (emphasis added).[] So, as long as there is some assurance that “the software does what it is supposed to do,” whether by source certification or otherwise, behavioral integrity can be maintained. (Ex. 2013 ¶¶ 38–39.) PO Resp. 9–10 (emphasis in original). The breadth argued by ContentGuard is on the extreme end of a spectrum for the meaning of “repository”—whatever ensures a repository does what it is supposed to do. ContentGuard would like to generalize the feature into a generic goal or purpose, entirely removed from any specific means for its implementation. There are several obstacles precluding such an interpretation. First, the restrictive language in the specification does not permit such an expansive construction. Although it is true that the broadest reasonable interpretation standard applies for claim interpretation, the construction must be reasonable in light of the specification. In that connection, the specification states that “[b]ehavioral integrity is maintained by requiring that repository software be certified and be distributed with proof of such certification, i.e., a digital certificate.” Ex. 1001, 13:34–37 (emphasis added). Second, ContentGuard does not point to any other means described in the specification for maintaining behavioral integrity of a repository. The sole disclosure in that regard, as identified by ContentGuard, relates to the use of digital certificates. There is no basis to assume, on this record, that digital certificates are representative of all ways for ensuring that a digital work is authentic. Even ContentGuard does not make that assertion. Thus, IPR2013-00138 Patent 7,139,736 B2 24 the scope of disclosure is not commensurate with the breadth for the construction of “repository” desired by ContentGuard. Third, the general assertion that a repository “does what it is supposed to do” is not accompanied by any well-defined or otherwise recognized standard for making an objective determination in that regard. If we accepted ContentGuard’s proposed claim construction, the scope of the claims would be uncertain and indeterminable. We do not credit the testimony of ContentGuard’s expert, Dr. Goodrich, that “a person of ordinary skill in the art of 1994 would [have understood] that the ’736 patent specification refers to the use of digital certificates as only an exemplary method of preserving the behavioral integrity of a repository.” Ex. 2013 ¶ 39. This testimony is unexplained and conclusory—it does not account for the various factors we have considered and discussed above. B. Anticipation by Leroux—Claims 1–18, 20–38, and 40–56 ZTE contends that claims 1–18, 20–38, and 40–56 are anticipated under § 102(e) by Leroux. Pet. 16–24. In support of that alleged ground of unpatentability, ZTE provides explanations as to how Leroux describes each claim limitation. Id. ZTE also submits the Declaration of Dr. Vijay K. Madisetti (Ex. 1005 ¶¶ 103–107) to support its positions. Upon reviewing ZTE’s Petition and supporting evidence, as well as ContentGuard’s Patent Owner Response and supporting evidence, we determine that ZTE has not demonstrated by a preponderance of the evidence that claims 1–18, 20–38, and 40–56 are anticipated by Leroux. IPR2013-00138 Patent 7,139,736 B2 25 We begin our analysis with the principles of law that generally apply to a ground of unpatentability based on anticipation, followed by a brief discussion of Leroux, and then we turn to the arguments presented by both ZTE and ContentGuard that are directed to whether Leroux describes the following claim limitations recited in independent claims 1, 20, and 40: (1) a “distributed repository” that maintains “behavioral integrity”; and (2) “another distributed repository” that maintains “behavioral integrity.” 1. Principles of Law To establish anticipation under § 102(e), “all of the elements and limitations of the claim must be shown in a single prior reference, arranged as in the claim.” Karsten Mfg. Corp. v. Cleveland Golf Co., 242 F.3d 1376, 1383 (Fed. Cir. 2001). “A claim is anticipated only if each and every element as set forth in the claim is found, either expressly or inherently described, in a single prior art reference.” Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631 (Fed. Cir. 1987). We analyze the ground of unpatentability based on anticipation by Leroux with the principles stated above in mind. 2. Leroux Leroux discloses a method of acquiring software programs by microcomputers. Ex. 1011, 1:8–9. Figure 1 of Leroux, reproduced below, illustrates a data processing system. Ex. 1011, 3:42–43. IPR2013-00138 Patent 7,139,736 B2 26 As shown in Figure 1, Leroux discloses database service center 1 in which there are stored application software programs 10, microcomputer 2 connected to the service center by interface 3, and removable electronic memory carrier 4. Ex. 1011, 3:42–46. Memory carrier 4 includes interface 40 for connecting memory 41 to drive 24 of microcomputer 2. Ex. 1011, 3:53–55. Microcomputer 2 is fitted with corresponding drives to read memory carrier 4. Ex. 1011, 4:60–64. Memory 41 may comprise programmed security circuitry 410, which monitors access to memory 41 and manages external access to memory carrier 4. Ex. 1011, 4:64–5:3. Leroux further discloses that communication is set up between microcomputer 2 and data base service center 1 in order to acquire application software programs 10. Ex. 1011, 3:61–66. After a prospective user chooses which application software programs 10 that he/she wishes to acquire, database service center 1 will check the right of access to software programs 10 by interrogating carrier 4 through microcomputer 2. Ex. 1011, IPR2013-00138 Patent 7,139,736 B2 27 4:1–5. The check is made by using security methods, such as identification and authentication procedures using enciphering and deciphering algorithms. Ex. 1011, 4:5–9. If the check is positive, database service center 1 remotely loads the selected application software programs 10 in the internal memory of microcomputer 2. Ex. 1011, 4:13–16. 3. “Distributed Repository” (Claims 1, 20, and 40) Independent claims 1, 20, and 40 each require a “distributed repository.” Ex. 1001, 52:65–67; 54:4–6; 55:23–25. As discussed above, a “repository” is construed as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” “Physical integrity” is construed as “preventing access to information by a non-trusted system.” “Communications integrity” is construed as “only communicates with other devices that are able to present proof that they are trusted systems, for example, by using security measures such as encryption, exchange of digital certificates, and nonces.” “Behavioral integrity” is construed as “requiring software to include a digital certificate in order to be installed in the repository.” In its Petition, ZTE takes the position that the combination of Leroux’s microcomputer 2 and removable carrier 4 constitutes the claimed “distributed repository.” Pet. 17, 19, 23. In our analysis below, we determine whether the combination of Leroux’s microcomputer 2 and removable carrier 4 constitutes the claimed “distributed repository” that maintains “behavioral integrity.” IPR2013-00138 Patent 7,139,736 B2 28 a. Behavioral Integrity ContentGuard contends that the combination of Leroux’s microcomputer 2 and removable carrier 4 does not amount to the claimed “distributed repository” because such a combination does not maintain “behavioral integrity.” PO Resp. 12–16. That contention has three layers of complexity. 1. The first relates to ContentGuard’s contention that “behavioral integrity” of a repository is directed to, and concerns only, the operating software of the repository, i.e., the software that enables the repository to control the usage rights and distribution of digital works, and not the software digital works managed by the repository, itself. PO Resp. 12–13. In our claim construction analysis, we already found that contention of ContentGuard unpersuasive. 2. The second relates to ContentGuard’s contention that “behavioral integrity” of a repository does not require the presence and use of a digital certificate to authenticate the software digital work being installed in a repository. PO Resp. 13–15. Instead, ContentGuard argues that “behavioral integrity” of a repository merely requires checking that the software loaded onto the repository is authentic or unaltered prior to rendering the software. Id. at 14–15. In our claim construction analysis, we also found that contention of ContentGuard unpersuasive. IPR2013-00138 Patent 7,139,736 B2 29 3. The third relates to ContentGuard’s contention that interrogating the right of access disclosed in Leroux, which is associated with a particular software program stored on database service center 1, prior to installing the software on microcomputer 2, does not require a digital certificate. PO Resp. 15–16. According to ZTE, Leroux’s disclosure of interrogating the right of access includes the authentication of a “digital certificate” required for “behavioral integrity.” Pet. Reply 1–3. Taking into account the evidence presented by both parties, we determine that ZTE has not demonstrated by a preponderance of the evidence that, in the disclosed system of Leroux, the identification and authentication procedures used to interrogate the right of access associated with a software program necessarily includes a digital certificate that authenticates the source of the software. In its Reply, ZTE contends that the identification and authentication procedures disclosed in Leroux ensure that software digital works stored on database service center 1 are authorized