Notice of Pre-AIA or AIA Status
1. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
2. Applicant's arguments filed 02/11/2026 have been fully considered but they are not persuasive. Applicant asserts (page 3 of remarks):
a) that the prior art of record, either individually or in any proper combination, fails to teach or suggest at least “receiving an authentication get response from the third core network node comprising an authentication profile for the UE, wherein the authentication profile for the UE comprises an indication that the UE should be authenticated by an external authentication entity; determining that the UE should be authenticated by the external authentication entity that is external to the wireless communication system based on the authentication profile for the UE from the third core network node” of amended Claim 1.
b) However, the Examiner very kindly directs applicant to section 6.27.3.2.1 and figure 6.27.3.2.1-1 where teaches receiving an authentication response from DCS (i.e. third core network node) comprising SUPI (i.e. authentication profile for the UE) that indicates that the UE should be authenticated by PS (i.e. external authentication entity) and determining that UE should be authenticated by PS (e.g. acting as external server) based on SUPI (the authentication profile for the UE) from DCS. Please note that The SUPI is a unique and permanent identifier assigned to each subscriber in a 5G network, analogous to the IMSI used in 4G networks. It is typically stored on the SIM card and consists of 15 digits, including the Mobile Country Code (MCC), Mobile Network Code (MNC), and Mobile Subscriber Identification Number (MSIN). The SUPI is used internally by the network to identify the subscriber and manage services, roaming, and authentication.
c) Applicant further asserts: 3GPP fails to teach or suggest that the AUSF receives an authentication get response from the DCS comprising an authentication profile for the UE that comprises an indication that the UE should be authenticated by an external authentication entity.
d) However, the Examiner very kindly directs applicant to section 6.27.3.2.1 where teaches step 11: the AUSF sends an authentication request to the selected DCS, including the onboarding SUPI. Step 12: the DCS requests authentication to the UE. In this procedure, the UE supplies its onboarding UE certificate to the DCS. The DCS verifies the validity of the certificate path of the supplied on boarding UE and matches its Step 13: then the DCS generates a successful response to AUSF. The DCS also provides AUSF with a list of SNPNs that are able to accept the onboarding of the UE. The DCS may also send the security information for each SNPK. Therefore, 3GPP teaches the AUSF receives an authentication response from the DCS including SUPI for the UE that UE should be authenticated by PS (emphasis added).
e) Applicant also submits that 3GPP fails to teach or suggest "receiving an authentication get response from the third core network node comprising an authentication profile for the UE, wherein the authentication profile for the UE comprises an indication that the UE should be authenticated by an external authentication entity," as recited by amended Claim 1.
f) However, the Examiner very kindly directs applicant to section 6.27.3.2.1 and figure 6.27.3.2.1-1 where teaches receiving an authentication response from DCS (i.e. third core network node) comprising SUPI (i.e. authentication profile for the UE) that indicates that the UE should be authenticated by PS (i.e. external authentication entity).
g) Applicant also asserts (page 4 of remarks): nowhere in 3GPP is it taught or suggested that a determination is performed that the UE should be authenticated by an external authentication entity that is external to the wireless communication system based on the authentication profile for the UE from a third core network node. As stated above, an authentication profile for the UE from the third core network node is distinctly different than a SUPI. Thus, 3GPP fails to teach or suggest "determining that the UE should be authenticated by the external authentication entity that is external to the wireless communication system based on the authentication profile for the UE from the third core network node."
h) However, the Examiner very kindly point out to section 6.27.3.2.1 and figure 6.27.3.2.1-1 where teaches determining that UE should be authenticated by PS (e.g. acting as external server) based on SUPI (the authentication profile for the UE) from DCS. As stated above SUPI is a unique and permanent identifier assigned to each subscriber/device in a 5G network, analogous to the IMSI used in 4G networks. It is typically stored on the SIM card and consists of 15 digits, including the Mobile Country Code (MCC), Mobile Network Code (MNC), and Mobile Subscriber Identification Number (MSIN). The SUPI is used internally by the network to identify the subscriber and manage services, roaming, and authentication. Therefore, authentication profile for the UE from the third core network node is not different than a SUPI (emphasis added).
