DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 9/18/2025 has been entered.
Status of Claims
Claims 1-35 are pending; of which, claims 10-17, 27-34 are withdrawn from consideration. Claims 2-3, 19-20 are cancelled.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.
Claim(s) 1, 4-5, 7-8, 18, 21-22, 24-25, 35 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by ETSI TS 124 109 v15.0.0, hereinafter Etsi.
Regarding Claims 1, 18, and 35:
Etsi teaches a method performed by a user equipment (UE) (page 7 section 1, “The purpose of the Ua interface is to use the so created bootstrapped security association between UE and NAF for secure communication.”), a user equipment, and a non-transitory, processor-readable medium having stored thereon processor-executable instructions configured to cause a processor of a user equipment (UE) to perform operations (page 14 section 5.2.1, “the HTTP client application resides in the UICC”), the UE comprising:
a transceiver (page 10 section 4.1, “the Ub interface is between the UE and bootstrapping server function (BSF)”; page 12 section 4A.1, “the Upa interface is between a NAF and UE”); and
a processor coupled to the transceiver and configured to (page 14 section 5.2.1, “the HTTP client application resides in the UICC”):
generating a first request message including:
a first bootstrapping transaction identifier (B-TID) (page 39-40 section B.3, “B-TID”);
a first pre-shared key (PSK) identity including a prefix indicating a PSK namespace, the PSK namespace identifying a first bootstrapping procedure supported by the UE (page 39-40 Section B.3, “NAF specific key material”; page 38 section B.3, “User-Agent: Contains information about the user agent originating the request and it includes the static string "3gpp-gba" to indicate to the application server (i.e. NAF) that the UE supports 3GPP-bootstrapping based authentication”); and
a first correlated PSK identity including a prefix indicating a first correlated PSK namespace, the first correlated PSK namespace indicating PSK renegotiation is supported by the UE for the first bootstrapping procedure (page 14 section 5.2.1, “The UE may indicate multiple GBA modes by inserting multiple "product" tokens in the User-Agent header field. The User-Agent header field with GBA related "product" tokens shall be added to each outgoing HTTP request if the UE supports GBA-based authentication using HTTP Digest”; page 16 section 5.2.5, “The NAF shall indicate to the UE that the existing bootstrapped security association used in the last HTTP request sent by the UE has expired and that a new bootstrapped security association is required by sending an HTTP response described in subclause 5.2.3. When the UE receives the 401 "Unauthorized" HTTP response to the HTTP request that was protected using the existing bootstrapped security association, this shall trigger the UE to run bootstrapping procedure over Ub interface”; EXAMINER’S NOTE: therefore, the correlated namespace “indicates” renegotiation is supported for the first bootstrapping procedure);
sending the first request message to a Network Application Function (NAF) (page 39 section B.3, “sends the request to NAF”);
receiving a response from the NAF including an index associated with a second bootstrapping procedure (page 14 section 5.2.1, “If multiple GBA modes have been indicated in the User-Agent header field, then the NAF selects one GBA mode and indicates the selected mode in responses to the UE in the “realm” parameter of the WWW-Authenticate header field.”; EXAMINER’S NOTE: any additional “product” tokens beyond the two described above can be considered a “second” bootstrapping procedure); and
negotiating with a bootstrapping server function (BSF) to obtain a second B-TID and a session key associated with the second bootstrapping procedure (page 16 section 5.2.4, “NAF shall indicate to the UE that bootstrapped security association is required by sending an HTTP response with code 401 "Unauthorized" and include the WWW-Authenticate header into the response. In particular, the "realm" attribute shall contain a prefix "3GPP-bootstrapping@" or "3GPP-bootstrapping-uicc@" or "3GPP-bootstrappingdigest", and this shall trigger UE to run bootstrapping procedure over Ub interface “).
Regarding Claims 4 and 21:
Etsi teaches the method of claim 1 and the UE of claim 18. In addition, Etsi teaches wherein the processor is further configured to:
generate a second request message including the second B-TID and the first correlated PSK namespace (EXAMINER’S NOTE: communication with the NAF will use the currently available B-TID; page 39-40 section B.3, “B-TID”; page 39-40 Section B.3, “NAF specific key material”; page 38 section B.3, “User-Agent: Contains information about the user agent originating the request and it includes the static string "3gpp-gba" to indicate to the application server (i.e. NAF) that the UE supports 3GPP-bootstrapping based authentication”); and
send the second request message to the NAF (page 39 section B.3, “sends the request to NAF”).