before such software is loaded remotely onto microcomputer 2. Pet. Reply 2. For instance, ZTE argues that Leroux discloses that removable carrier 4 authorizes database service center 1 to load remotely software digital works onto microcomputer 2 following a successful safety check that includes identification and authentication procedures using enciphering and deciphering algorithms. Id. (citing Ex. 1011, 4:1–16; see Ex. 1025 ¶¶ 10, 11). Based on that disclosure, ZTE argues that one with ordinary skill in the art would have recognized that IPR2013-00138 Patent 7,139,736 B2 30 the authorization of the software includes an authentication of a “digital certification” corresponding to the software on database service center 1. Id. As an initial matter, we note that the ground of unpatentability is based on anticipation by Leroux—not obviousness over Leroux. As such, the issue is not merely whether one with ordinary skill in the art would have recognized that Leroux’s identification and authentication procedures used to interrogate the right of access include using a digital certificate to authenticate the source of the software, but whether those procedures necessarily require a digital certificate. To establish inherency, the extrinsic evidence ‘must make clear that the missing descriptive matter is necessarily present in the thing described in the reference, and that it would be so recognized by persons of ordinary skill. Inherency, however, may not be established by probabilities or possibilities. The mere fact that a certain thing may result from a given set of circumstances is not sufficient.’ In re Oelrich, 666 F.2d 578, 581–82 (CCPA 1981). Although Leroux’s identification and authentication procedures may include using a digital certificate to authenticate the source of the software, mere probabilities or possibilities fall short of demonstrating that those procedures necessarily require using a digital certificate. In our discussion of the construction of “behavioral integrity,” we were not persuaded by ContentGuard’s contention that a digital certificate is not required, or that anything which accomplishes a similar objective in substantially the same way is satisfactory. Insofar as “assurance” means a specifically expressed indication, we credit the testimony of ContentGuard’s expert, Dr. Goodrich, that “a person IPR2013-00138 Patent 7,139,736 B2 31 of ordinary skill in the art [in 1994] would [have understood] a digital certificate to be an assurance that downloaded software comes from a reputable source, including a measure of tamper resistance.” Ex. 2013 ¶ 39 (citing the definition of “digital certificate” from the MICROSOFT COMPUTER DICTIONARY (4th ed. 1999)). An unexpressed and subjective thought, on the other hand does not qualify. As discussed above, the identification and authentication procedures disclosed in Leroux that are used to interrogate the right of access do not include necessarily the requirements of that definition of “digital certificate.” 4. “Another Distributed Repository” (Claim 1) Independent claim 1 recites “another distributed repository.” Ex. 1001, 53:6–8. As discussed previously, a “repository” is construed as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” “Physical integrity” is construed as “preventing access to information by a non-trusted system.” “Communications integrity” is construed as “only communicates with other devices that are able to present proof that they are trusted systems, for example, by using security measures such as encryption, exchange of digital certificates, and nonces.” “Behavioral integrity” is construed as “requiring software to include a digital certificate in order to be installed in the repository.” In its Petition, ZTE takes the position that the Leroux’s database service center 1 constitutes the claimed “another distributed repository.” Pet. 17, 19. In our analysis below, we determine whether IPR2013-00138 Patent 7,139,736 B2 32 Leroux’s database service center 1 constitutes the claimed “another distributed repository” that maintains “behavioral integrity.” a. “Behavioral Integrity” ContentGuard contends that Leroux does not disclose the recited “another distributed repository” because database service center 1 does not maintain “behavioral integrity.” PO Resp. 17–18. For convenience, ContentGuard argument is reproduced below: Leroux does not discuss the software responsible for implementing the functions of the service center, nor the manner in which software is installed on the service center. Therefore, Leroux does not disclose that the service center possesses behavioral integrity. (Ex. 2013 ¶ 51.) Accordingly, Leroux does not disclose that the service center has the trust properties necessary to constitute the “another distributed repository” required by claim 1. PO Resp. 