DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 11/19/2025 has been entered.
Response to Arguments
Applicant’s arguments, see page 9, filed 11/19/2025, with respect to the objection to claims 16-17 have been fully considered and are persuasive. The objection to claims 16-17 have been withdrawn.
Applicant's arguments, see pages 10-13, filed 11/19/2025, with respect to the rejection of claims 1-8, 10, and 12-15 under 35 U.S.C. § 102(a)(1) have been fully considered but they are not persuasive.
Applicant first argues that the previously presented Long reference does not anticipate the “roles” as claimed.
The Examiner respectfully disagrees.
Applicant fixates upon paragraph [0052-0054] of Long to support their argument regarding that allegedly the extension field mentioned by the Examiner is not communicated. Applicant is directed to consider paragraphs [0049-0051] of Long, which was properly mapped in the Final Rejection mailed 09/19/2025, disclosing “S203. The SM-SR entity sends a certificate and a signature to the eUICC. Specifically, the SM-SR entity pre-stores a PKI certificate (hereinafter referred to as a certificate of the SM-SR entity) issued by a CA to the SM-SR entity, generates a signature, and sends the PKI certificate of the SM-SR entity and the signature to the eUICC corresponding to the eUICC identifier. Optionally, the SM-SR entity also sends an eUICC management operation type (for example, profile installation, profile downloading, profile enabling, profile disabling, profile status switching, profile deletion, or an associated SM-SR change) to the eUICC. S204. The eUICC verifies validity of the certificate of the SM-SR entity by using a CA public key; acquires a public key of the SM-SR from the certificate of the SM-SR; verifies validity of the signature of the SM-SR by using the public key of the SM-SR; and verifies, according to first authorization information, whether the SM-SR is authorized to manage the eUICC” Here, the limitation “said request comprising a certificate of said administrative entity, said certificate of the administrative entity being signed by a secret key of a master entity and containing information indicating a role assigned by the master entity to the administrative entity, the role corresponding to an authorization to execute said administrative action” is clearly anticipated under the broadest reasonable interpretation (BRI) as the SM-SR of Long sends a request comprising at least a certificate signed by a master entity (met under the BRI by the CA disclosed by Long), the request disclosed by Long may include a management operation type (which meets the BRI of the claimed “role”) and it is checked that the authorization information allows the SM-SR to execute the management operation type upon the eUICC.
Applicant’s argument regarding “In Long, the administrative entity is the SM-SR, and the SM-SR, when transmitting a request (step S203), fails to include an information indicating a role assigned to the SM-SR entity in the request” is unpersuasive as Applicant’s argument is made without evidence from the Long reference.
In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., Long, allegedly, “fails to differentiate two administrative actions in the same request of the administrative entity”) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993).
Applicant then argues once more that Long corresponds to the prior art disclosed in the “background of the disclosure section”. Applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
Applicant’s argument that there is no disclosure in Long of “information related to a role corresponding to an authorized administrative action” is wholly unpersuasive as Long at least discloses a management operation type as discussed above which meets the BRI of the claimed “role”; and Long also at least discloses in Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”.
Applicant next argues that Long allegedly does not allegedly disclose whether the action/role is the same as the requested administrative action.
The Examiner respectfully disagrees.
Long discloses at least in paragraphs [0091-0095] whether the token to perform management operations is correct, and that the tokens separately authorize different management operation types.
Applicant then argues that Long cannot allegedly disclose that the master entity can assign different roles to administrative entities. Applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.
Applicant next argues that the Long reference allegedly prevent a master entity to dynamically attribute differentiated roles to several administrative entities. In response to applicant's argument that the references fail to show certain features of the invention, it is noted that the features upon which applicant relies (i.e., Long, allegedly, “prevents a master entity to attribute, dynamically, differentiated roles to several administrative entities”) are not recited in the rejected claim(s). Although the claims are interpreted in light of the specification, limitations from the specification are not read into the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Furthermore, Applicant’s argument is wholly unpersuasive as it comprises an allegation that Long prevents such a scope without evidence from the Long reference.
Applicant lastly argues without evidence, “it is complex according to Long to modify entities … and it is not possible to attribute differentiated roles to different administrative entities”. Applicant's arguments do not comply with 37 CFR 1.111(c) because they do not clearly point out the patentable novelty which he or she thinks the claims present in view of the state of the art disclosed by the references cited or the objections made. Further, they do not show how the amendments avoid such references or objections. This argument has been addressed in the two prior mailed Office Actions as of the current record (Non-Final Rejection mailed 04/08/2025, Final Rejection mailed 09/19/2025).