Regarding Claims 5 and 22:
Etsi teaches the method of claim 1 and the UE of claim 18. In addition, Etsi teaches wherein the indication of the first correlated PSK namespace includes the first correlated PSK namespace (page 14 section 5.2.1, “The UE may indicate multiple GBA modes [i.e. first namespace and correlated namespace] by inserting multiple "product" tokens [token can be considered index and/or namespace] in the User-Agent header field. The User-Agent header field with GBA related "product" tokens shall be added to each outgoing HTTP request if the UE supports GBA-based authentication using HTTP Digest”).
Regarding Claims 7 and 24:
Etsi teaches the method of claim 1 and the UE of claim 18. In addition, Etsi teaches wherein the processor is further configured to:
communicate with the NAF using the session key (EXAMINER’S NOTE: communication with the NAF will use the currently available Ks; page 39 section B.3, “UE generates the HTTP request by calculating the Authorization header values using the bootstrapping transaction identifier B-TID it received from the BSF as the username and the NAF specific key material Ks_(ext)_NAF (base64 encoded) as the password, and sends the request to NAF”).
Regarding Claims 8 and 25:
Etsi teaches the method of claim 1 and the UE of claim 18. In addition, Etsi teaches wherein the first request message further includes:
a second PSK namespace identifying a third bootstrapping procedure supported by the UE (page 14 section 5.2.1, “The UE may indicate multiple GBA modes [i.e. “third bootstrapping procedure”] by inserting multiple "product" tokens in the User-Agent header field. The User-Agent header field with GBA related "product" tokens shall be added to each outgoing HTTP request if the UE supports GBA-based authentication using HTTP Digest”); and
a third correlated PSK namespace indicating PSK renegotiation is supported by the UE for the third bootstrapping procedure (page 14 section 5.2.1, “The UE may indicate multiple GBA modes [i.e. “third correlated PSK namespace”] by inserting multiple "product" tokens in the User-Agent header field. The User-Agent header field with GBA related "product" tokens shall be added to each outgoing HTTP request if the UE supports GBA-based authentication using HTTP Digest”; page 16 section 5.2.5, “The NAF shall indicate to the UE that the existing bootstrapped security association used in the last HTTP request sent by the UE has expired and that a new bootstrapped security association is required by sending an HTTP response described in subclause 5.2.3. When the UE receives the 401 "Unauthorized" HTTP response to the HTTP request that was protected using the existing bootstrapped security association, this shall trigger the UE to run bootstrapping procedure over Ub interface”; therefore, the correlated namespace “indicates” renegotiation is supported for the third bootstrapping procedure).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 6, 23 is/are rejected under 35 U.S.C. 103 as being unpatentable over Etsi, and further in view of Cha et al (PGPUB 2013/0174241).
Regarding Claims 6 and 23:
Etsi teaches the method of claim 1 and the UE of claim 18.
Etsi does not explicitly teach wherein the indication of the first correlated PSK namespace includes a position of the first correlated PSK namespace in a list.
However, Cha teaches the concept wherein an indication of a first correlated PSK namespace includes a position of the first correlated PSK namespace in a list ([0121] “Another example of a preconfigured policy may be for the UE to consider the HTTP 401 Authenticate message(s) as a list of preferred authentication protocols in order of priority, and the UE may be instructed to start inspection from the first to the last, stopping when arriving at an authentication protocol it supports and then using that protocol of authentication”).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the ordered list teachings of Cha with the bootstrapping protocol teachings of Etsi. It is well-known in the art to arrange elements in the form of an ordered list. A person of ordinary skill in the art would therefore be motivated to combine Etsi and Cha to utilize well-known methods of arranging lists of data for efficiency, clarity, and useful organization of data elements to improve the system of data exchange.
Claim(s) 9, 26 is/are rejected under 35 U.S.C. 103 as being unpatentable over Etsi, and further in view of Bone et al (PGPUB 2016/0226847).
Regarding Claims 9 and 26:
Etsi teaches the method of claim 1 and the UE of claim 18.