i) For similar reasons (parts b, d, f, and h), Examiner submit the prior art of record teach or suggest the limitations of claim 18.
j) Applicant further asserts (page 4 of remarks): that the prior art of record, either individually or in any proper combination, fails to teach or suggest at least “transmitting, to a first core network node and towards an external authentication entity that is external to the core network, an authentication request to authenticate the UE to the core
network that comprises a subscriber concealed identity, SUCI, of the UE” of claim 14.
k) However, the Examiner very kindly point out to section 6.27.3.2.1, pages 106-108 where teaches sending toward PS (e.g. acting as external server) and AUSF (i.e. first network node) authentication request to authenticate the UE to the network and the authentication request with SUCI of the UE that UE derives an onboarding SUPI and creates its corresponding onboarding SUCI (emphasis added).
Please note that SUPI is a unique and permanent identifier assigned to each subscriber/device in a 5G network, analogous to the IMSI used in 4G networks. It is typically stored on the SIM card and consists of 15 digits, including the Mobile Country Code (MCC), Mobile Network Code (MNC), and Mobile Subscriber Identification Number (MSIN). The SUPI is used internally by the network to identify the subscriber and manage services, roaming, and authentication. The SUCI is a privacy-protected version of the SUPI. Before the device sends its identifier to the network, the SUPI is encrypted using the home network’s public key, creating the SUCI. This ensures that only the home network, which holds the corresponding private key, can decrypt the SUCI and retrieve the original SUPI. The SUCI is generated either by the SIM card or the User Equipment (UE) using elliptic curve cryptography and includes additional fields such as the SUCI type and home network identifier to facilitate routing and identification.
l) Applicant's arguments with regards to dependent claims are based on the deficiency of the references to support the limitations of independent claims. The arguments are respectfully traversed for the same reason(s) as stated above for rejection of independent claims.
3. Therefore, the limitations of the claims are met and the rejection is made final.
Claim Rejections - 35 USC § 103
4. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
A) Claims 1, 3-6, 14, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over 3GPP TR 23.700-07 v0.4.0 (2020-06); 3rd Generation Partnership Project; Technical Specification Group Services an stem Aspects; Study on enhanced support of non-public networks (Release 17), 158 pages hereinafter 3GPP in view of ZHU (WO 2021/063298 A1).
As per claim 1, 3GPP teaches a method performed by a first core network node of a core network of a wireless communication system for authenticating a user equipment, UE, to the core network (page 106-108, section 6.27.3.2.1, a method performed by AUSF (i.e. first core network node) of wireless communication system for authenticating the UE), the method comprising: receiving, from a second core network node, a first authentication request to authenticate the UE to the core network (page 106-108, section 6.27.3.2.1, step 9, receiving from AMF (i.e. second core network node) authentication request for authenticating the UE), the first authentication request identifying the UE (page 106-108, section 6.27.3.2.1, authentication request with onboarding SUPI (i.e. subscriber permanent identity of the UE or UE ID));
transmitting an authentication get request to a third core network node in response to receiving the first authentication request (page 106-108, section 6.27.3.2.1, sending an authentication service request to the DCS (i.e. third core network node) in response to receiving the first authentication request); and receiving an authentication get response from the third core network node comprising an authentication profile for the UE, wherein the authentication profile for the UE indicates that the UE should be authenticated by an external authentication entity (page 106-108, section 6.27.3.2.1, receiving an authentication response from DCS comprising SUPI (i.e. authentication profile for the UE) that indicates that the UE should be authenticated by PS); determining that the UE should be authenticated by the external authentication entity that is external to the wireless communication system based on the authentication profile for the UE from the third core network node (page 106-108, section 6.27.3.2.1, determining that UE should be authenticated by PS (e.g. acting as external server) based on SUPI from DCS); transmitting a second authentication request toward the external authentication entity (page 106-108, section 6.27.3.2.1, step 11, sending or transmitting another authentication request toward PS), the second authentication request identifying the UE (page 106, section 6.27.3.2.1, another authentication request with onboarding SUPI (i.e. subscriber permanent identity of the UE or UE ID)).
However, 3GPP does not explicitly teach receiving, from the external authentication entity, a first authentication response verifying authenticity of the UE and including a key for securing communications with the UE; and transmitting a second authentication response to the second core network node, the second authentication response identifying the UE and including the key for securing communications with the UE.