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claims 1-8, 10, and 12-19 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Independent claims 1, 2, 6, 7, 10, and 12 recite the limitation receiving a request to execute "a requested administrative action" in lines 3, 3, 6, 6, 5, and 5 respectively. There is insufficient antecedent basis for this limitation in the claim as the claim does not recite antecedent basis for an administrative action that was “requested”, in addition it makes it ambiguous if the request if for requesting an administrative action either included therein in the request or a prior request of execution, making the claim unascertainable. The specification, does not appear to clarify the amended language as the specification only shows the previous version of the claim, where the request is for executing the administrative action.
Dependent claims fall together accordingly.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1-8, 10, and 12-15 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Long Shuiping (EP 3073770 A1) hereinafter Long.
Regarding Claim 1:
Long discloses a method of administration of a profile for access to a communication network by a security module (Long Fig. 3A-3B), said method comprising: receiving a request to execute a requested administrative action relating to an access profile from an administrative entity (Long [0048-0050] administrative actions “the SM-SR entity also sends an eUICC management operation type (for example, profile installation, profile downloading, profile enabling, profile disabling, profile status switching, profile deletion, or an associated SM-SR change) to the eUICC.”; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said request comprising a certificate of said administrative entity (Long [0048-0050] “the SM-SR entity sends a certificate and a signature to the eUICC.”; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said certificate of the administrative entity being signed by a secret key of a master entity and containing information indicating a role assigned by the master entity to the administrative entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]), the assigned role corresponding an authorized administrative action (Long [0049-0054], Figure 4 and paragraphs [0091-0095]; [0038] and [0119]); sending an authorization to execute the requested administrative action in cooperation with the administrative entity in response to a verification that the certificate of the administrative entity is legitimate and if the requested administrative action is identical to the authorized administrative action corresponding to the assigned role (Long [0057], [0049-0055] verification process; Figure 4 and paragraphs [0091-0095] token is verified to be correct and the entity is authorized to perform the requested management operation; [0038] and [0119]); and sending a rejection of the execute request in if the requested administrative action is different from the authorized administrative action (Long [0055] failure message sent if verification has failed; Figure 4 and paragraphs [0091-0095] no is sent if entity is not authorized because token is not correct; [0038] and [0119]).
Regarding Claim 2:
Long discloses a method of administration of a profile for access to a communication network by an administrative entity, said method comprising (Long Fig. 3A-3B): sending to a security module a request to execute a requested administrative action relating to an access profile (Long [0048-0050]; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said request comprising a certificate of said administrative entity (Long [0048-0050]; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said certificate containing information indicating a role assigned to the administrative entity by a master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]), said certificate of the administrative entity being signed by a secret key of the master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), the assigned role corresponding to an authorized administrative action (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]); and receiving an authorization to execute the action in cooperation with the security module, in response to a verification by the security module that the certificate of the administrative entity is legitimate and if the requested administrative action is identical to the authorized administrative action corresponding to the assigned role (Long [0057], [0067], [0071], [0049-0054] verification process; Figure 4 and paragraphs [0091-0095] token is verified to be correct and the entity is authorized to perform the requested management operation; [0038] and [0119]).
Regarding Claim 3:
Long discloses the method as claimed in claim 1 (Long Fig. 3A-3B), wherein the information indicating the role assigned to the administrative entity is comprised in a field of the certificate (Long [0051-0054], Figure 4 and paragraphs [0091-0095]).
Regarding Claim 4:
Long discloses the method as claimed in claim 1 (Long Fig. 3A-3B), wherein the secret key used by the master entity to sign the certificate of the administrative entity is the secret key of a certificate of the master entity, said certificate of the master entity being associated with the role assigned to the administrative entity (Long [0053] certificate information, [0049-0054] signature verification).
Regarding Claim 5:
Long discloses the method as claimed in claim 1 (Long Fig. 3A-3B), wherein the authorized administrative action belongs to the group consisting of downloading an access profile, enabling an access profile, disabling an access profile, and deleting an access profile (Long [0048-0050] administrative actions, [0091-0095]).
