DATA SECURITY FOR NETWORK SLICE MANAGEMENT

Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Response to Amendments and Arguments The Applicant has further amended independent claims 49 & 57& 64 and argued in Remarks dated 01/27/2026 that Feng, Kshirsagar, Dangi, Senarath and Caldera alone or in combination do not disclose “the attributes further comprise at least one of a type of the data, a timestamp of the generation of the indication, an original hash value of the data, or a signature of the first device”. Examiner considered these arguments but found them to be moot as Examiner changed ground by introducing new reference. The Applicant further stated in the said remarks that cited arts do not teach all elements of claims 49, 57, 60, 64-65 & 68. Examiner respectfully disagrees and reiterates that the current cited arts in combination teaches all the limitations of claims 49-50, 52-54, 56-61, 63-65, & 67-68. The Applicant further stated in the said remarks that “Applicant submits that certain embodiments of the invention achieve distinct advantages that are not provided by Feng, Kshirsagar, Dangi, Senarath or Basin. For instance, it is possible to provide data security for network slice management by means of a blockchain-based management entity. Feng, Kshirsagar, Dangi, Senarath, and Basin whether individually or in combination, fail to disclose or suggest the elements of any of claims 49, 50, 52, 57, 58, 60, 64, 65, 67, and 68, and therefore fail to provide the advantages noted above and those explained in the specification”. Examiner respectfully disagree with this statement as claims do not explicitly recite this statement as well as Kshirsagar teaches integrity and security of Blockchain. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 49, 57, 60, 64-65 & 68 are rejected under 35 USC 103 as being unpatentable over Feng (WO2019/141290A2 as mentioned in IDS dated 5/01/2023) in view of Kshirsagar (US20190141026 as mentioned in IDS dated 3/01/2024), Giura (US 20180013547 A1) and, Senarath (US20190132218) Regarding claim 49, Feng teaches: a first device comprising: at least one processor; and at least one memory including computer program codes; the at least one memory [paragraph 0087: Referring again to FIG. 6, it can be interpreted …. processing server configured to process data elements to be stored into a blockchain network. An execution body in essence can be an electronic device, and the electronic device includes the following: one or more processors; and a memory configured to store an executable instruction of the one or more processors. and the computer program codes are configured to, with the at least one processor, ] cause the first device at least to: transmit at least one entry associated with attributes of data generated by the first device to a second device; [0055] At 408, after accepting the request, the blockchain data element processing server 304 processes the data element 308 in the request and generate a blockchain data element (e.g., a blockchain transaction). In some embodiments, the blockchain data element includes an encrypted data element 310 and a first hash value of the data element 308 (data attribute). For example, the blockchain data element processing server 304 (first device) can generate the encrypted data element 310 based on the data element 308 and an encryption algorithm (e.g., Rivest-Shamir Adleman (RSA)). In some embodiments, the first hash value of the data element 308 can be computed using a hash algorithm (e.g., secure hash algorithm (SHA)). [0057] At 410, the blockchain data element processing server 304 submits the blockchain data element along with the digital signature to the blockchain network 306 (second device). in response to a request received from a third device for accessing the data, [0063] At 422, the client computing device 402b (third device) receives the response from the blockchain network 306 and sends a request to the blockchain data element processing server 304 (first device) for obtaining the data element 308 in the encrypted data element 310. In some embodiments, the request includes the encrypted data element 310 and an identity information of the client computing device 302b.] cause the third device to check the integrity of the data based on the attributes of the data obtained from the second device. [ para 0067: At 430, the client computing device 302b verifies integrity of the data element 308 from the blockchain data element processing server 304. In some embodiments, the client computing device 302b computes a second hash value of the data element 308 received from the blockchain data element processing server 304, and compares the second hash value to the first hash value of the data element 308 that is previously received from the blockchain network 306 at step 420. If the second hash value of the data element 308 matches the first hash value of the data element 308, the client computing device 302b determines integrity of the data element 308 and that the data element 308 is fit for use. If the second hash value of the data element 308 does not matches the first hash value of the data element 308, the client computing device 302b determines that the data element 308 is potentially corrupted and is not fit for use.] Although, Feng teach attributes of data, he does not explicitly teach, however, Kshirsagar teaches determine whether the third device has an authority for accessing the data based on the request, [0026] The authentication system 102 uses both the unique token and an integrity measurement value to authenticate the edge device 104. The integrity measurement value is a value or collection of values that indicate a relative health of the edge device 104. The edge device 104 gathers data (e.g., from internal sensors of the edge device 104) and calculates the integrity measurement value, which it periodically transmits to the authentication system 104. Upon