In the same field of endeavor, ZHU teaches receiving, from the external authentication entity, a first authentication response verifying authenticity of the UE and including a key for securing communications with the UE (Fig.5, S212, receiving from the external entity authentication result/response authenticating the UE which include anchor key used for establishing security context (i.e. securing communications)); and transmitting a second authentication response to the second core network node, the second authentication response identifying the UE and including the key for securing communications with the UE (Fig.5, S212, external entity returns the external authentication result/response to the AUSF, and the AUSF returns the external authentication result to the AMF (i.e. second core network node) and AUSF further returns the external authentication result and anchor key to AMF. The anchor key is used for Establish a security context).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of ZHU into 3GPP invention of in order for implementing external authentication, a communication device and a communication system, which are used to implement the authentication of externally subscribed terminals to access exclusive base stations or frequency bands, and ensure the exclusive use of resources for vertical industry customers.
As per claim 3 as applied to claim 1 above, 3GPP further teaches, wherein the core network comprises a 5GC core network (page 106, section 6.27.3.2.1, 5GS network), and wherein the third core network node implements a Unified Data Management, UDM, Function (page 108, UDM).
As per claim 4 as applied to claim 1 above, 3GPP further teaches wherein the core network comprises a 5GC core network (page 106, section 6.27.3.2.1, 5GS network), wherein the first core network node implements an Authentication Server Function, AUSF (page 106, section 6.27.3.2.1, AUSF), and wherein the second core network node implements an Access and Mobility Management Function, AMF (page 106, section 6.27.3.2.1, AMF).
As per claim 5 as applied to claim 1 above, 3GPP further teaches wherein the wireless communication system comprises a standalone non-public network (page 106, section 6.27.3.2.1, SNPN or standalone non-public network).
As per claim 6 as applied to claim 1 above, 3GPP further teaches wherein the first authentication request includes a subscriber concealed identity, SUCI, of the UE (page 106, section 6.27.3.2.1, authentication request includes SUCI of the UE), the method further comprising: determining a subscriber permanent identity, SUPI, of the UE, wherein determining that the UE should be authenticated by the external authentication entity is performed based on the SUCI or the SUPI of the UE, wherein the second authentication request includes the SUPI of the UE (page 106, section 6.27.3.2.1, determining SUPI of the UE and UE should be authenticated by the DCS performed based on the SUPI or SUCI and another authentication request includes the SUPI of the UE).
As per claim 14, 3GPP teaches a method performed by a second core network node of a core network of a wireless communication system for authenticating a user equipment, UE, to the core network (page 106-108, section 6.27.3.2.1, method performed by AMF (i.e. second core network node) of wireless communication system for authenticating the UE), the method comprising: receiving a registration request from the UE (page 106-108, section 6.27.3.2.1, receiving registration request from the UE); transmitting, to a first core network node and towards an external authentication entity that is external to the core network, an authentication request to authenticate the UE to the core network that comprises a subscriber concealed identity, SUCI, of the UE (page 106-108, section 6.27.3.2.1, sending toward PS (e.g. acting as external server) and AUSF (i.e. first network node) authentication request to authenticate the UE to the network and the authentication request with onboarding SUCI of the UE); and performing a Security Mode Command, SMC, procedure with the UE using the key for securing communications with the UE (page 106-108, section 6.27.3.2.1, completing the registration procedure within the SNPN (i.e. Security Mode Command) with the UE using the key for security procedure).
However, 3GPP does not explicitly teach receiving, from the first core network node, an authentication response verifying authenticity of the UE and including a key for securing communications with the UE, wherein the key is sent from the external authentication entity to the first core network node.
In the same field of endeavor, ZHU teaches receiving, from the first core network node, an authentication response verifying authenticity of the UE and including a key for securing communications with the UE (Fig.5, S212, receiving from the AUSF authentication result/response authenticating of the UE and including anchor key and anchor key is used for Establish a security context (i.e. securing communications)), wherein the key is sent from the external authentication entity to the first core network node (Fig.5, S212, external entity returns the external authentication result/response to the AUSF, and the AUSF returns the external authentication result to the AMF and AUSF further returns the external authentication result and anchor key to AMF. The anchor key is used for Establish a security context).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of ZHU into 3GPP invention of in order for implementing external authentication, a communication device and a communication system, which are used to implement the authentication of externally subscribed terminals to access exclusive base stations or frequency bands, and ensure the exclusive use of resources for vertical industry customers.