Regarding Claim 6:
Long discloses a security module, configured to store in memory a profile for access to a communication network, said module comprising: a processor; and a non-transitory computer-readable medium (Long Fig. 8, [0116]) comprising instructions stored thereon which when executed by the processor configure the security module to (Long Fig. 1, [0106-0109] eUICC security module, Fig. 3A-3B): receive a request to execute a requested administrative action relating to an access profile from an administrative entity (Long [0048-0050] administrative actions “the SM-SR entity also sends an eUICC management operation type (for example, profile installation, profile downloading, profile enabling, profile disabling, profile status switching, profile deletion, or an associated SM-SR change) to the eUICC.”; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said request comprising a certificate of said administrative entity (Long [0048-0050] “the SM-SR entity sends a certificate and a signature to the eUICC.”; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said certificate of the administrative entity being signed by a secret key of a master entity and containing information indicating a role assigned to the administrative entity by the master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]), the role corresponding to an authorized administrative action (Long [0049-0054], Figure 4 and paragraphs [0091-0095]; [0038] and [0119]); and authorize execution of the requested administrative action in cooperation with the administrative entity in response to a verification that the certificate received is legitimate and if the requested administrative action is identical to the authorized administrative action corresponding to the assigned role (Long [0057], [0049-0054] verification process; Figure 4 and paragraphs [0091-0095] token is verified to be correct and the entity is authorized to perform the requested management operation; [0038] and [0119]).
Regarding Claim 7:
Long discloses an administrative entity for administering a profile for access to a communication network, said entity comprising: a processor; and a non-transitory computer-readable medium comprising instructions stored thereon which when executed by the processor configure the administrative entity to (Long [0117-0118] admin entity can be implemented with memory and a processor, Fig. 3A-3B): send, to a security module, a request to execute a requested administrative action relating to an access profile (Long [0048-0050]; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said request comprising a certificate of said administrative entity (Long [0048-0050]; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said certificate of the administrative entity containing information indicating a role assigned to the administrative entity by a master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]), said certificate of the administrative entity being signed by a secret key of the master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), the role corresponding to an authorized administrative action (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]), and receive an authorization to execute the requested administrative action in cooperation with the security module, in response to a verification by the security module that the certificate is legitimate and if the requested administrative action is identical to the authorized administrative action corresponding to the assigned role (Long [0057], [0067], [0071], [0049-0054] verification process; Figure 4 and paragraphs [0091-0095] token is verified to be correct and the entity is authorized to perform the requested management operation; [0038] and [0119]).
Regarding Claim 8:
Long discloses an administrative system comprising the administrative entity as claimed in claim 7 (Long [0117], Fig. 3A-3B) and a master entity that is configured to sign the certificate of the administrative entity ([0053] certificate information contains issuer name and validity period), said certificate of the administrative entity containing the information indicating the role assigned to the administrative entity (Long [0051-0054]).
Regarding Claim 10:
Long discloses a non-transitory computer-readable storage medium comprising program-code instructions stored thereon (Long Fig. 8, [0116]) to command execution of a method of administration of a profile for access to a communication network, when the instructions are executed by a processor of a security module, said method comprising (Long [0116-0117], Fig. 3A-3B): receiving a request to execute a requested administrative action relating to an access profile from an administrative entity (Long [0048-0050] administrative actions “the SM-SR entity also sends an eUICC management operation type (for example, profile installation, profile downloading, profile enabling, profile disabling, profile status switching, profile deletion, or an associated SM-SR change) to the eUICC.”; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said request comprising a certificate of said administrative entity (Long [0048-0050] “the SM-SR entity sends a certificate and a signature to the eUICC.”; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said certificate of the administrative entity being signed by a secret key of a master entity and containing information indicating a role assigned to the administrative entity by the master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]), the assigned role corresponding to an authorized administrative action (Long [0049-0054], Figure 4 and paragraphs [0091-0095]; [0038] and [0119]); sending an authorization to execute the requested administrative action in cooperation with the administrative entity in response to a verification that the certificate of the administrative entity is legitimate and if the requested administrative action is identical to the authorized administrative action corresponding to the assigned role (Long [0057], [0049-0055] verification process; Figure 4 and paragraphs [0091-0095] token is verified to be correct and the entity is authorized to perform the requested management operation; [0038] and [0119]); and sending a rejection of the execute request in if the requested administrative action is different from the authorized administrative action (Long [0055] failure message sent if verification has failed; Figure 4 and paragraphs [0091-0095] no is sent if entity is not authorized because token is not correct; [0038] and [0119]).