18. ZTE disagrees, and contends that: CG’s assertion ignores relevant disclosures of Leroux, for example, (1) the software uploaded to the service center 1 is known to be authentic software from a trusted system (e.g., vendor) (Ex. 1011, 2:43–48), and (2) the software loaded onto the service center 1 in Leroux includes a “digital certificate” so that the software may later be identified by the microcomputer 2 when initiating the identification and authentication procedures to remote-load the software onto the microcomputer 2. (Ex. 1011, 4:1–12; See also Ex. 1025 ¶ 25). Pet. Reply 5. We are persuaded by ContentGuard’s argument that database service center 1 does not maintain “behavioral integrity” and, therefore, does not amount to the claimed “another distributed repository.” IPR2013-00138 Patent 7,139,736 B2 33 Leroux discloses uploading software programs into database service center 1. Ex. 1011, 1:62–67, 2:43–44. In particular, Leroux also discloses that a right of access, which ZTE asserts amounts to a digital certificate, is required to load remotely software from database service center 1 to the internal memory of microcomputer 2. Ex. 1011, 2:46–48, 3:19–22, 4:1–16. The aforementioned disclosure in Leroux, however, does not indicate that Leroux’s database service center 1 maintains “behavioral integrity.” As an initial matter, we are not persuaded that the “uploading” of software to Leroux’s database service center 1 properly accounts for “installing” the software required for “behavioral integrity.” Moreover, even if “uploading” could be considered “installing,” Leroux is silent as to whether such “uploading” of software to database service center 1 requires the software to include a digital certificate that authenticates its source, as required for “behavioral integrity.” ZTE relies upon the Declaration of Dr. Madisetti to support its position. Specifically, Dr. Madisetti asserts the following: As for behavioral integrity, it is my opinion that the service center 1 requires software to include a digital certificate in order to be installed on the service center 1, in accordance with the Board’s construction. In my opinion, software installed on the service center 1 includes a digital certificate identifying the vendor source of the software because the vendor is responsible for installing the software onto the service center 1. (See supra ¶ 22). Also, in my opinion software installed on the service center 1 includes a digital certificate identifying the vendor source of the software so that later the software can be identified by right of access information stored on a carrier 4, IPR2013-00138 Patent 7,139,736 B2 34 thus allowing the software to be remote-loaded onto the microcomputer 2. (Ex. 1011, 4:1–24). Ex. 1025 ¶ 25. We are not persuaded that Dr. Madisetti’s conclusion is credible because, even though we agree with the underlying facts in the aforementioned portions of Leroux cited by Dr. Madisetti, those underlying facts do not support adequately his conclusion. In particular, Dr. Madisetti asserts that software uploaded to database service center 1 from the vendor will include a digital certificate, so that later the software can be identified by microcomputer 2 when it runs the identification and authorization procedures prior to loading the software from database service center 1. However, these facts are inapposite to Dr. Madisetti’s conclusion for several reasons. First, there is no indication that only a vendor is capable of uploading software to database service center 1. Leroux is silent as to whether software uploaded into database service center 1 by a non-vendor requires a digital certificate. “Behavioral integrity” requires that all software uploaded to database service center 1 include a digital certificate, whether from a vendor or a non-vendor. Second, just because the uploaded software includes a digital certificate, such a disclosure, by itself, does not indicate that the digital certificate is required to upload the software. In other words, there is no indication in Leroux that the digital certificate has any relationship to the uploading process when it is uploaded with the software into database service center 1, as would be required for “behavioral integrity.” IPR2013-00138 Patent 7,139,736 B2 35 Indeed, at oral hearing, ZTE acknowledged that Leroux does not disclose expressly that database service center 1 has “behavioral integrity.” The relevant portion of the oral hearing transcript is reproduced below: MS: SHIN: So, it is my – it is our position that Leroux’s disclosure does not expressly, literally disclose what I just described, but it is implicit. And it must be present there, so that the identification done by the service center can be – can identify the rights of access stored in the carrier. JUDGE LEE: So