receiving an authorization request from the edge device 104 that includes the unique token, the authentication system 102 uses the unique token to verify that the edge device 104 has registered with the authentication system 102 and gathers the latest integrity measurement value received from the edge device 104. The authentication system 104 then generates an access token based on the integrity measurement value.] in response to a determination that the third device has the authority for accessing the data, [0026] The authentication system 102 uses both the unique token and an integrity measurement value to authenticate the edge device 104. The integrity measurement value is a value or collection of values that indicate a relative health of the edge device 104. The edge device 104 gathers data (e.g., from internal sensors of the edge device 104) and calculates the integrity measurement value, which it periodically transmits to the authentication system 104. Upon receiving an authorization request from the edge device 104 that includes the unique token, the authentication system 102 uses the unique token to verify that the edge device 104 has registered with the authentication system 102 and gathers the latest integrity measurement value received from the edge device 104. The authentication system 104 then generates an access token based on the integrity measurement value.] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng with the disclosure of Kshirsagar. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for properly authenticating a user/device in a network environment. (abstract, para 0001-0005, Kshirsagar). Although, Feng and Kshirsagar teach first device as illustrated above, they do not teach explicitly, however, Giura teaches wherein the attributes further comprise at least one of, a type of the data, a timestamp of the generation of the indication, an original hash value of the data, or a signature of the first device; [0044] FIG. 3 provides additional illustration of system 100, now depicted as system 300, in accordance with additional example embodiments. System 300 include dictionary component 302 that in collaboration with encoding component 202, codec engine 102, processor 104, memory 106, and storage 108 constructs, generates, and maintains a data dictionary while encoding component 202 is encoding the event data comprising attributes a. In accordance with an example aspect, the data dictionary can comprise cryptographic public/private key pairings, one-way cryptographic hash functions employed to hash data, whether or not salt values were used and the values of the salt values, the encoded values of the attributes (e.g., the values of the attributes subsequent to the addition of salt values and encryption), the original values of the attributes (e.g., the values of the attributes prior to the addition of salt values and encryption), identify attributes that are inserted dummy attributes/fields, identify attributes to which an identity hash function rather than a one-way cryptograph hash function was applied, and identify attributes to which a one-way cryptographic hash function (and/or an identity function) was applied but to which no salt values were included, etc. The data dictionary created by dictionary component 302 can be persisted or stored to storage 108 and controlled (e.g., kept secret) by the business entity. As will be appreciated by those of ordinary skill, the generated data dictionary is not typically divulged to the third-party secure cloud computation vendors. Please also see paragraphs 0029-, 0037-0039] It is obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar with the disclosure of Giura The motivation or suggestion would have been to implement a system or method that will provide efficient & improved techniques for capturing, collecting and performing enterprise proprietary data analysis and to provide long term storage and/or supply the computational power necessary for processing the collected enterprise specific data. (abstract, para 0001-0004, Giura) Although, Feng, Kshirsagar and Giurai teach first device as illustrated above, they do not teach explicitly, however, Senarath teaches generate at least one indication associated with attributes of data while generating the data, wherein the attributes comprise at least one of fault data attributes, performance data attributes, and configuration data attributes, [[0086] the (B)SM 621 of the CSP 520 can establish the vertical service slice and provide the mechanism (e.g. instructions and information) to use the slice. This mechanism includes: [0087] the CSP 520 can send information including without limitation, the slice ID, a service ID (which may be specific to the slice) and/or an indication of the authentication mechanism to be used. This information may be used to identify the traffic (or traffic types) that are expected to be handled, additionally the information may include attributes that can be used in creating a PDU session by its end users. [0088] data (performance, fault, loading, traffic volume) used by each PDU session created by the end user of the CSC 510 is provided to the CSC 510. [0089] (2) NSMF 522 of the slice provider NSP 530-CSMF 521 of the CSP 520 [0090] available NSI types and attributes database can be provided to the CSMF 521 by the NSMF 522. [0091] the CSMF521 can send the network slice requirements to the NSMF 522 and negotiate for slice capabilities. [0092] fill an attribute table—(list provided in the technical report) may include without limitation, the network slice type. [0093] the NSMF 522 can send the slice type requested together with, without limitation, the slice ID, the authentication method, and how to access the MFs, how to configure the NFs, how to obtain performance management (PM) and/or fault management (FM) data, and/or how to do other lifecycle MFs on the 3rd party network slice provided to the CSMF 521.] It is obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar and Giura with the disclosure of Senarath. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques to provide a dynamic service level capability for a particular slice (abstract, para 0003-0013, Senarath) Regarding claims 57 & 64, these claims are interpreted to be similar and rejected for the same reasons set forth for claim 1. Regarding claim 60 & 65, Feng teaches wherein the second device is caused to receive a request for accessing the attributes of the data, [0020] …a client computing device submits a request … or retrieve a data element from a blockchain network, . client computing device authenticated by a blockchain data.by receiving at least one of the following: a public key of the third device, a public key of the first device, a type of the data, and time for generating of the data. [0041] Asymmetric …. keys pairs that … a private key, and a public key, ..n the blockchain network. A node .. use the public key of … encrypted data can be decrypted using other node's private key. For example, … Participant A can use Participant B's public key to encrypt data, and send the encrypted data to Participant B. Participant B can use its private key to decrypt the encrypted data (ciphertext) and extract the original data(plaintext). Messages encrypted with a node's public key can only be decrypted using the node's private key.] Regarding claim 68, Feng teaches wherein the third device is caused to check the integrity of the data further comprises: determine a calculated hash value of the data; obtain the original hash value of the data from the attributes; compare the calculated hash value of the date with an original hash value of the data; and in response to determine that the calculated hash value equals to the original hash value, determine the data is unmodified. [para 0067: At 430, the client computing device 302b verifies integrity of the data element 308 from the blockchain data element processing server 304. In some embodiments, the client computing device 302b computes (calculates) a second hash value of the data element 308 received from the blockchain data element processing server 304, and compares the second hash value to the first hash value of the data element 308 that is previously received from the blockchain network 306 at step 420. If the second hash value of the data element 308 matches the first hash value of the data element 308, the client computing device 302b determines integrity of the data element 308 and that the data element 308 is fit for use. If the second hash value of the data element 308 does not matches the first hash value of the data element 308, the client computing device 302b determines that the data element 308 is potentially corrupted and is not fit for use.] Claims 50, 52, 58, & 67 are rejected under 35 USC 103 as being unpatentable over Feng in view of Kshirsagar, Giura, Senarath and Caldera (US 20170331828) Regarding claims 50 & 58, although, Feng, Kshirsagar and Giura and Senarath teach data attributes, they do not teach explicitly, however, Caldera teaches wherein the attributes comprise at least one of the following: an index of the data, a type of the data, an identifier of the first device, an identifier of the third device, a timestamp of the generation of the entry, a storage location of the data, an original hash value of the data, or a signature of the first device. [para 0043: …identification information of the device from which the access token is received…transaction etc.] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar and Giura and Senarath with the disclosure of Caldera. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for computerized access and to minimize the risk of fraudulent and/or illegal access at reduced costs. (abstract, para 0002-0008, Caldera) Regarding claim 52, although Feng, Kshirsagar and Giura and Senarath teach data attributes, they do not teach explicitly, however, Caldera teaches wherein the first device is caused to determine whether the third device has an authority for accessing the data further comprises: obtain an access token for accessing the data from the request; and in response to determination of a validity of the access token, determine that the third device has an authority for accessing the data. [para 0043: …identification information of the device from which the access token is received…transaction etc.] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar, Giura and Senarath with the disclosure of Caldera. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for computerized access and to minimize the risk of fraudulent and/or illegal access at reduced costs. (abstract, para 0002-0008, Caldera) Regrading claim 67, although Feng and Kshirsagar, Giura and Senarath teach data attributes, they do not teach explicitly, however, Caldera teaches wherein the third device is caused to transmit the request for accessing the data by transmitting at least one of the following: a public key of the third device, a storage location of the data at the first device, and an access token for accessing the data of the first device. [para 0043: …identification information of the device from which the access token is received…transaction etc.] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar, Giura and Senarath with the disclosure of Caldera. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for computerized access and to minimize the risk of fraudulent and/or illegal access at reduced costs. (abstract, para 0002-0008, Caldera) Claim 53 is rejected under 35 USC 103 as being unpatentable over Feng in view of Kshirsagar, Giura , Senarath, and Chalakudi (US20190114182) and Schmidt (US20070180225) Regarding claim 53, Feng teaches wherein the first device is caused to cause the third device to check the integrity of the data, [ At 430, the client computing device 302b verifies integrity of the data element 308 from the blockchain data element processing server 304.] Although, Feng and Kshirsagar and Giura and Senarath teach verifying integrity of the received data, he does not explicitly teach, however, Chalakudi teaches wherein the data is associated with a configuration of a service provided by the first device, [para 27: …. service provider system …configured to transmit….] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar and Giura and Senarath with the disclosure of Chalakudi. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for tamper proofing data received by third party. (abstract, para 0002-0006, Chalakudi) Although, Feng, Kshirsaga, Giura and Senarath, and Chalakudi teach checking data integrity, they do not teach explicitly, however, Schmidt teaches further comprises: obtain a public key of the third device from the request; encrypt a session key for the data access with the public key; encrypt the data with the session key; and transmit the encrypted data to the third device. [ para 0009: session key …. public key…. The server…decrypts the session key…. encrypts and/or decrypts…session key……] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng, Kshirsagar, Giura , Senarath and Chalakudi with the disclosure of Schmidt. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques secured transmission/exchange of sensitive/private data/information over unsecured network. (para 0001-0007, Schmidt) Claims 54 is rejected under 35 USC 103 as being unpatentable over Feng in view of Kshirsagar, Giura and Senarath and Rahman (US20190394655) Regarding claim 54, Feng teaches wherein the first device is caused to cause the third device to check the integrity of the data further comprises: transmit the data to the third device. [ para 0067: At 430, the client computing device 302b verifies integrity of the data element 308 (received) from the blockchain data element processing server 304.] Although, Feng and Kshirsagar and Giura and Senarath teach integrity of data, they do not explicitly teach, however, Rahman teaches wherein the data is associated with one of performance and fault of a service provided by the first device, [para 0085: ……performance management (PM) data……fault management (FM) data…..] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar and Giura and Senarath with the disclosure of Rahman. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for network slice and network service specific analysis for optimal resource utilization and efficient network performance assurance. (abstract, para 0002-0006, Rahman) Claims 56 & 63 are rejected under 35 USC 103 as being unpatentable over Feng in view of Kshirsagar, Giura and Senarath and Ishii (US20020099801) Regarding claims 56, although, Feng and Kshirsagar and Giura and Senarath teach communications between devices and servers, they do not teach explicitly, however, Ishii teaches wherein the first device is a service provider, the second device is a management entity and the third device is a service consumer. [para 0008-0010: server (second device)…provider (first device)…devices of users (third device).] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar and Giura and Senarath with the disclosure of Ishii. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for communications between multi-devices/servers. (abstract, para 0002-0008, Ishii) Regarding claim 63, although, Feng and Kshirsagar and Giura and Senarath teach communications between devices and servers, they do not teach explicitly, however, Ishii teaches wherein the first device is a service provider, the second device is a management entity and the third device is a service consumer. [para 0008-0010: server (second device) …provider (first device) …devices of users (third device).] Before the effective filing date of the claimed invention, it would have been obvious to one with ordinary skill in the art to combine the teachings of Feng and Kshirsagar and Giura and Senarath with the disclosure of Ishii. The motivation or suggestion would have been to implement a system that will provide efficient & improved techniques for communications between multi-devices/servers. (abstract, para 0002-0008, Ishii) Allowable Subject Matter Claims 59 & 61 are objected but will become allowable if incorporated in full including any intervening claims, if any, with base (independent) claims. Reasons of allowance are as follows: Regarding claim 59, although, cited arts teaches limitations of base claims none of the cited arts alone or in combination teaches wherein the at least one indication comprises a first indication and a second indication, and wherein the second device is caused to store the attributes of the data in the blockchain further comprises: extract a first plurality of attributes of the data from the first indication and a second plurality of attributes of the data from the second indication; and aggregate the first plurality of attributes of the data and the second plurality of attributes of the data into at least one block in the blockchain. Regarding claim 61, although, cited arts teaches limitations of base claims none of the cited arts alone or in combination teaches wherein the second device is further caused to: obtain a public key of the third device from the request; determine whether the public key of the third device is included in an authorized access list at the second device; and in response to the public key of the third device is included in the authorized access list, determine the authority for accessing the attributes of the data for the third device. Conclusion Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHER A KHAN whose telephone number is (571)272-8574. The examiner can normally be reached M-F 8:00 am-500pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A Shiferaw can be reached at 571-272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SHER A KHAN/Primary Examiner, Art Unit 2497