IPR2015-01061

Paper No. __ Filed: April 18, 2015

Filed on behalf of: Unified Patents Inc. By: Linda Thayer Jonathan Stroud

Finnegan, Henderson, Farabow, Garrett & Dunner, L.L.P. 901 New York Avenue, NW Washington, DC 200014413 Telephone: 617-646-1680

Facsimile: 202-408-4400 Email: [email protected]

UNITED STATES PATENT AND TRADEMARK OFFICE ____________

BEFORE THE PATENT TRIAL AND APPEAL BOARD

____________

UNIFIED PATENTS INC., Petitioner

v.

iMTX STRATEGIC, LLC Patent Owner

____________

IPR2015-01061 Patent 7,269,854

Transaction System for Transporting Media Files from Content Provider Sources to Home Entertainment Devices

____________

PETITION FOR INTER PARTES REVIEW OF U.S. PATENT 7,269,854

IPR2015-01061, Petition Patent 7,269,854

i

TABLE OF CONTENTS I. INTRODUCTION........................................................................................................................................1II. GROUNDS FOR STANDING...................................................................................................................2III. MANDATORY NOTICES.....................................................................................................................2

A. REAL PARTYININTEREST....................................................................................................................................2B. RELATED MATTERS...................................................................................................................................................2C. LEAD AND BACK-UP COUNSEL; CONSENT TO ELECTRONIC SERVICE......................................................3

IV. FEE PAYMENT.......................................................................................................................................4V. STATEMENT OF PRECISE RELIEF REQUESTED.......................................................................4

A. CLAIMS FOR WHICH REVIEW IS REQUESTED....................................................................................................4B. STATUTORY GROUNDS OF CHALLENGE.............................................................................................................4C. THE LEVEL OF ORDINARY SKILL IN THE ART AT THE TIME OF THE CLAIMED INVENTION.............4D. STATE OF THE ART AT THE TIME OF THE CLAIMED INVENTION...............................................................5

VI. SUMMARY OF THE 854 PATENT...................................................................................................6A. SPECIFICATION AND CLAIMS OF THE 854 PATENT.........................................................................................6B. THE 854 PATENT PROSECUTION..........................................................................................................................8C. CLAIM CONSTRUCTION..........................................................................................................................................10

1. Means-Plus-Function Terms ................................................................................................ 10VII. CLAIMS 123 OF THE 854 PATENT ARE UNPATENTABLE.............................................11

A. GROUND 1: CLAIMS 123 ARE OBVIOUS UNDER 35 U.S.C. 103(A) OVER LIBMAN (EX1009) IN VIEW OF SPIES (EX1006)..................................................................................................................................................11

1. Libman (EX1009) .......................................................................................................... 122. Spies (EX1006) .............................................................................................................. 143. Rationale to Combine Libman and Spies ................................................................................ 15

B. GROUND 2: CLAIMS 123 ARE OBVIOUS UNDER 35 U.S.C. 103(A) OVER KENNER (EX1007) IN VIEW OF SPIES (EX1006)..................................................................................................................................................42

1. Kenner (EX1007). .......................................................................................................... 432. Spies (EX1006) .............................................................................................................. 443. Rationale to Combine Kenner and Spies ................................................................................. 44

VIII. CONCLUSION......................................................................................................................................60

LIST OF EXHIBITS

Exhibit Description EX1001 U.S. Patent No. 7,269,854 (filed Feb. 20, 2001) (the 854 patent) EX1002 Declaration of Dr. Charles Eldering, Ph.D.


ii

EX1003 File History of The 854 Patent EX1004 EX1002 Assignment of 7,269,854 to iMTX Strategic, LLC (retrieved Apr.

13, 2015), available at httpassignment.uspto.gov#assignmentid=24794-305&q=7269854

EX1005 U.S. Patent No. 5,926,624 (filed Sept. 12, 1996) to Katz et al (Katz) EX1006 U.S. Patent No. 6,055,314 (filed Mar. 22, 1996) to Spies et al (Spies) EX1007 U.S. Patent No. 5,956,716 (filed June 7, 1996) to Kenner et al (Kenner) EX1008 U.S. Patent Publication No. 2003/0040962 (filed Apr. 19, 2002) to Lewis

(Lewis) EX1009 Roger E. Libman et al, The Interactive Video Network: An Overview of the Video

Manager and V Protocol, AT&T Technical J., Sept/Oct. 1995 EX1010 U.S. Patent No. 5,475,585 (filed Feb. 2, 1994) to Bush (Bush) EX1011 U.S. Patent No. 5,740,246 (filed Apr. 14, 1998) to Saito (Saito) EX1012 Daniel Minoli, Video Dialtone Technology (McGraw-Hill 1995) EX1013 U.S. Patent No. 5,677,905 (filed Mar. 28, 1995) to Bigham (Bigham) EX1014 U.S. Patent No. 5,509,074 (filed Apr. 16, 1996) to Choudhury et al

(Choudhury) EX1015 Yee-Hsiang Chang, David Coggins, Daniel Pitt, David Skellern, Manu

Thapar, and Chandra Venkatraman, An Open-Systems Approach to Video on Demand, IEEE Communications Magazine, May 1994, at 68

EX1016 Nosa Omoigui, Marvin A. Sirbu, Charles Eldering, and Nageen Himayat, Comparing Integrated Broadband Architectures from an Economic and Public Policy Perspective. (1996), in The Internet and Telecommunications Policy (G. Brock & G. Rosston Eds. 1996)

EX1017 Robert Mason, Nageen Himayat, Charles Eldering, Nosa Omigui, & Marvin Sirbu, Overview of Hybrid Fiber-Coax and Fiber-in-the-Loop Architectures, Proceedings of the 1995 National Fiber Optic Engineers Conference, at 284291 (Boston, MA June 1822, 1995)

EX1018 Unified Patents LLC Voluntary Interrogatories EX1019 Charles Eldering, Ph.D. Curriculum Vitae EX1020 Alfred Menezes et al, Handbook of Applied Cryptography Ch. 23 (1996) EX1021 Bruce Schneier, Applied Cryptography, Ch. 7 (2d ed. 1996)


1

I. INTRODUCTION

Petitioner Unified Patents Inc. (Unified) requests Inter Partes Review (IPR)

of claims 123 of U.S. Patent No. 7,269,854 (the 854 patent) assigned to iMTX

Strategic, LLC. EX1004.

The 854 patent, which has an effective filing date of August 23, 1998, purports

to describe new methods and systems for enabling users to request and download

selected media files from content providers via the Internet. Id. at Abstract; 6:48.

Patent Owner, through its litigations against various content providers, appears to

believe it invented on-demand content delivery over a network. But systems like

Video Dial Tone, Video On Demand, interactive TV, MP3 purchases, and other

content purchaseandrental systems over broadband and Internet networks existed

well before August 23, 1998. EX1002 at 910. Likewise, there is nothing new

about a content delivery system where [o]nly the requesting home user site is able to

decrypt the downloaded file. EX1001, 2:4749. The 854 patent concedes that

existing encryption algorithms are used and that algorithms such as PGP and the

Unix crypt command were readily known and available. Id. at 8:2332. It is a

fundamental principle of encryption that only the recipient of an encrypted file is able

to decrypt it. EX1002, at 1213. In short, the claims of the 854 patent combine

old technologies in obvious ways to get expected results. Unified respectfully requests

that the Board institute IPR, review this patent, and cancel the claims.


2

II. GROUNDS FOR STANDING

Petitioner certifies that the 854 patent is available for IPR and that the

Petitioner is not barred or estopped from requesting IPR challenging the 854 patent

on the grounds identified. See 37 C.F.R. 42.104(a). Specifically: (1) Petitioner is not

the owner of the 854 patent; (2) Petitioner is not barred or estopped from requesting

IPR; and (3) this Petition is being filed less than a year after Petitioner was served with

a complaint alleging infringement of the 854 patent.

III. MANDATORY NOTICES

A. Real PartyinInterest

Pursuant to 37 C.F.R. 42.8(b)(1), Petitioner certifies that Unified is the real

party-in-interest, and further certifies that no other party exercised control or could

exercise control over Unifieds participation in this proceeding, the filing of this

petition, or the conduct of any ensuing trial. See EX1018.

B. Related Matters

iMTX Strategic LLC has asserted the 854 patent in eighteen patent litigations.