Etsi does not explicitly teach wherein the first request message is a client-initiated hello message.
However, Bone teaches the concept wherein a first request message is a client-initiated hello message ([0210] “In 205 described above, the “Server Hello” message contains a field where the server can indicate that it supports GBA-bootstrapping, and in response, the client can then provide an identifier (B-TID) for an already bootstrapped key (260). Or if the client doesn't already have a bootstrapped key, it asks the GAA server to get one, before resuming the “Client Hello” and “Server Hello” at 260”; [0203] “Over the Ua interface again: at 260, the UE 110 (DM Client 116) contacts the NAF (DM Server 122) and presents the B-TID as retrieved above.”)
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the “hello” message teachings of Bone with the bootstrapping protocol teachings of Etsi, in order to combine the benefits of both systems, allowing the use of established bootstrapping identifiers/keys in a handshaking operation to establish a secure communication tunnel, thereby reusing established secrets to establish the session and exchange further keys, thereby improving efficiency and security.
Response to Arguments
Applicant's arguments filed 9/18/2025 have been fully considered but they are not persuasive.
Regarding the rejection of claims under 35 USC 102:
Examiner’s response to applicant’s arguments, page 13 paragraph 2-3:
Examiner disagrees. Applicant appears to be arguing that the response from the NAF does not include an “index” associated with a second bootstrapping procedure; instead, Etsi describes a “realm attribute”. In response, Examiner refers applicant to the definition of “index” provided in the office action dated 6/18/2025, pages 9-10, which includes “something used or serving to point out; a sign, token, or indication”. The realm attribute including a “prefix” such as “3GPP-bootstrapping@” certainly serves to “indicate” the corresponding bootstrapping procedure. Furthermore, Etsi specifically discloses at least three separate bootstrapping prefixes, indicating the presence of at least a first, second, and third bootstrapping procedure. Etsi further discloses explicitly that this triggers the UE to run the bootstrapping procedure. Therefore, Etsi teaches “an index associated with a second bootstrapping procedure”, and “obtaining a second B-TID and a session key associated with the second bootstrapping procedure”.
Examiner’s response to applicant’s arguments, page 13 paragraph 2-3:
Examiner disagrees. The Etsi specification, page 16 section 5.2.5, titled “Bootstrapping renegotiation indication”, teaches that the NAF shall indicate to the UE that the existing bootstrapped security association used in the last HTTP request sent by the UE has expired and that a new bootstrapped security association is required; it is therefore “indicated” by at least one of the transmitted PSK namespaces that renegotiation is supported, as the specification requires it. Applicant goes on to argue that “Such an example is a description of the lifecycle of security associations and the conditions under which security associations are reestablished. In contrast, the amended claim recites "the first correlated PSK namespace indicating PSK renegotiation is supported by the UE for the first bootstrapping procedure" which describes semantic structure of the PSK namespace which is not described in Etsi. To suggest that the two are equivalent would conflate protocol signaling mechanisms with cryptographic namespace semantics. Cryptographic namespace semantics operate independently of protocol signaling mechanisms such as session expiration events or protocol-level error codes. Cryptographic namespace semantics are properties of the PSK namespace, not a procedural message exchange.” However, applicant is applying an unreasonably narrow interpretation to the limitations of the claim, asserting that “the first correlated PSK namespace indicating PSK renegotiation is supported by the UE” must be interpreted only in view of “cryptographic namespace semantics”; the first correlated PSK namespace must only provide an “indication”. There are many ways to interpret the namespace providing such an “indication”. If the protocol recognizes that support for renegotiation is required by any namespaces, then those namespaces by themselves provide an “indication” that renegotiation is supported, as in Etsi. Therefore, Etsi teaches “the first correlated PSK namespace indicating PSK renegotiation is supported by the UE for the first bootstrapping procedure”.
Applicant’s arguments with regard to independent claims 18 and 35 are similar to those regarding claim 1 and are therefore responded to in a similar way.
Applicant further argues that the dependent claims are allowable due to depending on an allowable independent claim. However, as shown above, the independent claims are not allowable.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Amir Mehrmanesh can be reached at (571) 270-3351. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/FORREST L CAREY/Examiner, Art Unit 2491
/AMIR MEHRMANESH/Supervisory Patent Examiner, Art Unit 2491