you are relying on inherency? MS. SHIN: I would like to rely on inherency or implicit disclosure. JUDGE LEE: What is implicit disclosure? Do you have a case for something between express disclosure and inherent disclosure? . . . MS. SHIN: So, in light of your comment, the Judges’ comments, it is inherent in the disclosure of Leroux that – supporting that another distributed repository maintains behavioral integrity. JUDGE LEE: We knew that. You were relying on inherency. Are you saying you no longer are relying on this so- called implicit disclosure theory, so we need only concern ourselves with express disclosure and inherent disclosure? Is that what you are trying to tell us? MS. SHIN: Yes, Your Honor. Paper 55, 14:17–15:2, 17:17–25. Accordingly, ZTE alternatively asserts that Leroux inherently discloses that a digital certificate is required in order to upload software into database service center 1. With respect to whether “behavioral integrity” is IPR2013-00138 Patent 7,139,736 B2 36 present necessarily in Leroux’s database service center 1, Dr. Madisetti attests that: Under ContentGuard’s construction for behavioral integrity, it is my opinion that the service center 1 necessarily includes operational software analogous to the repository software in order for the service center to operate as described in Leroux. Such operational software running on the service center 1 serves to manage the use and distribution of the software content stored on the service center 1. This includes having software uploaded to the service center 1 by a trusted system (e.g., software vendor), who is trusted to upload authentic copies of the software. (See supra ¶ 22; see also Ex. 1011, 2:43–48). The operational software running on the service center 1 also serves to manage the transfer of software to a trusted microcomputer 2 under the identification and authentication procedures described in Leroux. (Ex. 1011, 4:1– 16). It also follows that software installed on the service center 1 includes a type of “digital certificate”, as still required under ContentGuard’s construction. (See [pages 34-46 of Dr. Madisetti’s Declaration]). In this way, the service center 1 transfers the software to another trusted system. Therefore, in my opinion the service center 1 in Leroux satisfies behavioral integrity even under ContentGuard’s construction. Ex. 1025 ¶ 26. We are not persuaded by Dr. Madisetti’s testimony. In particular, we are not persuaded that Leroux discloses that the software vendor is a trusted system. Via paragraphs 22 and 25 of his Declaration, Dr. Madisetti cites the following portions of Leroux (Ex. 1011) as supporting his position that the software vendor is a trusted system: column 2, lines 14–20, 43–48; column 3, lines 58–60; and column 4, lines 1–24. The aforementioned portions of Leroux’s disclosure indicate that software, including the right of access IPR2013-00138 Patent 7,139,736 B2 37 associated therewith, is uploaded into database service center 1 from a software vendor, and that an authentication procedure is required to install software stored in database service center 1 on microcomputer 2. These cited disclosures do not support the fact that the Leroux’s software vendor is a trusted system, as they do not disclose that the software vendor, itself, exhibits any physical, communications, or behavioral integrity, all of which are required in a trusted system. Accordingly, because Leroux does not discloses that a software vendor is a trusted system, we are not persuaded that Dr. Madisetti has expressed an adequate underlying factual basis to conclude that a digital certificate is required necessarily to upload software from a software vendor into database service center 1 in order to show that database service center 1 maintains “behavioral integrity.” At oral hearing, ZTE asserted that, when the aforementioned portions of Leroux are considered as a whole, one of ordinary skill would have understood that “behavioral integrity” is necessarily present in Leroux’s database service center 1. See, e.g., Paper 56, 11:19–22. For the reasons discussed previously, we are not persuaded that just because software is uploaded to Leroux’s database service center 1 with its corresponding right of access, it follows necessarily that service database service center 1 maintains “behavioral integrity.” See Oelrich, 666 F.2d at 581–82 (“Inherency [] may not be established by probabilities or possibilities. The mere fact that a certain thing may result from a given set of circumstances is not sufficient.”). IPR2013-00138 Patent 7,139,736 B2 38 5. Summary In summary, the combination of Leroux’s microcomputer 2 and removable carrier 4 does not amount to the “distributed repository,” as required by independent claims 1, 20, and 40, because ZTE has not persuaded us that the identification and authentication procedures used to interrogate the right of access associated with the software stored on removable carrier 4 necessarily includes a digital certificate that authenticates the source of the software. In addition, Leroux’s database service center 1 does not amount to the “another distributed repository,” as recited in independent claim 1, because ZTE has not persuaded us that a digital certificate is required necessarily to upload software from a software vendor into database service center 1. For the foregoing reasons, we conclude that ZTE has not demonstrated by a preponderance of the evidence that independent claims 1, 20, and 40 are anticipated by Leroux. 