Caption Number Dist. Filed iMTX Strategic LLC v. Spotify USA Inc. 4-15-cv-00593 CAND Feb. 10, 2015

iMTX Strategic LLC v. Vimeo LLC 4-15-cv-00592 CAND Feb. 6, 2015

iMTX Strategic LLC v. Vudu Inc. 4-15-cv-00599 CAND Feb. 6, 2015

iMTX Strategic LLC v. Hulu LLC 4-15-cv-00596 CAND Feb. 6, 2015


3

iMTX Strategic LLC v. Netflix Inc. 4-15-cv-00597 CAND Feb. 6, 2015

iMTX Strategic LLC v. Home Box Office Inc. 4-15-cv-00595 CAND Feb. 6, 2015

iMTX Strategic LLC v. Rhapsody Intl Inc. 4-15-cv-00594 CAND Feb. 6, 2015

iMTX Strategic LLC v. Verizon Commns Inc. 4-15-cv-00598 CAND Feb. 6, 2015

iMTX Strategic LLC v. Rhapsody Intl Inc. 1-15-cv-00036 DED Jan. 13, 2015

iMTX Strategic, LLC v. Apple Inc. 1-14-cv-00546 DED Apr. 25, 2014

iMTX Strategic, LLC v. Hulu, LLC 1-14-cv-00548 DED Apr. 25, 2014

iMTX Strategic, LLC v. Home Box Office, Inc. 1-14-cv-00547 DED Apr. 25, 2014

iMTX Strategic, LLC v. Netflix, Inc. 1-14-cv-00549 DED Apr. 25, 2014

iMTX Strategic, LLC v. VUDU, Inc. 1-14-cv-00551 DED Apr. 25, 2014

iMTX Strategic, LLC v. Verizon Commns Inc. 1-14-cv-00550 DED Apr. 25, 2014

iMTX Strategic, LLC v. Spotify USA, Inc. 1-14-cv-00325 DED Mar. 11, 2014

iMTX Strategic LLC v. Rhapsody Intl Inc. 1-14-cv-00269 DED Feb. 27, 2014

iMTX Strategic, LLC v. Vimeo, LLC 1-13-cv-01940 DED Nov. 19, 2013

C. Lead and Back-up Counsel; Consent to Electronic Service

The signature block of this petition designates lead counsel, backup counsel,

and service information for each petitioner. Unified designates Linda Thayer (Reg.

No. 45,681) as lead counsel. Unified designates Jonathan Stroud (Reg. No. 72,518) as

back-up counsel. They can be reached at Finnegan, Henderson, Farabow, Garrett &


4

Dunner, LLP, 901 New York Ave. NW, Washington, DC 20001. Petitioner consents

to electronic service of all documents at [email protected].

IV. FEE PAYMENT

The required fees are submitted under 37 C.F.R. 42.103(a) and 42.15(a). If

any additional fees are due during this proceeding, the Office may charge such fees to

Deposit Account No. 060916.

V. STATEMENT OF PRECISE RELIEF REQUESTED

A. Claims for Which Review Is Requested

Petitioner requests IPR and cancellation of claims 123 of the 854 patent

under 35 U.S.C. 311.

B. Statutory Grounds of Challenge

Petitioner requests that the Board institute trial on the following grounds:

Ground Proposed Statutory Rejections for the 854 Patent Exhibit No.

1 Claims 123 are obvious under 35 U.S.C. 103(a) over Libman (EX1009) in view of Spies (EX1006).

EX1009 &

EX1006

2 Claims 123 are obvious under 35 U.S.C. 103(a) by Kenner (EX1007) in view of Spies (EX1006).

EX1007 &

EX1006

C. The Level of Ordinary Skill in the Art at the Time of the Claimed Invention

The 854 patent has an effective filing date of August 23, 1998, based on

Provisional Application No. 60/097,678. A person having ordinary skill in the art


5

(POSA) of content delivery at that time (i.e., in the art for the 854 patent) would

have (i) a B.S. degree in Electrical Engineering or equivalent training, and (ii)

approximately two years of direct experience in networked content delivery

technologies. See EX1002 at 32.

D. State of the Art at the Time of the Claimed Invention

As Dr. Charles Eldering explains, prior to August 23, 1998, the field of content

delivery had exploded well before the filing of the 845 patent. For years prior to

1998, there had been tremendous interest in architectures and methods for delivering

both video and audio content using the Internet and other networks, methods of

securely transmitting it, methods of commercializing it, and methods of using the

Internet and networks to deliver that content. See EX1002 at 9. Dr. Eldering

designed and analyzed these networks, publishing several articles on their various

architectures. Id. at 56, 9. As he explains, telephone companies, as common

carriers, could not own content, so there was tremendous financial interest in offering

a transactionmoderated architecture for delivering that content from content

providers through the telephone and Internet networks. Id. at 9.

Dr. Eldering explains how broadband network content delivery systems

allowed parties to purchase, request, and download a video file to a set-top box, a

home entertainment system, a public kiosk, hotel televisions, or elsewhere. At the

same time, the same and similar transaction architectures were being developed for


6

Internetserviced purchase of all types of digital content, e.g., EX1005 (Katz), for

computer files, e.g., EX1006 (Spies), and for video, e.g. EX1009 (Libman). See, e.g.,

EX1008 (Lewis) (discussing other Intent-based systems like Video On Demand, Pay

per view, interactive TV).

Those systems were generally secured and the files were generally encrypted for

transmission to prevent unauthorized use. EX1002 at 11-13. Unique dynamic

keys and encryption were widely known at the time of invention, such as for instance,

Derived Unique Key Per Transaction (DUKPT) schemes, PGP, Unix Crypt, and

other wellknown encryption schemes. EX1002 at 11-13.

Thus, both the network architecture and encryption schemes of the 854 patent

were well known prior to August 18, 1998.

VI. SUMMARY OF THE 854 PATENT

A. Specification and Claims of the 854 Patent

The 854 patent purports to disclose a [transaction system for transporting

media files from content provider sources to home entertainment devices]. EX1001

at Title. The disclosed systems purportedly enabl[e] users to request and download

selected media files from distributed content provider sites. Id. at Abstract. A user

may connect to the transaction server via the Internet to access a program guide

listing available media files, select a desired file and request the transaction server

to authorize download of the selected file. Id. The transaction server sends the


7

request along with file encryption and transfer instructions to the content provider,

which dynamically encrypt[s] the requested file and downloads the encrypted file to

the requesting users player/receiver. Id. The requesting player/receiver is uniquely

capable of decrypting a downloaded file concurrent with playing back the file on a

conventional home television set and/or audio system. Id.

While some of the claims may recite that the content is delivered via the

Internet, the specification specifically claims that the purported delivery could be

over any type of network. Id. at 2:29-34 ( [a] system in accordance with the

invention can operate with various, public and private communications networks but

its primary application is intended to be with the public Internet for delivering media

files to a home user for playback via conventional television sets and audio systems.);

Id. at 4:36-41 (the network 11 comprises the public Internet and connections to the

Internet are formed via suitable broadband network connectivity devices 12, e.g.,

cable modems, digital subscriber line (DSL) modems, or very small aperture satellite

(VSAT) Internet access systems.).

The 854 patent thus effectively describes a conventional content delivery

system where the user requests digital media, an intermediate server verifies the user

identity and, if identity is verified, the intermediate server authorizes a content

provider to download the digital media to the player/receiver over a network. The

configurations contemplated by the 854 patent are not materially different from those


8

publicly available prior to the priority date of the 854 patent, such as The AT&T

Video Manager system, Video Dialtone systems, satellite broadcast delivery systems,

video on demand systems, and pay-per view-systems. EX1002 at 910; See

EX1005 (Katz) at Figs. 110 (network architecture and cryptography); EX1006 (Spies)

(network architecture and cryptography); EX1007 (Kenner) (same); EX1008 (Lewis)

(network architecture and cryptography; discussing video on demand, interactive TV,

and pay-per-view systems); EX1009 (Libman); EX1010 (Bush) (network architecture

and cryptography); EX1012 (Minoli) (same); EX1013 (Bigham) (same, Video Dialtone).

Security mechanisms, including conditional access (conditionally granting a user

access to a media file), encryption, and key management and distribution, were all well

understood concepts and considered normal security attributes for these systems.

EX1012 (Minoli) at 43537; EX1002 at 1113, 21; see generally EX1011 (Saito)

(cryptography); EX1014 (Choudhury) (same); EX1020 (Menezes) (same); EX1021

(Schneier) (same).

B. The 854 Patent Prosecution

The 854 patent was before the Office for over six yearsthe application was

filed in 2001 and only issued in May 2007. EX1001. The examiner rejected the claims

123 at least five times over various prior art references not presented here. See

EX1003., passim. The applicant did not substantively amend the claims during these


9

responses1, instead only arguing for patentability over the various prior art presented.