As per claim 17 as applied to claim 14 above, 3GPP teaches wherein the first network node implements an Authentication Server Function, AUSF (pages 106-108, AUSF (i.e. first network node)).
B) Claims 18-21 are rejected under 35 U.S.C. 103 as being unpatentable over 3GPP in view of YING (US 2020/0374139 A1).
As per claim 18, 3GPP teaches a method performed by a first core network node of a core network of a wireless communication system for authenticating a user equipment, UE, to the core network ((page 106-108, section 6.27.3.2.1, a method performed by AUSF (i.e. first core network node) of wireless communication system for authenticating the UE), the method comprising:
receiving, from a second core network node, a first authentication request to authenticate the UE to the core network ((page 106-108, section 6.27.3.2.1, step 9, receiving from AMF (i.e. second core network node) primary authentication request for authenticating the UE), the first authentication request identifying the UE ((page 106-108, section 6.27.3.2.1, first authentication request with SUPI (i.e. UE ID)); transmitting an authentication get request to a third core network node in response to receiving the first authentication request (page 106-108, section 6.27.3.2.1, sending an authentication service request to the DCS (i.e. third core network node) in response to receiving the first authentication request); and receiving an authentication get response from the third core network node comprising an authentication profile for the UE, wherein the authentication profile for the UE indicates that the UE should be authenticated by an external authentication entity (page 106-108, section 6.27.3.2.1, receiving an authentication response from DCS comprising SUPI (i.e. authentication profile for the UE) that indicates that the UE should be authenticated by PS); determining that the UE should be authenticated by the external authentication entity that is external to the wireless communication system based on the authentication profile for the UE from the third core network node (page 106-108, section 6.27.3.2.1, determining that UE should be authenticated by PS (e.g. acting as external server) based on SUPI from DCS); transmitting a second authentication request toward the external authentication entity (page 106-108, section 6.27.3.2.1, step 11, sending or transmitting another authentication request toward PS), the second authentication request identifying the UE (page 106, section 6.27.3.2.1, another authentication request with onboarding SUPI (i.e. subscriber permanent identity of the UE or UE ID)).
However, 3GPP does not explicitly teach wherein the external authentication entity implements as external Authentication Server Function, AUSF, that is outside the core network.
In the same field of endeavor, YING teaches wherein the external authentication entity implements as external Authentication Server Function, AUSF, that is outside the core network (¶106, security function entity may be an independent physical device (i.e. external entity) for example, may be an existing network element such as an authentication server function (AUSF) entity).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of YING into 3GPP invention of in order to implement independent physical entity as a security function entity that generate and maintain the key to implement secure transmission of the data or information.
As per claim 19 as applied to claim 18 above, 3GPP further teaches, wherein the third core network node implements a unified data management, UDM, function of the core network (page 106-108, section 6.27.3.2.1, sending an authentication service request to the UDM (i.e. third core network node) in response to receiving the primary authentication request).
As per claim 20 as applied to claim 18 above, 3GPP further teaches wherein the core network comprises a 5GC core network (page 106-108, section 6.27.3.2.1, 5GS network), wherein the first core network node implements an Authentication Server Function, AUSF (page 106-108, section 6.27.3.2.1, AUSF), and wherein the second core network node implements an Access and Mobility Management Function, AMF (page 106-108, section 6.27.3.2.1, AMF).
As per claim 21 as applied to claim 18 above, 3GPP further teaches wherein the first authentication request includes a subscriber concealed identity, SUCI, of the UE (page 106, section 6.27.3.2.1, authentication request includes SUCI of the UE), the method further comprising: determining a subscriber permanent identity, SUPI, of the UE, wherein determining that the UE should be authenticated by the external authentication entity is performed based on the SUCI or the SUPI of the UE, wherein the second authentication request includes the SUPI of the UE (page 106, section 6.27.3.2.1, determining SUPI of the UE and UE should be authenticated by the DCS performed based on the SUPI or SUCI and another authentication request includes the SUPI of the UE).