6. Claims 2–18, 21–38, and 41–56 As we indicated previously, claims 2–18, 21–38, and 41–56 depend directly or indirectly from independent claims 1, 20, and 40, respectively. Therefore, each of claims 2–18, 21–38, and 41–56 incorporate the same limitations as their underlying base claim. For the same reasons discussed above with respect to independent claims 1, 20, and 40, we conclude that ZTE has not demonstrated by a preponderance of the evidence that dependent claims 2–18, 21–38, and 41–56 are anticipated by Leroux. IPR2013-00138 Patent 7,139,736 B2 39 C. Anticipation by EP ’139—Claims 1–18, 20–38, and 40–56 ZTE contends that claims 1–18, 20–38, and 40–56 are anticipated under § 102(b) by EP ’139. Pet. 32–40. In support of that alleged ground of unpatentability, ZTE provides explanations as to how EP ’139 describes each claim limitation. Id. ZTE also submits the Declaration of Dr. Madisetti (Ex. 1005 ¶¶ 115–120) to support its positions. Upon reviewing ZTE’s Petition and supporting evidence, as well as ContentGuard’s Patent Owner Response and supporting evidence, we determine that ZTE has not demonstrated by a preponderance of the evidence that claims 1–18, 20–38, and 40–56 are anticipated by EP ’139. We begin our analysis with a brief discussion of EP ’139, and then we turn to the arguments presented by both ZTE and ContentGuard that are directed to whether EP ’139 describes a “distributed repository” that maintains “behavioral integrity,” as required by independent claims 1, 20, and 40. 1. EP ’139 EP ’139 discloses a data processing system with a software copy protection mechanism. Ex. 1012, 1:4–6. To provide security, each computer or host that runs a protected software application is associated with a logically and physically secure coprocessor. Ex. 1012, 1:25–29. Figure 1 of EP ’139, reproduced below, describes the important components of the software protection mechanism and how they interact. Ex. 1012, 21:29–31. IPR2013-00138 Patent 7,139,736 B2 40 According to the embodiment shown in Figure 1, EP ’139 discloses a software protection mechanism embodied in a composite computing system. Ex. 1012, 21:58–22:2. This composite computer system includes host 10 and coprocessor 20 connected via communication link 14. Ex. 1012, 22:3– 6. Coprocessor 20 also includes permanent, non-volatile memory 25 and temporary memory 26. Ex. 1012, 22:19–21. In order to execute a protected application, a user must install a right to execute the application, in the form of a software decryption key, in permanent memory 25. Ex. 1012, 22:22– 32. To install this right to execute, the user receives from a software vendor hardware cartridge 30 and distribution disk 16. Ex. 1012, 22:32–36. In one embodiment, distribution disk 16 stores the following three files: (1) the protected software application including an encrypted portion; (2) software decryption key AK, encrypted by a different decryption key CSK provided by the vendor and already stored in coprocessor 20; and (3) token data encrypted by the software decryption key. Ex. 1012, 22:23– 27, 36–48. To install the right to execute, coprocessor 20 decrypts the IPR2013-00138 Patent 7,139,736 B2 41 software decryption key in temporary memory, and then verifies that the hardware cartridge is authentic by querying the token data included in the cartridge to determine if they match those in the token data file. Ex. 1012, 23:1–8. Hardware cartridge 30 will contain the token data only if it has not been used. Ex. 1012, 23:8–11. After verifying that the hardware cartridge is authentic and unused, coprocessor 20 will accept the right to execute and store the software decryption key AK in permanent memory 25. Ex. 1012, 23:11–16. With access to the software decryption key AK, the protected application file can be decrypted and stored in temporary memory 26 so that it may be executed by coprocessor 20. Ex. 1012, 23:16–21. In one embodiment, EP ’139 discloses a source composite processor, including source host 10 and coprocessor 20, that communicates with a sink composite processor, including sink host 110 and sink coprocessor 120. Ex. 1012, 25:49–52. The