Id..

Amid the myriad arguments made over the course of the long prosecution,

applicant made a number of representations regarding what it considered the claimed

invention. For instance, applicant stated applicants user site never receives a media

file from the transaction server. It is urged that this very important distinction is

clearly set forth in applicants independent claims 1 and 14. Id. at 152 (Applicants

Reply to Office Action, dated July 3, 2006). Applicant further represented claims 1

and 14 are limited to enabling a transaction server to instruct a media server to

download an identified media file to a requesting user directly. Id.

On October 2006, there was a telephonic interview. Id. at 19698. Shortly

thereafter, the examiner withdrew the rejection and allowed all of the claims. Id. at

22023. In the reasons for allowance, the examiner stated:

[T]he prior art fails to teach the receiving a request for a file at a

transaction server and authorizing a provider to send the requested file

directly to the client. The prior art generally teaches all traffic between

the client and provider being transmitted through the transaction server.

The prior art fails to teach or suggest a method of sending the files from

the provider directly to the client nor is there a suggestion to modify the

prior art to do so.

1 See EX1003 at 10913 (claim listing with Patent Owner Response, filed Dec. 2, 2005).


10

Id. at 221. In other words, if the examiner had been confronted with prior art that

taught the media files returning through the transaction server, rather than a

method of sending the files from the provider directly to the client, he would not

have allowed the claims. Id.

C. Claim Construction

In an IPR, an unexpired patents claims receive the broadest reasonable

construction in light of the specification of the patent in which it appears. 37 C.F.R.

42.100(b). Unless otherwise noted, Petitioner proposes that the claim terms of the

854 patent be given their ordinary and customary meanings in the art.

1. Means-Plus-Function Terms

Claims 9 and 10 include limitations in means-plus-function format and should

thus be construed pursuant to 35 U.S.C. 112, 6. When construing a meansplus

function limitation, the claimed function must be identified, and then the

corresponding structure that actually performs the claimed function must be identified

in the specification. See Med. Instrumentation & Diagnostics Corp. v. Elektra AB, 344 F.3d

1205, 1210 (Fed. Cir. 2003). A means-plus-function claim term is limited to the

structures disclosed in the specification and equivalents. Id.

a) means for displaying a program guide listing media files stored by the digital storage device therein.

Claims 9 and 10 claim a means for displaying a program guide listing media

files stored by the digital storage device therein. EX1001 at claims 9, 10. The


11

function is displaying a program guide listing media files stored by the digital storage

device therein. Id. The specification refers to only a handful of specific devices that

arguably may be used for displaying the program guide: a conventional home

television set, id. at 3:4750 (the player/receiver which in turn displays the list as an

interactive program guide or menu, preferably on a home television set); a

conventional television set/video display 42, id. at 5:1516; or display means 236

(e.g., a vacuum fluorescent display), id. at 10:1920.

VII. CLAIMS 123 OF THE 854 PATENT ARE UNPATENTABLE

A. Ground 1: Claims 123 are Obvious under 35 U.S.C. 103(a) over Libman (EX1009) in view of Spies (EX1006).

The 854 patent was filed February 20, 2001, as a continuation of application

No. PCT/US99/19108, filed on August 19, 1999, which claims the benefit of U.S.

Provisional application No. 60/097,678, filed in August 23, 1998. The Libman article,

The Interactive Video Network: An Overview of the Video Manager and V Protocol, was

published in the Sept/Oct. 1995 of the AT&T Technical Journal (EX1009). As the

Libman article was published more than a year prior to August 19, 1999, and before

the filing of the provisional application, it is prior art under 102(a), (b). U.S. Patent

No. 6,055,314 to Spies, was filed March 22, 1996, and issued April 25, 2000 (EX1006).

Spies is therefore prior art under 102(e). Libman and Spies constitute prior art under

35 U.S.C. 102 (pre-AIA).


12

1. Libman (EX1009)

Libman discloses a user-to-network architecture that provides an

infrastructure for delivering interactive multimedia services, one of which may be

video. Id. at 92. According to Libman, the system can carry hundreds of digital

programs, allowing for point-to-point interactive services such as movies on

demand. Id. at 95. Developed for AT&T, the network includes authentication,

encryption, and secure download of multimedia services. See, e.g., id. at 9597.

Libman Figure 2 discloses triangular network architecture whereby a client, using a

V Protoctol, contacts a Video Manager through a transportation network; the Video

Manager contacts a server hosting content;

then the Video Manager authorizes the

server to transport multimedia files directly

to the client. Id. Fig. 2.

As shown in Figure 1, it discloses an

architecture whereby multiple users can use the system to contact multiple content

providers using network intermediaries:


13

:

As disclosed in Libman, this network can provide the entire range of

interactive services. Two key elements of this architecture are the AT&T Video

Manager and the user-to-network protocolthe V Protocolused by the Video

Manager to communicate at the session layer with video information provider's

(VIP's) servers and end users. Id. at 92.

Libman teaches encryption to control access and privacy, because the the

transmission medium in this access architecture is shared. Id. at 95. The Video

Manager will set up the pathway and also allocates other network resources,

including access encryption keys, which control access and privacy on the HFC

network. Id. at 98.

Libman discloses that its systemsthe Video Manager, the V Protocol, and the

network architectures, all promise to enhance the quality of communication in the

years to come. Id. at 92. They provide the entire range of interactive services

using an independent transacting manager, the Video Manager, to organize secure

downloads directly between media servers and multiple users. See, e.g., Figs. 1, 2.


14

Libman discloses: The Video Manager, the V Protocol, and the network architectures

described in this paper provide a powerful offering to support interactive

services. The development of this key network element and session

layer protocol has helped to move this emerging industry closer to

realization.

Id. at 104. Libman discloses encryption to control access and privacy, because the

the transmission medium in this access architecture is shared. Id. at 95. The Video

Manager will set up the pathway and also allocates other network resources,

including access encryption keys, which control access and privacy on the HFC

network. Id. at 98. Libman, however, does not go into the details of the encryption.

2. Spies (EX1006)

Spies discloses [a] system and method for secure purchase and delivery of

video content programs. EX1006. As shown in Fig. 9, it uses interactive networks,

settop boxes, conventional television sets, video program storages, and video

encryption/key managers to provide secure purchase and delivery of video content.

Id. at Fig. 9.

Spies teaches and discloses the use of a variety of encryption techniques which

allow for the video merchant to encrypt a media file. Spies also teaches and discloses

that the video server performs the encryption based on an authorization sent from the

transaction server. Id. at 5:2553 and Fig. 1 (secure key store 40).


15

Spies likewise discloses an encrypted network or internet architecture, where the

purchaser/user/subscriber contacts a merchant computing unit 44, who mediates the

unique Purchase Transaction encryption shown in figure 2. Id. at 5:558:53; id. at

8:2528 (The decryption capabilities are unique to the IC card and the purchased

program so that the capabilities cannot be transferred to other people or other video

programs.). It then submits a secure key back to the purchaser. The purchaser, who

has now been given the keys to decryption, then contacts the video content provider

to initiate the delivery transaction shown in Figure 3. Id. at 8:609:50.

Spies discloses that the order (request) is encrypted with a random symmetric

bulk data encryption key. Id. at 7:4143. The key must necessarily be known by both

the sender (player/receiver) and secure key store (transaction server) in order to allow

decryption of the order. Id. at 7:4649. Spies also teaches that In many cases, the

encryption key and the decryption key are the same. Id. at 7:4647.

Spies teaches encryption and transmission of the media file packetbypacket.

Id. at 9:6166 and 10:3034. This packetbypacket assembly allows for the dynamic

encryption of the media file while concurrently downloading of the file to the

requesting player/receiver. Id.

3. Rationale to Combine Libman and Spies

Libman teaches a network architecture for delivery of interactive multimedia

services, including video. EX1009 (Libman) at 1. In the A&T Networks described in


16

Libman, the Video Manager served as a trusted point of control to make sure

subscribers received their video selection and were billed correctly. Id. at 96. To

control access, the Video Manager required users to use a personal identification

number (PIN) before receiving service. Id. at 98.