C) Claims 7 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over 3GPP in view of ZHU (WO 2021/063298 A1) and further in view of GUO (US 2022/0174497 A1).
As per claim 7 as applied to claim 1 above, 3GPP in view of ZHU does not explicitly teach wherein the first authentication request comprises a serving network name, SNN, associated with the UE, and wherein the second authentication request includes the SNN.
In the same field of endeavor, GUO teaches wherein the first authentication request comprises a serving network name, SNN, associated with the UE, and wherein the second authentication request includes the SNN (¶0519 and ¶0523, the first authentication request comprises a serving network name SN name associated with the UE, and wherein the second authentication request includes the SN name).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of GUO into 3GPP and ZHU invention of in order to lower a security risk posed by removal of a SIM card from a communications device, and improve security of a communications network.
As per claim 16 as applied to claim 14 above, 3GPP in view of ZHU does not explicitly teach, wherein the external authentication entity implements an external Authentication Server Function, AUSF, that is outside the core network.
In the same field of endeavor, GUO teaches wherein the external authentication entity implements an external Authentication Server Function, AUSF, that is outside the core network (¶0237, external AUSF therefore remote or outside of network).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of GUO into 3GPP and ZHU invention of in order to lower a security risk posed by removal of a SIM card from a communications device, and improve security of a communications network.
D) Claims 8 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over 3GPP in view of ZHU (WO 2021/063298 A1) and further in view of PALANIGOUNDER (US 2023/0231708 A1).
As per claim 8 as applied to claim 1 above, 3GPP in view of ZHU teaches wherein the first core network node implements an Authentication Server Function, AUSF (section 6.X.3.2 and fig 6.X.3.2.2-1, AUSF).
However, 3GPP in view of ZHU does not explicitly teach the key for securing communications with the UE comprises a security anchor function, SEAF, security key, KSEAF.
In the same field of endeavor, PALANIGOUNDER teaches the key for securing communications with the UE comprises a security anchor function, SEAF, security key, KSEAF (¶0031 and ¶0042, securing communication for the user device includes security anchor function, SEAF, security key, K.sub.SEAF or KSEAF).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of PALANIGOUNDER into 3GPP and ZHU invention of in order to efficiently establish and maintain a security context with more than one wireless network.
As per claim 15 as applied to claim 14 above, 3GPP in view of ZHU does not explicitly teach wherein the key for securing communications with the UE comprises a security anchor function, SEAF, security key, KSEAF.
In the same field of endeavor, PALANIGOUNDER teaches wherein the key for securing communications with the UE comprises a security anchor function, SEAF, security key, KSEAF (¶0031 and ¶0042, securing communication for the user device includes security anchor function, SEAF, security key, K.sub.SEAF or KSEAF).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of PALANIGOUNDER into 3GPP and ZHU invention of in order to efficiently establish and maintain a security context with more than one wireless network.
E) Claim 22 is rejected under 35 U.S.C. 103 as being unpatentable over 3GPP in view of YING (US 2020/0374139 A1) and further in view of GUO (US 2022/0174497 A1).
As per claim 22 as applied to claim 18 above, 3GPP in view of YING does not explicitly teach wherein the first authentication request comprises a serving network name, SNN, associated with the UE, and wherein the second authentication request includes the SNN.
In the same field of endeavor, GUO teaches wherein the first authentication request comprises a serving network name, SNN, associated with the UE, and wherein the second authentication request includes the SNN (¶0519 and ¶0523, the first authentication request comprises a serving network name SN name associated with the UE, and wherein the second authentication request includes the SN name).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filling date of applicant’s claimed invention to have incorporated the teaching of GUO into 3GPP and YING invention of in order to lower a security risk posed by removal of a SIM card from a communications device, and improve security of a communications network.
Conclusion
5. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FARIDEH MADANI whose telephone number is (571)272-1249. The examiner can normally be reached Monday through Friday; 9 AM to 5 PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JINSONG HU can be reached at 5712723965. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/FARIDEH MADANI/Examiner, Art Unit 2643
/JINSONG HU/ Supervisory Patent Examiner, Art Unit 2643