source and sink processors are interconnected via communication link 200. Ex. 1012, 26:5–6. EP ’139 discloses that source coprocessor 20 and sink coprocessor 120 exchange encrypted information. Ex. 1012, 26:10–20. Only coprocessors that are “member[s] of the family” are capable of decrypting and recognizing the information transmitted thereto. Ex. 1012, 26:7–10, 20–23. EP ’139 also discloses that source coprocessor 20 can encrypt a right to execute a particular software program and send it to sink coprocessor 120. Ex. 1012, 26:32–35. IPR2013-00138 Patent 7,139,736 B2 42 2. “Distributed Repository” (Claims 1, 20, and 40) Independent claims 1, 20, and 40 each require a “distributed repository.” Ex. 1001, 52:65–67; 54:4–6; 55:23–25. As discussed above, a “repository” is construed as “a trusted system which maintains physical, communications and behavioral integrity, and supports usage rights.” “Physical integrity” is construed as “preventing access to information by a non-trusted system.” “Communications integrity” is construed as “only communicates with other devices that are able to present proof that they are trusted systems, for example, by using security measures such as encryption, exchange of digital certificates, and nonces.” “Behavioral integrity” is construed as “requiring software to include a digital certificate in order to be installed in the repository.” In its Petition, ZTE takes the position EP ’139’s source coprocessor 20, which include permanent memory 25 and temporary memory 26, constitutes the claimed “distributed repository.” Pet. 33, 35, 39–40. In our analysis below, we determine whether EP ’139’s source coprocessor 20 constitutes the claimed “distributed repository” that maintains “behavioral integrity.” a. Behavioral Integrity ContentGuard contends that EP ’139’s source coprocessor 20 does not amount to the claimed “repository” because it does not maintain “behavioral integrity.” PO Resp. 29–33. That contention has three layers of complexity. 1. The first relates to ContentGuard’s contention that “behavioral integrity” of a repository is directed to, and concerns only, the operating IPR2013-00138 Patent 7,139,736 B2 43 software of the repository, i.e., the software that enables the repository to control the usage rights and distribution of digital works, and not the software digital works managed by the repository, itself. PO Resp. 29. In our claim construction analysis, we already found that contention of ContentGuard unpersuasive. 2. The second relates to ContentGuard’s contention that “behavioral integrity” of a repository does not require the presence and use of a digital certificate to authenticate the software digital work being installed in a repository. PO Resp. 30–32. Instead, ContentGuard argues that “behavioral integrity” of a repository merely requires checking that the software loaded onto the repository is authentic or unaltered prior to rendering the software. Id. at 32. In our claim construction analysis, we also found that contention of ContentGuard unpersuasive. 3. The third relates to ContentGuard’s contention that software decryption key AK disclosed in EP ’139, which is associated with the software digital work being sent to source coprocessor 20, is not a digital certificate. PO Resp. 32–33. According to ZTE, EP ’139’s software decryption key AK constitutes the digital certificate. Pet. Reply 9 (citing Ex. 1012, 26:7–48; Ex. 1025 ¶ 46). Taking into account the evidence presented by both parties, we determine that ZTE has not demonstrated by a preponderance of the evidence that, in the disclosed system of EP ’139, the IPR2013-00138 Patent 7,139,736 B2 44 decryption key AK accompanying a software digital work constitutes a digital certificate that authenticates the source of the software. Dr. Madisetti testified that, in his opinion, the source coprocessor 20 encrypting a right-to-execute and transmitting that encrypted right-to- execute to sink coprocessor 120 indicates that the software in EP ’139 must include a digital certificate to be installed in a repository. Ex. 1025 ¶ 46 (citing Ex. 1012, 26:32–35). Dr. Madisetti explained that the right-to- execute is required in order for the protected software to be decrypted, stored, and executed. Id. (citing Ex. 1012, 23:16–21). On that basis, Dr. Madisetti concludes that “in EP ’139, the [decryption key] AK serves as a digital certificate under the Board’s construction as the AK is required in order to install the software in the repository.” Id. The reasoning of Dr. Madisetti is tenuous, at best, because the issue is not whether, in some respect, a decryption key under certain operating conditions may “serve as” or substitute for a digital certificate that authenticates the source of the software, but whether a decryption key, itself, “is” a digital