A POSA would have been motivated, with a reasonable expectation of success,

to add various encryption techniques, such as those described in Spies to ensure that

the right subscriber, and only subscribers, received the requested content. EX1002 at

4956. The Video Manager in Libman created security by point-to-point sessions

between servers and a particular set top box. Id. at 96. But one of skill in the art

would have motivated to apply the teachings of Spies to Libman to further increase

security in the following ways, as described in Spies:

The system and method for the secure purchase and delivery of video

content programs described herein has several advantages. First, it

protects against unauthorized interception of a video data stream in

route between a video content provider and a viewer and against

unauthorized copying of output data once at the viewer's premises.

Second, by equipping the IC card with the critical cryptographic

functions, the architecture is versatile to support many different

distribution media, including interactive cable networks and digital video

disks. Third, the IC cards are easily replaceable, and the keys quickly

revocable, which permits easy replacement of the security protocol.

Fourth, the system is designed with no global secrets built into any

hardware. This eliminates the risk of a pirate cracking a specific


17

hardware component (e.g., the STB) and compromising the entire

system. Fifth, the system is convenient for consumers to use.

See EX1006 (Spies) at 16:5517:4 ((emphases added).

Spies discloses that the video server performs the encryption based on an

authorization sent from the transaction server. EX1006 (Spies), 5:2553; Fig. 1

(secure key store 40). Spies teaches that the order (request) is encrypted with a

random symmetric bulk data encryption key. EX1006 (Spies) at 7:4143. The key

must be known by both the sender (player/receiver) and secure key store (transaction

server) to allow decryption of the order. Id. at 7:4649. Furthermore, Spies teaches

[i]n many cases, the encryption key and the decryption key are the same. Id., 7:46

47. A POSA at the time of the filing of the priority application would have known

how to incorporate the teachings of Spies into the system of Libman. EX1002 at

4956.

At the time of filing, and based on Spies, the use of symmetric (or random

symmetric) keys for encryption and decryption was well known. A POSA would have

known to apply the teaching of Spies symmetric keys for the transmission of the order

and for subsequent encryption of the video clips in Libman. EX1002 at 4952.

Spies also discloses encryption and transmission of the media file packet-by-

packet. EX1006 (Spies) at 9:6166 & 10:3034. As Dr. Eldering explains, packet-by-

packet assembly allows for the dynamic encryption of the media file while


18

concurrently downloading of the file to the requesting player/receiver. EX1002 at

63. One of skill in the art at the time of the filing would have been motivated to

dynamically encrypt the media file while concurrently downloading it to avoid

requirements for extra/excess memory for storage of the encrypted file prior to

storage. As explained by Dr. Eldering as consistent with circuits built at the time,

encrypted media files are not usable at the head end, so they are often necessarily

transmitted to the requesting player/receiver once each packet of the file is encrypted.

EX1002 at 68. A POSA would have known to apply the teachings of Spies to the

system of Libman to obtain the claimed feature of decryption upon playback while

concurrently playing back the file on the television set and/or audio equipment at the

same user site. EX1002 at 52, 55.

The claim charts below lay out in detail where each element of the claims 123

is disclosed by Libman or Spies.

854 Patent Independent Claim 1 Disclosure of Libman (EX1007) at Spies (EX1006) [1.0] A system for executing user transaction requests for delivering digital media files via the Internet for driving a user site television set and/or audio equipment, said system comprising:

Libman: A system (id., at 92: a user-to-network architecture) for executing user transaction requests (user requests, Id., 94, 95) for delivering digital media files (provides infrastructure for delivering interactive multimedia services, one of which may be video. Id. at 92) via the Internet (Video Network, id. at Title, ATM network, interactive video network, broadband, id.) for driving a user site television set and/or audio equipment (residential equipment such as set-top terminals (STTs) or personal computers, id. at 93), said system comprising:


19

Spies: A system for executing user transaction requests (id., Abstract (A system and method for secure purchase and delivery of video content programs over various distribution media) for delivering digital media files via the Internet (id. at 14:2430 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet, to computers or network terminals which display the images.); for driving a user site television set and/or audio equipment id. at 3336 (A user interface unit might be implemented in visual display units including broadcast televisions, cable-ready televisions, television/set-top box units, computers, and the like.), said system comprising:

[1.1] a plurality of user sites,

Libman: a plurality of user sites, (showing a plurality of set-top terminals at user sites, id., Fig. 1; residential equipment such as set-top terminals (STTs) or personal computers, id. at 93); Spies: a plurality of user sites, id. at 13:5760 (Interactive entertainment network system 200 has a cable operator 202 interconnected to multiple subscribers 204 via an interactive network 206.).

[1.2] each user site including a player/receiver,

Libman: each user site including a player/receiver (the users interface to the system, which is typically is a personal computer, workstation, or a television set top box, id. at 93); Spies: each user site including a player/receiver (id. at 14:1819 (The subscriber 204 is equipped with a user interface unit in the form of a set-top box (STB) 230 and a television 232.);

[1.3] a television set and/or audio equipment, and

Libman: a television set and/or audio equipment (id. at 93, users multimedia residential equipment such as set-top terminals (STs) or personal computers, and Spies: a television set and/or audio equipment (id. at 14:19 (a television 232.); and


20

[1.4] a connectivity device for connecting said player/receiver to the Internet;

Libman: a connectivity device for connecting said player/receiver to the Internet (optical network unit, id. at Fig. 1; the Level 1 gateway function enables users to choose and connect to a desired VIP in real time, id. at 93); Spies: a connectivity device for connecting said player/receiver to the Internet (id. at 14:4042 (The subscriber STB 230 is interconnected with the headend 208 via an interactive network structure represented by the network cloud 206.); id. at 14:2730 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet.).

[1.5] a plurality of provider sites, each provider site including a media server comprising a media file storage device and

Libman: a plurality of provider sites (media servers, Libman at Fig. 1; In the LEC environment, the FCC has mandated that the network maintain an open interface to allow multiple nonregulated VIPs to attach to the network, Libman at 93), each provider site including a media server comprising a media file storage device (Though the architectures of media servers vary, all such servers maintain a library of program material (such as movies) stored on disk and/or magnetic tape, id. at 93) and Spies: a plurality of provider sites (Id. at 4:655:5 (Examples of a video content provider 22 include a cable operator, a television station, and a movie studio.) each provider site including a media server comprising a media file storage device (the video program storage 214); and

[1.6] a media file encryptor, Libman: a media file encryptor (id. at 98 The Video Manager . . . . allocates other network resources, including access encryption keys, which control access and privacy on the HFC network.) id. at 95 (disclosing encryption to control access and privacy, because the the transmission medium in this access architecture is shared.);


21

Spies: a media file encryptor, (id. at 3:4244 (A video encryption device at the video content provider supplies a video data stream in encrypted format on a distribution medium, such as a distribution network or a digital video disk.).

[1.7] and a connectivity device for connecting said provider site media server to the Internet;

Libman: and a connectivity device for connecting said provider site media server to the Internet (Media servers are connected to access nodes through the broadband switched ATM network, Libman at 93; see Fig. 1 (Broadband switch); Spies: and a connectivity device for connecting said provider site media server to the Internet (id. at 5:2532 (The video content provider 22 has a provider computing unit 34 . . . . The provider computing unit 34 might be configured as a continuous media server that transmits video programs over a distribution network (e.g., ITV networks, computer networks, online networks).); id. at 14:2730 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet.)).

[1.8] a transaction server and a connectivity device for connecting said transaction server to the Internet;

Libman: a transaction server (Video Manager, Libman at 97, which provides essential services to network providers, with tools for service provisioning, network access and billing data collection, and status monitoring,) and a connectivity device for connecting said transaction server to the Internet (said network access, id.); Spies: a transaction server (id. at 6:5258 (Once a program is selected, the purchaser computing unit generates an order for the video content program and sends the credential 54 along with the order over the network to the video merchant.) and a connectivity device for connecting said transaction server to the Internet (The merchant computing unit 44 verifies the credential and downloads the cryptographic program key 56 over the distribution network to the purchaser IC


22

card 50.)). [1.9] each said player/ receiver including a user interface for sending a media file request via the Internet to said transaction server requesting delivery of an identified media file;

Libman: each said player/ receiver (the users interface to the system, which is typically is a personal computer, workstation, or a television set top box, Libman at 93) including a user interface for sending a media file request via the Internet to said transaction server requesting delivery of an identified media file (After the end user makes a selection, the STT sends the selection identifier to the Video Manager. When the Video Manager receives the selection identifier, it contacts the selected VIP and requests a session for the end user using the appropriate session layer protocol.) Libman, at 98); Spies: each said player/ receiver (e.g., user STB 230) including a user interface for sending a media file request via the Internet to said transaction server requesting delivery of an identified media file (id. at 15:3136 (The subscriber might select one or more programs of interest for more information (step 306). Upon selection, the STB 230 sends a request for information on the selected programs. . . ); id. at 3:1320 (The purchaser browses the selections via a user interface program, such as the video-on-demand mode in interactive television systems, and orders a video content program.); id. at 6:6165 ([T]he purchaser orders a video content program from his/her computing unit. The computing unit generates an order describing the video content program and might additionally include instructions and authorization for payment.).