Regarding Claim 12:
Long discloses a non-transitory computer-readable storage medium comprising program-code instructions stored thereon (Long [0117-0118]) to command execution of a method of administration of a profile for access to a communication network by an administrative entity, when the instructions are executed by a processor of the administration entity, said method comprising (Long [0117], Fig. 3A-3B): sending to a security module a request to execute a requested administrative action relating to an access profile (Long [0048-0050]; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said request comprising a certificate of said administrative entity (Long [0048-0050]; Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), said certificate of the administrative entity containing information indicating a role assigned to the administrative entity by a master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]), said certificate being signed by a secret key of the master entity (Long [0049-0054], Figure 4 and paragraphs [0091-0095]; [0038] and [0119]), the assigned role corresponding to an authorized administrative action (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]); and receiving an authorization to execute the action in cooperation with the security module, in response to a verification by the security module that the certificate of the administrative entity is legitimate and if the requested administrative action is identical to the authorized administrative action corresponding to the assigned role (Long [0057], [0067], [0071], [0049-0054] verification process; Figure 4 and paragraphs [0091-0095] token is verified to be correct and the entity is authorized to perform the requested management operation; [0038] and [0119]).
Regarding Claim 13:
Long discloses the method as claimed in claim 2 (Long Fig. 3A-3B), wherein the information indicating the role assigned to the administrative entity is comprised in a field of the certificate (Long [0051-0054]).
Regarding Claim 14:
Long discloses the method as claimed in claim 2 (Long Fig. 3A-3B), wherein the secret key used by the master entity to sign the certificate of the administrative entity is the secret key of a certificate of the master entity, said certificate of the master entity being associated with the role assigned to the administrative entity (Long [0053] certificate information, [0049-0054] signature verification).
Regarding Claim 15:
Long discloses the method as claimed in claim 2 (Long Fig. 3A-3B), wherein said authorized administrative action belongs to the group consisting of downloading an access profile, enabling an access profile, disabling an access profile, and deleting an access profile (Long [0048-0050]).
Regarding Claim 16:
Long discloses the method as claimed in claim 1 (Long Fig. 3A-3B), wherein the assigned role assigned to the administrative entity is one among several roles that the master entity is entitled to assign (Long [0048-0054]), the several roles corresponding to different authorized administrative actions (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]).
Regarding Claim 17:
Long discloses the method as claimed in claim 2 (Long Fig. 3A-3B), wherein the assigned role assigned to the administrative entity is one among several roles that the master entity is entitled to assign (Long [0048-0054]), the several roles corresponding to different authorized administrative actions (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]).
Regarding Claim 18:
Long discloses the method according to claim 16 (Long Fig. 3A-3B), wherein the several roles comprise one or more of the following roles: a role of an install entity corresponding to an authorized administrative action being to download of an access profile; a role of an enable/disable entity corresponding to an authorized administrative action being to enable or disable an access profile; a role of a delete entity corresponding to an authorized administrative action being to delete an access profile (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]).
Regarding Claim 19:
Long discloses the method according to claim 17 (Long Fig. 3A-3B), wherein the several roles comprise one or more of the following roles: a role of an install entity corresponding to an authorized administrative action being to download of an access profile; a role of an enable/disable entity corresponding to an authorized administrative action being to enable or disable an access profile; a role of a delete entity corresponding to an authorized administrative action being to delete an access profile (Long [0049-0054], Figure 4 and paragraphs [0091-0095] that a SM-DP entity, communicating with a SM-SR entity as well, may communicate to a eUICC and include, in the sent authorization information, included in an X.509 certificate, contains a token or multiple tokens “which indicates that an SM-DP entity that has the Token 1 is authorized to perform management. It should be noted that SM-DP token information may include multiple tokens (Token 1, Token 2, ...), so as to separately authorize different management operation types. For example, the Token 1 is used to authorize a profile load management operation type, and a Token 2 is used to authorize a profile installation management operation type”; [0038] and [0119]).
Conclusion
The prior art made of record in the submitted PTO-892 Notice of References Cited and not relied upon is considered pertinent to applicant’s disclosure.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MIGUEL A LOPEZ whose telephone number is (703)756-1241. The examiner can normally be reached 8:00AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Criado can be reached on 5712727624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/M.A.L./ Examiner, Art Unit 2496 /JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496