certificate. Dr. Madisetti’s testimony falls short of stating that EP ’139’s decryption key AK would be referred to, or identified by, one with ordinary skill in the art as a digital certificate. In our discussion of the construction of “behavioral integrity,” we were unpersuaded by ContentGuard’s contention that a digital certificate is not required, and that anything which accomplishes a similar objective in substantially the same way is satisfactory. IPR2013-00138 Patent 7,139,736 B2 45 ZTE does not account adequately for the fact that, even if decryption of software with EP ’139’s decryption key AK is regarded as authentication of the source of the software, the decryption key AK, itself, does not authenticate anything. Rather, it has to be applied in a decryption process— it is that process which determines an ascertainable result for further evaluation. Thus, EP ’139’s decryption key AK is unlike a digital certificate which, by itself, authenticates the source of the software. Moreover, ZTE does not explain adequately why decryption indicates authenticity of the software source. ZTE’s contention assumes that no one tampered with the software while preserving the proper encryption, or that no one created a false or unauthorized version having the proper encryption. Those assumptions are speculative in the context of providing security. ZTE further contends that EP ’139 consistently describes the software as a “protected application.” Pet. Reply 9 (citing Ex. 1012, 22:39). For instance, ZTE argues that EP ’139 discloses that the encrypted application software cannot be modified by a user. Id. (citing Ex. 1012, 3:49–54). Such disclosure is evidence that the software disclosed in EP must be decrypted before it can be modified or executed—it does not indicate that the decryption process, by itself, authenticates the source of the software. Once again, insofar as “assurance” means a specifically expressed indication, we credit the testimony of ContentGuard’s expert, Dr. Goodrich, that “a person of ordinary skill in the art [in 1994] would [have understood] a digital certificate to be an assurance that downloaded software comes from a reputable source, including a measure of tamper resistance.” Ex. 2013 IPR2013-00138 Patent 7,139,736 B2 46 ¶ 39 (citing the definition of “digital certificate” from the MICROSOFT COMPUTER DICTIONARY (4th ed. 1999)). An unexpressed and subjective thought, on the other hand, does not qualify. As discussed above, EP’139’s decryption key AK does not meet the requirements of that definition of “digital certificate.” b. Summary In summary, EP ’139’s source coprocessor 20 does not amount to a “repository” that maintains “behavioral integrity,” as required by independent claims 1, 20, and 40, because ZTE has not persuaded us that the decryption key AK disclosed in EP ’139 constitutes a digital certificate. For the foregoing reasons, we conclude that ZTE has not demonstrated by a preponderance of the evidence that independent claims 1, 20, and 40 are anticipated by EP ’139. 3. Claims 2–18, 21–38, and 41–56 As we indicated previously, claims 2–18, 21–38, and 41–56 depend directly or indirectly from independent claims 1, 20, and 40, respectively. Therefore, each of claims 2–18, 21–38, and 41–56 incorporate the same limitations as their underlying base claim. For the same reasons discussed above with respect to independent claims 1, 20, and 40, we conclude that ZTE has not demonstrated by a preponderance of the evidence that dependent claims 2–18, 21–38, and 41–56 are anticipated by EP ’139. IPR2013-00138 Patent 7,139,736 B2 47 III. CONCLUSION ZTE has not demonstrated by a preponderance of the evidence that claims 1–18, 20–38, and 40–56 of the ’736 patent are unpatentable based on the grounds of unpatentability set forth in the table below. Claims Basis Reference 1–18, 20–38, and 40–56 § 102(e) Leroux 1–18, 20–38, and 40–56 § 102(b) EP ’139 IV. ORDER In consideration of the foregoing, it is: ORDERED that ZTE has not demonstrated by a preponderance of evidence that claims 1–18, 20–38, and 40–56 of the ’736 patent are unpatentable; and FURTHER ORDERED that, because this is a final written decision, parties to the proceeding seeking judicial review of the decision must comply with the notice and service requirements of 37 C.F.R. § 90.2. IPR2013-00138 Patent 7,139,736 B2 48 For PETITIONER: Jon Beaupre Miyoung Shin Rickard DeMille David Bluestone Peter Lee Lawrence Chen BRINKS HOFER GILSON & LIONE jbeaupre@brinkshofer.com mshin@brinkshofer.com rdemille@brinkshofer.com dbluestone@brinkshofer.com plee@brinkshofer.com lchen@brinkshofer.com For PATENT OWNER: Robert Sterne Jon Wright Jason Eisenberg STERNE, KESSLER, GOLDSTEIN & FOX PLLC rsterne-PTAB@skgf.com jwright-PTAB@skgf.com jasone-PTAB@skgf.com

ZTE Corporation v. ContentGuard Holdings, Inc.