[1.10] said transaction server being responsive to a received media file request for sending an authorization to the provider site storing the requested media file authorizing delivery of the

Libman: said transaction server (Video Manager, id., 97) being responsive to a received media file request (Control messages are exchanged between the STT and the Video Manager along this connection, enabling the Video Manager to determine the desired service for the particular session. The Video Manager informs the selected VIP of the request made by the STT and sets up a network connection between the STT


23

requested media file from said provider site to the requesting player/receiver directly via the Internet;

and the VIP. Libman, 97.); for sending an authorization to the provider site storing the requested media file authorizing delivery of the requested media file from said provider site to the requesting player/receiver directly via the Internet (The Video Manager has an authentication feature that detects whether the hardware address of the residential customer premises equipment matches its network point of presence. The Video Manager will block service if these values do not match. Libman, 97. Id. at Fig. 2);

Spies: said transaction server (video merchant 22) being responsive to a received media file request (id. at 8:2628 (After the IC card 50 has been verified, the video merchant 22 grants the purchaser 26 decryption capabilities to the ordered video content program.) for sending an authorization to the provider site storing the requested media file authorizing delivery of the requested media file from said provider site to the requesting player/receiver, (id. at 5:2532 (The video content provider 22 has a provider computing unit 34 to control video and key distribution. The provider computing unit 34 might be configured as a continuous media server that transmits video programs over a distribution network (e.g., ITV networks, computer networks, online networks).); directly via the Internet (id. at 14:2730 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet, to computers or network terminals which display the images.).

[1.11] said authorized Libman: said authorized provider site being


24

provider site being responsive to said transaction server authorization for uniquely encrypting the identified media file and

responsive to said transaction server authorization for uniquely encrypting the identified media file (The Video Manager . . . . allocates other network resources, including access encryption keys, which control access and privacy on the HFC network. Id. at 98. Libman discloses encryption to control access and privacy, to keep the files encrypted between just the parties, because the the transmission medium in this access architecture is shared. Id. at 95) and Spies: said authorized provider site (video provider computing unit 34, content providers) being responsive to said transaction server authorization for uniquely encrypting the identified media file (id. at 9:4044 [T]he video provider computing unit 34 has a video encryption device 66 which supplies a video data stream 70 of the purchaser video content program in encrypted format to the viewer computing unit 60.); id. at 3:4447 (The video encryption device encrypts the video data stream using the cryptographic program key that is unique to the ordered video content program and included in the decryption capabilities.).

[1.12] for downloading the encrypted media file directly via the Internet to said requesting player/receiver;

Libman: for downloading the encrypted media file directly via the Internet to said requesting player/receiver (direct signaling between the client and server occurs via the user-to-user signaling protocol, without involving the Video Manager. Video and data are transferred over a unidirectional or bidirectional pipe from the server to the client. Libman, at 99); Spies: for downloading the encrypted media file directly via the Internet to said requesting player/receiver (id. at 9:4044 (. . . the video provider computing unit 34 has a video encryption device 66 which supplies a video data stream 70 of the purchaser video content program in encrypted format to the viewer computing unit 60.); id. at 14:2730 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet, to


25

computers or network terminals which display the images.).

[1.13] each said player/ receiver including a media file decryptor; and wherein

Libman: each said player/ receiver including a media file decryptor (Each STT is responsible for tuning to the appropriate 6-MHz channel and decoding a specific program, Libman, 95; For broadcast services, receiving provisioning information from VIPs that determines which program streams an STT is authorized to decode. Id.); and wherein Spies: each said player/ receiver including a media file decryptor (id. at 16:4849 (The expanded key is output to the STB 230 which uses it to decrypt the video data packets (step 336).), and wherein

[1.14] only said requesting player/receiver decryptor is capable of decrypting said encrypted media file downloaded thereto for playback on the television set and/or audio equipment at the same user site.

Libman: only said requesting player/receiver decryptor (see 1.13, supra) is capable of decrypting said encrypted media file downloaded thereto for playback on the television set and/or audio equipment at the same user site (Each STT is responsible for tuning to the appropriate 6-MHz channel and decoding a specific program. Libman, 95.); Spies: only said requesting player/receiver decryptor (see 1.13, supra) is capable of decrypting said encrypted media file downloaded thereto for playback on the television set and/or audio equipment at the same user site (id. at 7:2224 (First, only the holder of the private key can decrypt a message that is encrypted with the corresponding public key.); id. at 3:6465 (In this manner, the video content program is delivered securely to the appropriate customer.)).

Claim 2 Disclosure of Libman (EX1007) at Spies (EX1006) [2.0] The system of claim 1 wherein said provider site encrypts said media file using a unique

Libman: The system of claim 1 (see Claim 1, supra) wherein said provider site encrypts said media file using a unique encryption key (encryption to control access and privacy, because the the transmission medium in this access architecture is shared, Id. at 95, to control access and privacy


26

encryption key and on the HFC network. Id. at 98.) and Spies: The system of claim 1 (see Claim 1, supra) wherein said provider site encrypts said media file using a unique encryption key (id. at 8:2732 (The decryption capabilities are unique to the IC card and the purchased program so that the capabilities cannot be transferred to other people or other video programs.), id. at 9:4752 (The video encryption device 66 encrypts each packet according to a function of the cryptographic program key for the entire program and a cryptographic packet key that is uniquely generated for each packet itself.) (emphasis added).

[2.1] wherein said requesting player/receiver decrypts said media file using a matching encryption key.

Spies: wherein said requesting player/receiver decrypts said media file using a matching encryption key (id. at 9:1421 (The viewer inserts the IC card 50 into the I/O device on the viewer computing unit 60. When the IC card 50 is coupled to the viewer computing unit 60, the microcontroller 52 on the IC card is interactively interfaced with the viewer computing unit 60 to cooperatively decrypt the video data stream received from the video content provider.)); (id. at 11:4763 (The IC card is configured with various cryptographic functionality to facilitate the purchase transaction and to at least partly decrypt the video data stream by producing the expanded key used in the decryption process. The cryptographic functionality is preferably implemented as one or more cryptographic service providers (CSPs) which perform encryption key management, encryption/decryption services, hashing routines, digital signing, and authentication tasks. In the illustrated implementation, an RSA CSP 55 118 is shown to represent the process involving use of asymmetric encryption algorithms, such as RSA algorithms.); (id. at 12:811 (The CSP provides a key manager function that stores, generates, or destroys encryption keys of any type, including symmetric cryptographic keys and asymmetric cryptographic keys.)).

Claim 3 Disclosure of Libman (EX1007) at Spies (EX1006) [3.0] The system of claim

Spies: The system of claim 1 (see Claim 1, supra) wherein each media file request sent by said player/receiver includes an


27

1 wherein each media file request sent by said player/receiver includes an encryption key; and

encryption key (random symmetric bulk data encryption key, Spies at 7:4144; id. at 8:2628 (After the IC card 50 has been verified, the video merchant 22 grants the purchaser 26 decryption capabilities to the ordered video content program.).); and

[3.1] wherein said authorization sent by said transaction server includes said encryption key; and

Spies: wherein said authorization sent by said transaction server (secure key store 40, Spies at Fig. 1, and 5:2553) includes said encryption key (secure key store 40 of Spies is necessarily knowledgeable of the random symmetric bulk data encryption key and can construct the subsequently transmitted decryption capabilities using the random symmetric bulk data encryption key, Spies at 7:4148); Spies discloses that the order (request) is encrypted with a random symmetric bulk data encryption key. Spies at 7:4648. Spies discloses that In many cases, the encryption key and the decryption key are the same. Spies at 7:4647); id. at 16:1930 (At step 318 in FIG. 11, the key manager 222 . . . provides a program key for the ordered video content program. This program key can be created at the point of order, or previously generated and stored in program keys database 212.); and

[3.2] wherein said authorized provider site encrypts said media file using said encryption key.

Spies: wherein said authorized provider site (video merchant of Spies) encrypts said media file using said encryption key (encryption key and decryption key are the same); id. at 16:3040 (The headend server 210 then retrieves the ordered program from the video program storage 214 and configures the digital data stream into individual packets. The video encryption device 220 executing on the headend server 210 generates packet keys for each associated video data packet (step 328 in FIG. 12). The video encryption device 220 then encrypts the video data packets according to a function of the associated packet key and the program key (step 330).).

