Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

Intellectual Ventures I, LLC v. Lenovo Group. Ltd.

United States District Court, D. Massachusetts

September 9, 2019

Intellectual Ventures I, LLC, Intellectual Ventures II, LLC, Plaintiffs,
v.
Lenovo Group Ltd., Lenovo United States Inc., LenovoEMC Products USA, LLC, and EMC Corp., Defendants. Intellectual Ventures I, LLC, Intellectual Ventures II, LLC, Plaintiffs,
v.
NetApp, Inc., Defendant. IV's Proposed Construction Defendants' Proposed Construction IV's Proposed Construction Defendants' Proposed Construction IV's Proposed Construction Defendants' Proposed Construction IV's Proposed Construction Defendants' Proposed Construction

          MEMORANDUM AND ORDER ON CLAIM CONSTRUCTION

          Patti B. Saris Chief United States District Judge

         INTRODUCTION

         Intellectual Ventures I, LLC and Intellectual Ventures II, LLC (collectively, “IV”) accuse Defendants EMC Corporation, Lenovo Group Ltd., Lenovo (United States) Inc., LenovoEMC Products, USA, LLC, and NetApp, Inc. (collectively “Defendants”) of infringing U.S. Patent No. 6, 968, 459 (the “'459 patent”) entitled “Computing environment having secure storage device.” IV asserts claims 15, 18, 24, and 25. Independent claims 15 and 18 state:

         15. A method for accessing a storage device comprising:

detecting a storage device within the storage drive;
sensing whether a storage device has device-specific security information stored thereon;
providing full-access to the storage device when the storage device has the device-specific security information by:
encrypting digital data using the security information during a write access to write the digital data to the storage device; and
decrypting digital data using the security information during a read access to read the digital data from the storage device; and
providing restricted-access to the storage device when the storage device does not store the device-specific security information by preventing the digital data from being written to the storage device during the write access.
18. A method for controlling access to a storage device comprising:
detecting a storage device within a storage drive;
sensing whether the storage device has security information generated from a combination of device-specific information associated with the storage device and user-specific information associated with a user; configuring the storage drive to prevent write access to the storage device when the security information is not sensed; and
configuring the storage drive to permit write access by encrypting digital data using the security information and writing the encrypted digital data to the storage device when the security information is sensed.

'459 patent, claims 15 and 18. The parties dispute the claim construction of five terms: (1) “detecting a storage device within a storage drive, ” including disputes around “storage device” and “storage drive, ” (2) “sensing whether a storage device has [device-specific] security information, ” (3) “device-specific security information, ” (4) “security information generated from a combination of device-specific information associated with the storage device and user-specific information associated with a user, ” and (5) “encrypting digital data using the security information.” The Court held a non-evidentiary Markman hearing on April 24, 2019, and the parties submitted supplemental briefing afterwards.

         BACKGROUND

         The '459 patent relates to a method of creating a secure computing environment by “preventing the authorized user from using sensitive data in an unauthorized manner.” '459 patent, col. 1, ll. 21-23. With “conventional security measures” prior to the invention claimed in the '459 patent, it was “very difficult to prevent an authorized user from appropriating sensitive data by simply copying the sensitive data to a removable storage device such as a floppy diskette.” Id. at col. 1, ll. 23-26. To address this issue, the inventors of the '459 patent developed a computing environment “in which a computer automatically operates in a secure ‘full-access' data storage mode when the computer detects the presence of a secure removable storage device.” Id. at col. 1, ll. 36-39. Alternatively, “[i]f the computer senses a non-secure removable storage device then the computer automatically operates in a ‘restricted-access' mode.” Id. at col. 1, ll. 39-42.

         Figure 1 of the '459 patent, below, illustrates a system-level overview, depicting “a diagram of a computer 100 that automatically operates in a secure data storage mode when the computer 100 senses that storage device 151 is a secure storage device.” Id. at col. 2, ll. 30-33. “Each storage device 151 represents a removable device having a storage medium for holding digital information such as a floppy diskette . . . .” Id. at col. 3, ll. 8-10. “Each removable media drive 121 represents a device suitable for servicing access requests for storage device 151 such as a floppy drive . . . .” Id. at col. 3, ll. 13-15.

         (Image Omitted)

         According to the invention, “computer 100 automatically operates in full-access data storage mode only when the computer 100 detects a secure removable storage device 151 present within any one of the removable media drives 121.” Id. at col. 3, ll. 57-60. To “automatically detect whether a storage device 151 is a secure device, computer 100 determines whether device-specific security information was written to storage device 151.” Id. at col. 4, ll. 6-9. Method 200, illustrated in the figure below, details an exemplary way in which software applications 136 on computer 100 (hereinafter referred to as the “storage manager”) detect the required security information to allow computer 100 to operate in full-access mode.[1] See Id. at col. 4, ll. 46-52. “In block 204, the storage manager detects whether storage device 151 is a ‘secure' removable device by attempting to read any device-specific security information from storage device 151.”[2] Id. at col. 5, ll. 7-10. “In block 206, the storage manager retrieves drive-specific security information that is specific to removable media drive 121 such as a serial number or calibration parameters . . . .” Id. at col. 5, ll. 20-22. “In block 208, the storage manager retrieves user-specific security information from the computer user by, for example, prompting the user for a password, or performing a retina or fingerprint scan.” Id. at col. 5, ll. 39-42. “In block 210, the storage manager retrieves manufacturing information that was physically etched on storage device 151 during the manufacturing process." Id. at col. 5, 11. 47-49.[3]

         (Image Omitted)

         If for some reason the storage manager is unable to read or retrieve the necessary security information in one of the blocks, the storage manager proceeds to block 216 and operates computer 100 in a restricted-access data storage mode. Id. at col. 5, ll. 15-19, 35-38, 42-46, 54-57. In restricted-access mode, removable media-drive 121 is configured “as a read-only drive such that the user can read data from the removable storage device but cannot write data to the drive. In addition, the user is prevented from accessing non-sensitive data within the organization.” Id. at col. 7, ll. 9-13.

         Otherwise, if the storage manager is able to retrieve or read the required security information, then “[i]n block 212, the storage manager generates a cryptographic key by combining the information, or a portion thereof, that was retrieved in blocks 206 through 210.” Id. at col. 5, ll. 58-60. In one embodiment, “the storage manager combines, such as by concatenating, all or various portions of the information that was retrieved in blocks 206 through 210 and submits the result to a conventional cryptographic hashing algorithm.” Id. at col. 6, ll. 4-8. When the storage manager is successfully able to complete method 200, computer 100 operates in full-access mode.

         When the computer is operating in full-access mode, “storage management software uses a cryptographic key to encrypt and decrypt the data stream between the computer and the removable storage device.” Id. at col. 3, ll. 61-64. Depending upon the system's selected security ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.