Claim 4 Disclosure of Libman (EX1007) at Spies (EX1006) [4.0] The system of claim 1 wherein each media file request sent by said

Spies: The system of claim 1 (see claim 1, supra) wherein each media file request sent by said player/receiver includes a unique dynamically generated encryption key (random symmetric bulk data encryption key, Spies at 7:4144) (id at


28

player/receiver includes a unique dynamically generated encryption key; and

3:1924 (To enhance security, the IC card has a pair of public and private exchange keys and a pair of public and private signing keys. When the purchaser selects a video, the IC card digitally signs the order using the private signing key and passes a credential with the public exchange and signing keys to the video merchant computing unit.); id. at 9:4752 (The video encryption device 66 encrypts each packet according to a function of the cryptographic program key for the entire program and a cryptographic packet key that is uniquely generated for each packet itself.) (emphasis added); id. at 16:1930 (. . . the key manager 222 executing on headend server 210 provides a program key for the ordered video content program. This program key can be created at the point of order . . . The headend server 210 encrypts the program key with the public exchange key of the IC card 50 (step 320).) (emphasis added).

[4.1] wherein said authorization sent by said transaction server includes said encryption key; and

Spies: wherein said authorization sent by said transaction server (secure key store 40, Spies at Fig. 1 and 5:2553) includes said encryption key (secure key store 40 of Spies constructs the subsequently transmitted decryption capabilities using the random symmetric bulk data encryption key, id. at 7:4148); and

[4.2] wherein said authorized provider site uses said encryption key to dynamically encrypt said media file concurrently with downloading said file to said requesting player/receiver.

Spies: wherein said authorized provider site (video merchant of Spies) uses said encryption key to dynamically encrypt said media file (provider computing unit 34 retrieves the video data stream from the video program storage 30 and configures it in individual packets of digital video data. id. at 9:4346) concurrently with downloading said file to said requesting player/receiver (The packets Pi1, Pi, and Pi+1 are provided on the distribution medium to the viewer computing unit 60. Spies at 10:3032); id. at 3:4448 (The video encryption device encrypts the video data stream using the cryptographic program key that is unique to the ordered video content program and included in the decryption capabilities.).

Claim 5 Disclosure of Libman (EX1007) at Spies (EX1006) 5. The system of claim 4 wherein said

Spies: The system of claim 4 (see claim 4, supra) wherein said requesting player/receiver uses said encryption key (random symmetric bulk data encryption key, Spies at 7:4144; encryption


29

requesting player/receiver uses said encryption key to dynamically decrypt said encrypted media file downloaded thereto concurrently with playing back said file on said television set and/or audio equipment.

and decryption keys can be the same, id. at 7:4647) to dynamically decrypt said encrypted media file downloaded thereto concurrently with playing back said file on said television set and/or audio equipment (packets containing video are decrypted and decrypted video is passed onto the display for viewing, id. at 10:4956); id. at 3:4850 (The IC card uses the stored program key to at least partly decrypt the video data stream provided from the distribution medium.); id. at 3:5164 ([T]he video encryption device configures the video data stream in individual packets of digital video data and encrypts each packet according to a function of a cryptographic packet key associated with each packet and the cryptographic program key. The packet key is sent to the viewer computing unit along with the encrypted video data packets. The purchaser IC card partly decrypts each packet according to the same function of the cryptographic program key and the associated cryptographic packet key without exposing the program key. The viewer computing unit completes the decryption process where the IC card leaves off.); id. at 10:5556 (The decrypted video data is then passed to the display 62 for viewing.).

Claim 6 Disclosure of Libman (EX1007) at Spies (EX1006) 6. The system of claim 1 wherein said requesting player/receiver plays back said media file on said television set and/or audio equipment concurrently with said decryptor decrypting said media file.

Spies: The system of claim 1 (see Claim 1, supra) wherein said requesting player/receiver plays back said media file on said television set and/or audio equipment concurrently with said decryptor decrypting said media file (packets containing video are decrypted and decrypted video is passed onto the display for viewing, Spies at 10:4956) (Spies discloses how sharing processor workload for decryption at the player/receiver by sharing the decryption responsibility between a smart card and the viewer computing unit. Id at 11:119; id. at 11:1019 (the IC card 50 is able to timely perform a partial decryption by expanding the packet key to the expanded key. The viewer computing unit can then use the expanded key to finish the decryption process, without ever having access to the decryption capabilities stored on the IC card.).

Claim 7 Disclosure of Libman (EX1007) at Spies (EX1006) [7.0] The system Libman/Spies: The system of claim 1 (see Claim 1, supra)


30

of claim 1 wherein each player/ receiver includes:

wherein each player/ receiver includes:

[7.1] a digital storage device for storing downloaded encrypted media files; and

Libman: a digital storage device for storing downloaded encrypted media files, Libman at 93 (and residential equipment such as set-top terminals (STTs) or personal computers.); and Spies: a digital storage device for storing downloaded encrypted media files Id. at 3:519 (describing a STB, a desktop or portable computer, a DVD player, or some other computing mechanism that is capable of handling video content programs, and various computing units with storage memories for storing the video programs); and

[7.2] a user interface for accessing a stored encrypted media file and for controlling playback of said accessed file.

Libman: a user interface (Local interfaces include a command line interface, as well as a graphical user interface (GUI), Libman at 98), for accessing a stored encrypted media file and for controlling playback of said accessed file (an STT may receive the menu information from the Video Manager, which in turn can deliver one of several different service directories . . . This directory information . . . may, as an application design issue, combine it with graphics, animation, or audio effects. Libman, at 98); Spies: a user interface (id. at 15:960 (The VOD application presents a user interface); for accessing a stored encrypted media file and for controlling playback of said accessed file (id. at 15:960 (The VOD application presents a user interface which permits the subscriber to browse a wide selection of programs (movies, video games, TV shows, educational features, etc.) and rent the program they want to see immediately from their own TV sets.).

Claim 8 Disclosure of Libman (EX1007) at Spies (EX1006) 8. The system of claim 7 wherein each user interface controls playback of an accessed

Libman: The system of claim 7 (see claim 7, supra) wherein each user interface (id. at 98 (Local interfaces include a command line interface, as well as a graphical user interface (GUI) or menu information); controls playback of an accessed media file (id. at 95 (Each STT is responsible for


31

media file by causing its associated media file decryptor to decrypt the accessed file concurrently with playing back the file on the television set and/or audio equipment at the same user site.

tuning to the appropriate 6-MHz channel and decoding a specific program,)) by causing its associated media file decryptor to decrypt the accessed file concurrently (Id. (For broadcast services, receiving provisioning information from VIPs that determines which program streams an STT is authorized to decode. Id.) with playing back the file on the television set and/or audio equipment at the same user site; Spies: The system of claim 7 (see claim 7, supra) wherein each user interface (id. at 15:960 (The VOD application presents a user interface); controls playback of an accessed media file (id. at 15:960 (a user interface which permits the subscriber to browse a wide selection of programs (movies, video games, TV shows, educational features, etc.) and rent the program they want to see immediately from their own TV sets.) by causing its associated media file decryptor to decrypt the accessed file concurrently (id. at 11:1019 (the IC card 50 is able to timely perform a partial decryption by expanding the packet key to the expanded key. The viewer computing unit can then use the expanded key to finish the decryption process, without ever having access to the decryption capabilities stored on the IC card.); with playing back the file on the television set and/or audio equipment at the same user site (id. at 15:22-23 to see immediately from their own TV sets.);

Claim 9 Disclosure of Libman (EX1007) at Spies (EX1006) 9. The system of claim 7 wherein each said player/ receiver includes means for displaying a program guide listing media files stored by the digital storage device therein.

Libman: The system of claim 7 (see claim 7, supra) wherein each said player/ receiver (the users interface to the system, which is typically is a personal computer, workstation, or a television set top box, Libman at 93) includes means for displaying a program guide listing media files stored by the digital storage device therein (an STT may receive the menu information from the Video Manager, which in turn can deliver one of several different service directories . . . This directory information . . . may, as an application design issue, combine it with graphics, animation, or audio effects. Libman, at 98); Spies: The system of claim 7 (see claim 7, supra) wherein each


32

said player/ receiver (id. at 6:4245 (. . . set-top box (STB) connected to or integrated with a television, a desktop or portable computer, or some other computing mechanism that is capable of handling video content programs transmitted over the network.) includes means for displaying a program guide listing media files stored by the digital storage device therein id. at 3:1318 (The purchaser browses the selections via a user interface program, such as the video-on-demand mode in interactive television systems.); id. at 13:6814:7 (VOD allows the subscribers to interactively peruse and select video content programs from the virtual video store.) id. at 15:1743;

Claim 10 Disclosure of Libman (EX1007) at Spies (EX1006) [10.0] The system of claim 1 wherein said transaction-server generates a program guide listing media files stored on said provider site media file storage devices;

Libman: The system of claim 1 (see claim 1, 8, 9, supra) wherein said transaction-server generates a program guide listing media files stored on said provider site media file storage devices (an STT may receive the menu information from the Video Manager, which in turn can deliver one of several different service directories . . . This directory information . . . may . . . combine it with graphics, animation, or audio effects. Id. at 98);

[10.1] and means at each of said user sites for displaying said program guide.

Libman: and means at each of said user sites (Libman at 98) for displaying said program guide (Id. (This directory information . . . may, as an application design issue, combine it with graphics, animation, or audio effects.); Spies: and means at each of said user sites for displaying said program guide (id. at 3:1318 (The purchaser browses the selections via a user interface program, such as the video-on-demand mode in interactive television systems, and orders a video content program.)); Id. at 15:1743 (The VOD application presents a user interface which permits the subscriber to browse a wide selection of programs (movies, video games, TV shows, educational features, etc.).).

Claim 11 Disclosure of Libman (EX1007) at Spies (EX1006) 11. The system of claim 10 wherein said transaction

Libman: The system of claim 10 (see claim 7, supra) wherein said transaction server customizes the program guide displayed at each user site (id. at 98 (an STT may receive the


33

server customizes the program guide displayed at each user site based on profile data collected from the respective player/ receiver at each user site.

menu information from the Video Manager, which in turn can deliver one of several different service directories . . . This directory information . . . may . . . combine it with graphics, animation, or audio effects.)) based on profile data collected from the respective player/receiver at each user site (id. at 97 (The Video Manager also maintains a profile database, including preselected services information and any viewing restrictions set by parents.)). Spies: The system of claim 10 (see claim 7, supra) wherein said transaction server customizes the program guide displayed at each user site (id. at 13:2530 (The video purchasing application allows the purchaser to browse from his/her own home those video content programs that are available from the video merchant and to order one.)); based on profile data collected from the respective player/receiver at each user site id. at 14:1314 ([] subscriber account database 218.).

Claim 12 Disclosure of Libman (EX1007) at Spies (EX1006) [12.0] The system of claim 1 wherein each media file request includes user identification data;

Libman: The system of claim 1 (see Claim 1, supra) wherein each media file request includes user identification data (id. at 98 (This model requires the end user to self-identify by entering a personal identification number (PIN), hardware address, profile database); id. at 97 (The Video Manager also maintains a profile database, including preselected services information and any viewing restrictions set by parents.) id. at 97 ( The Video Manager has an authentication feature that detects whether the hardware address of the residential customer premises equipment matches its network point of presence.)); Spies: The system of claim 1 (see Claim 1, supra) wherein each media file request includes user identification data (Id. at Claim 16, 25, 33, 45 (PIN)); id. at 6:2425 (The IC card sends its credential 54 to the merchant computing unit 44 for authentication.); id. at 3:1929 (To enhance security, the IC card has a pair of public and private exchange keys and a pair of public and private signing keys.)).

[12.1] and wherein said

Libman: and wherein said transaction server (Video Manager) responds to receipt of said user identification data (id. at 97


34

transaction server responds to receipt of said user identification data for verifying account status for the identified user.

(hardware address or PIN) for verifying account status for the identified user Lipman at 97 (The Video Manager will block service if these values do not match.). Spies: and wherein said transaction server (video merchant computing unit) responds to receipt of said user identification data (id. at Claims 16, 25, 33, 45 (PIN); id. at 3:2124 (When the purchaser selects a video, the IC card digitally signs the order using the private signing key and passes a credential with the public exchange and signing keys to the video merchant computing unit.); for verifying account status for the identified user (id. at 3:2427 (The video merchant computing unit authenticates the digital signature using the purchaser's public signing key. The video merchant computing unit then encrypts the decryption capabilities with the purchaser's public exchange key and digitally signs them.)).

Claim 13 Disclosure of Libman (EX1007) at Spies (EX1006) 13. The system of claim 1 wherein said transaction server selectively responds to a media file request by initiating an electronic banking transaction to debit a user account and/or credit a provider account.

Libman: The system of claim 1 (see claim 7, supra) wherein said transaction server (Video Manager,) selectively responds to a media file request by initiating an electronic banking transaction to debit a user account and/or credit a provider account (id. at 97 (The Video Manager provides essential services to network providers, with tools for . . . and billing data collection); (id. at 98 (Billing records contain information pertinent to network usage billing.); id. (The data can be formatted on a remote billing system and retrieved on demand or at a scheduled time, or it can be processed locally.)); Spies: The system of claim 1 (see claim 7, supra) wherein said transaction server (Merchant Computer 44,) selectively responds to a media file request by initiating an electronic banking transaction to debit a user account and/or credit a provider account (id. at 16:318 ([T]he STB or IC card might encrypt the symmetric keys used to encrypt the order and payment instructions with the public exchange keys of the intended recipient so that the cable operator can open only the order, and the financial institution can open only the payment instruction. Once the financial institution decrypts and verifies the payment


35

instruction, it debits the subscribers account and returns a signed authorization receipt to the cable operator.).

Claim 14 Disclosure of Libman (EX1007) at Spies (EX1006)

[14.0] A method for executing user transaction requests for delivering digital media files via the Internet for driving a user site television set and/or audio equipment comprising the steps of:

Libman: A method for executing user transaction requests (see Claim 1, supra; Libman at 92 (using user-to-network architecture; id. at 94, 95 user requests) for delivering digital media files (id. at 92 (provides an infrastructure for delivering interactive multimedia services, one of which may be video.) via the Internet (id. at Title, 95, 100 (Video Network, ATM network, interactive video network, broadband) for driving a user site television set and/or audio equipment (Id. at 93 (residential equipment such as set-top terminals (STTs) or personal computers,) comprising the steps of: Spies: A method for executing user transaction requests (see Claim 1, supra; Spies, Abstract ([M]ethod for secure purchase and delivery of video content programs over various distribution media); via the Internet (id. at 14:4042 (The subscriber STB 230 is interconnected with the headend 208 via an interactive network structure represented by the network cloud 206.); id. at 14:2730 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet.) for driving a user site television set and/or audio equipment (id. at 13:5760 (Interactive entertainment network system 200 has a cable operator 202 interconnected to multiple subscribers 204 via an interactive network 206.).

[14.1] enabling each of a plurality of users to generate a transaction request including user identification information and media file identification information;

Libman: enabling each of a plurality of users (id. at Fig. 1 (a plurality of set-top terminals at user sites; id. at 93 residential equipment such as set-top terminals (STTs) or personal computers,) to generate a transaction request (id. at 98 (After the end user makes a selection, the STT sends the selection identifier to the Video Manager.) including user identification information and media file identification information (id. at 98 (This model requires the end user to self-identify by entering a personal identification number (PIN) before receiving service. With this service model, the Video


36

Manager can support multiple end users.)). Spies: enabling each of a plurality of users (id. at 13:5760 (Interactive entertainment network system 200 has a cable operator 202 interconnected to multiple subscribers 204 via an interactive network 206.)); to generate a transaction request including user identification information and media file identification information ((id. at 6:2425 (credential 54); id at 13:3842 (The decryption unit 170 stores an identification number of the viewer computing unit which can be sent to the video provider (i.e., a cable operator) for verification that the computing unit is authorized.)).

[14.2] communicating each transaction request via the Internet to a transaction server;

Libman: communicating each transaction request via the Internet to a transaction server (id. at 98 (After the end user makes a selection, the STT sends the selection identifier to the Video Manager.); Spies: communicating each transaction request via the Internet to a transaction server (id. at 6:5258 (Once a program is selected, the purchaser computing unit generates an order for the video content program and sends the credential 54 along with the order over the network to the video merchant.)).

[14.3] causing said transaction server to verify said user identification information and

Libman: causing said transaction server to verify said user identification information (see claim 12, supra; Libman PIN, hardware address, profile database; Id. at 97 (The Video Manager has an authentication feature that detects whether the hardware address of the residential customer premises equipment matches its network point of presence. . . . The Video Manager also maintains a profile database, including preselected services information and any viewing restrictions set by parents.). Spies: causing said transaction server to verify said user identification information (see, e.g., id. at Claim 16, 25, 33, 45 (PIN); id. at 3:1929 (To enhance security, the IC card has a pair of public and private exchange keys and a pair of public and private signing keys.)).

[14.4] identify which Libman: identify which of a plurality of media servers


37

of a plurality of media servers stores the identified media file;

stores the identified media file (id. at 97 (Control messages are exchanged between the STT and the Video Manager along this connection, enabling the Video Manager to determine the desired service for the particular session. The Video Manager informs the selected VIP of the request made by the STT and sets up a network connection between the STT and the VIP.).) Spies: identify which of a plurality of media servers stores the identified media file (id. at 14:711 (headend 208 has a server 210 (or more likely, several servers) . . . . The headend 208 also has a program keys database 212, a video program storage 214.); id. at 15:1724 (The VOD application presents a user interface which permits the subscriber to browse a wide selection of programs (movies, video games, TV shows, educational features, etc.) and rent the program they want to see immediately from their own TV sets.); id. at 16:3033 (The headend server 210 then retrieves the ordered program from the video program storage 214 and configures the digital data stream into individual packets.).)

[14.5] enabling said transaction server to instruct the identified media server via the Internet to download the identified media file to the requesting user directly via the Internet;

Libman: enabling said transaction server (Video Manager) to instruct the identified media server (server) via the Internet to download the identified media file to the requesting user directly via the Internet (direct signaling between the client and server occurs via the user-to-user signaling protocol, without involving the Video Manager. Video and data are transferred over a unidirectional or bidirectional pipe from the server to the client. Libman at 99; see Fig. 2, Fig. 1. Spies: enabling said transaction server (video merchant) to instruct the identified media server (e.g., video provider computing unit 34) via the Internet to download the identified media file to the requesting user directly via the Internet (id. at 14:2730 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet, to computers or network terminals which display the images.); id. at 9:4044 (. . . the video provider computing unit 34 has a video


38

encryption device 66 which supplies a video data stream 70 of the purchaser video content program in encrypted format to the viewer computing unit 60.).

[14.6] causing said identified media server to uniquely encrypt the identified media file and download it directly via the Internet to the requesting user; and

Libman: causing said identified media server (server) to uniquely encrypt the identified media file (id. at 95 (to control access and privacy, to keep the files encrypted between just the parties, because the the transmission medium in this access architecture is shared.)) and download it directly via the Internet to the requesting user (id. at 99 (direct signaling between the client and server occurs via the user-to-user signaling protocol, without involving the Video Manager. Video and data are transferred over a unidirectional or bidirectional pipe from the server to the client.)); and Spies: causing said identified media server (video provider computing unit 32) to uniquely encrypt the identified media file (id. at 9:4044 ( . . .the video provider computing unit 34 has a video encryption device 66 which supplies a video data stream 70 of the purchaser video content program in encrypted format to the viewer computing unit 60.); id. at 3:4447 (The video encryption device encrypts the video data stream using the cryptographic program key that is unique to the ordered video content program and included in the decryption capabilities.); and download it directly via the Internet (id. at 14:2730 (Current and proposed technology further permits image transmission from a server over conventional data networks, such as the Internet, to computers or network terminals which display the images.) to the requesting user (Id. at 9:4044 ( . . .the video provider computing unit 34 has a video encryption device 66 which supplies a video data stream 70 of the purchaser video content program in encrypted format to the viewer computing unit 60.);

[14.7] enabling only the requesting user to decrypt said encrypted media file for playback on a television set

Libman: enabling only the requesting user to decrypt said encrypted media file (see Claim Limitation 1.13, 14.414.5, supra,) for playback on a television set and/or audio equipment at the requesting user's site (Libman at 95 (Each STT is responsible for tuning to the appropriate 6-MHz channel and decoding a specific program.); (id. (For


39

and/or audio equipment at the requesting user's site.

broadcast services, receiving provisioning information from VIPs that determines which program streams an STT is authorized to decode. Id.)); Spies: enabling only the requesting user to decrypt said encrypted media file (see Claim Limitation 1.13, 14.414.5, supra,) for playback on a television set and/or audio equipment at the requesting user's site (id. at 9:4044 ([T]he video provider computing unit 34 has a video encryption device 66 which supplies a video data stream 70 of the purchaser video content program in encrypted format to the viewer computing unit 60.); id. at 5:2532 (The provider computing unit 34 might be configured as a continuous media server that transmits video programs over a distribution network (e.g., ITV networks, computer networks, online networks.)).

Claim 15 Disclosure of Libman (EX1007) at Spies (EX1006) [15.0] The method of claim 14 wherein said step of generating a transaction request includes generating an encryption key; and

Spies: The method of claim 14 (see supra Cl. Limitation [3.1], Cl. 14) wherein said step of generating a transaction request includes generating an encryption key (id at 7:4144 (random symmetric bulk data encryption key)); (id. at 16:3040 (The headend server 210 then retrieves the ordered program from the video program storage 214 and configures the digital data stream into individual packets. The video encryption device 220 executing on the headend server 210 generates packet keys for each associated video data packet (step 328 in FIG. 12). The video encryption device 220 then encrypts the video data packets according to a function of the associated packet key and the program key (step 330).); and

[15.1] including the further step of: causing said transaction server to send said encryption key to said identified media server.

Spies: including the further step of: causing said transaction server (secure key store 40, Spies at Fig. 1, 5:2553) to send said encryption key to said identified media server (secure key store 40 of Spies is knowledgeable of the random symmetric bulk data encryption key and transmits it to the media server, Spies at 7:4148). Spies discloses that the order (request) is encrypted with a random symmetric bulk data encryption key. Spies at 7:4648. Spies


40

discloses that In many cases, the encryption key and the decryption key are the same. Spies at 7:4647); id. at 16:1930 (At step 318 in FIG. 11, the key manager 222 . . . provides a program key for the ordered video content program. This program key can be created at the point of order, or previously generated and stored in program keys database 212.).

Claim 16 Disclosure of Libman (EX1007) at Spies (EX1006) 16. The method of claim 15 wherein said step of encrypting said identified media file includes using said encryption key to uniquely encrypt said identified media file.

Spies: The method of claim 15 (see supra Claims 2 and 15) wherein said step of encrypting said identified media file includes using said encryption key (random symmetric bulk data encryption key, Spies at 7:4144) to uniquely encrypt said identified media file (provider computing unit 34 retrieves the video data stream from the video program storage 30 and configures it in individual packets of digital video data. Spies at 9:4346); Spies discloses that In many cases, the encryption key and the decryption key are the same. Spies at 7:4647; id. at 8:2732 (The decryption capabilities are unique to the IC card and the purchased program so that the capabilities cannot be transferred to other people or other video programs.); id. at 9:4752 (The video encryption device 66 encrypts each packet according to a function of the cryptographic program key for the entire program and a cryptographic packet key that is uniquely generated for each packet itself.) (emphases added)).

Claim 17 Disclosure of Libman (EX1007) at Spies (EX1006) 17. The method of claim 15 wherein said step of generating an encryption key includes the step of generating a unique key for each different transaction request.

Spies: The method of claim 15 (See supra Cl. 2, 15.) wherein said step of generating an encryption key includes the step of generating a unique key for each different transaction request (random symmetric bulk data encryption key, Spies at 7:4144; Spies at 8:2732 (The decryption capabilities are unique to the IC card and the purchased program so that the capabilities cannot be transferred to other people or other video programs.); id. at 9:4752 (The video encryption device 66 encrypts each packet according to a function of the cryptographic program key for the entire program and a cryptographic packet key that is uniquely generated for each


41

packet itself.) (emphasis added). Claim 18 Disclosure of Libman (EX1007) at Spies (EX1006) 18. The method of claim 16 wherein said step of decrypting includes using said encryption key to decrypt said identified media file.

Spies: The method of claim 16 (see supra claim 16) wherein said step of decrypting includes using said encryption key (random symmetric bulk data encryption key, Spies at 7:4144, encryption and decryption keys can be the same, Spies at 7:4647) to decrypt said identified media file (packets containing video are decrypted and decrypted video is passed onto the display for viewing, Spies at 10:4956); id. at 8:2628 (After the IC ca

IPR2015-01061

Documents

petition patent

patent trial

patent prosecution

united states patent

llc patent owner

unified patents

claimed invention

partes review of