AUTHENTICATION USING A DIGITAL IDENTIFIER FOR UE ACCESS

Detailed Action 1. The Office Action is in response to the Applicant’s communication filed on 03/02/2026. In virtue of this communication, claims 1-8 and 10-21 are currently pending in this Office Action. Claim 9 is cancelled and claim 21 is newly added. Response to Arguments 2. In Remarks, applicant’s arguments for claims 1 and 7 are mainly based on the amended claim limitations. However, the amended claim limitations are considered obvious by the rationales found in the applied prior art in combining with the previously applied prior art. See greater details in the claim rejection section set forth below. PNG media_image1.png 680 958 media_image1.png Greyscale PNG media_image2.png 555 680 media_image2.png Greyscale Indeed Liu discloses that when UE sends a Registration Request message to AMF/SEAL, the registration request message includes the 5GS mobile identity IE which contains either the SUCI, 5G-GUTI or IMEI (par. 0062 and see fig. 4-22). See further evidence in the use of the conceal version identifier USCI in Bradley et al. Patent No. US 11,528,604 B2. Lastly, It’s to note that although claims 5 and 19 are indicated for allowable subject matter, entirety of claims 5 and 19 are not incorporated into the independent claims 1 and 7 respectively. Claim Objections 3. Claims 6 and 20 are objected to because of the following informalities: there are typographic errors in the claim hence “and or more of …” shall be read as “and or more of:” for examining purpose. Appropriate correction is required. Similarly, claim 7 recites (“DIG-ID”)-having in line 7. There’s a dash or a hyphen, i.e., not needed, and appropriate correction is required. Claim Rejections - 35 USC § 103 4. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 5. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows: 1. Determining the scope and contents of the prior art. 2. Ascertaining the differences between the prior art and the claims at issue. 3. Resolving the level of ordinary skill in the pertinent art. 4. Considering objective evidence present in the application indicating obviousness or nonobviousness. 6. Claims 1-4, 7, 8, 10-18 and 21 are rejected under 35 U.S.C. 103 as being unpatentable over Liu Pub. No.: US 2021/0306849 A1 in view of Torvinen et al. Pub. No.: US 2019/0098502 A1. Claim 1 Liu disclose a method (fig. 4-24 for registering UE to heterogeneous network with security identifier) of a user equipment device ("UE") (UE in fig. 4, 9, 11, 13 & 24) comprising: acquiring a digital identifier ("DIG-ID") comprising a verifiably secure identity (as depicted in fig. 4,9, 11 & 13, registration request including subscriber ID means that subscriber ID, i.e., DIG-ID, NAS security context, is obtained through initial network, see fig. 5-6), wherein the DIG-ID comprises a network subscription identifier, a user subscription identifier, a verifiable user identifier, a decentralized identifier, a self-sovereign identifier, a verifiable subscription identifier, or a service subscription identifier (SUCI in par. 0041, SUPI in par. 0042, UICC in par. 0045 and USIM UMTS in par. 0046); transmitting, to a mobile communication network (UE registration request in fig. 4, 9, 11 & 13), a Registration request message comprising a concealed version of the UE permanent identifier (par. 0062, the 5GS mobile identity IE either SUCI, 5G-GUTI; see fig. 16-17); and performing authentication with the mobile communication network using the DIG-ID (authentication is performed in secure mode in fig. 4, 9 & 11), accessing a service provided by the service provider via the mobile communication network in response to successful authentication (as depicted in fig. 1-3, after registration and authentication are complete, UE can access the wireless service across the heterogeneous network). Although Liu does not explicitly show: “generating, by the UE, a UE permanent identifier using the DIG-ID, wherein the UE permanent identifier indicates a service provider holding subscription information of the UE, and wherein the UE permanent identifier further indicates a trust service provider that enabled the DIG-ID”, the claim limitations are considered obvious by the following rationales. Initially, to address the obviousness of the claim limitations “generating, by the UE, a UE permanent identifier using the DIG-ID, wherein the UE permanent identifier indicates a service provider holding subscription information of the UE, and wherein the UE permanent identifier further indicates a trust service provider that enabled the DIG-ID”, recall that Liu discloses wherein the UE permanent identifier indicates a service provider holding subscription information of the UE, and wherein the UE permanent identifier further indicates a trust service provider that enabled the DIG-ID (SUPI in par. 0067 and see fig. 14-22 and see par. 0109-0119 for explaining SUCI for concealing SUPI, alternatively, different formats of SUCI subscriber identity formats in fig. 16-22). What’s more, Liu explains UE for generating a SUCI using a raw public key (par. 0111), SUCI over the air (par. 0062 & 0067 and see fig. 16-17) and generating EAP at UDM (fig. 4). To advance the prosecution, different way of generating SUCI using SUPI is provided herein. In particular, Torvinen teaches generating SUCI using 5G-USIM UICC with SUPI (fig. 5-12). Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify security realization of connections over heterogeneous access networks of Liu by providing a subscription concealing identifier as taught in Torvinen to obtain the claimed invention as specified in the claim. Such a modification would have provided a user equipment an encryption scheme to obtain a SUPI so that the UE could have encrypted SUPI in SUCI for giving a user a security and a privacy as suggested in par. 0004-0006 of Torvinen. Claim 2 Liu, in view of Torvinen, discloses the method of claim 1, wherein the concealed version of the UE permanent identifier is a DIG-ID-based subscription concealed identifier (SUCI) (Liu, SUCI in par. 0062 and see fig. 16-17), the method further comprising constructing the DIG-ID-based SUCI from the UE permanent identifier (Liu, SUCI in fig. 18-23; Torvinen, SUCI in fig. 6-14), wherein the DIG-ID-based SUCI includes a type-indicator with a value that indicates a digital identifier type of the UE permanent identifier (Liu, see values in fig. 16-22 to become SUCI and explanation for SUCI in formats with element information in par. 0062, 0067-0069 & 0110-0120; access network type in fig. 5, 7-8, 10, 12; accordingly, the combined prior art renders the claim obvious). Claim 3 Liu, in view of Torvinen, discloses the method of claim 2, wherein the DIG-ID-based SUCI further includes routing information comprising one or more of: a Service provider ID (Liu, PSP-ID, service provider ID par. 0068 and fig. 22), a Service provider public Key ID (Liu, identifier of the home network public key in par. 0111), or a DIG-ID Routing Indicator (Liu, Routing-ID in fig. 18), and wherein the routing information is to route the registration request message to a particular network function which handles DIG-ID-based user ID authentication (Liu, fig. 18-22 and routing information in par. 0068 & 0116-0119; Torvinen, step 5 for routing decision in fig. 6; accordingly, the combined prior art meets the claim requirement, see Markush Claims in MPEP 2117). Claim 4 Liu, in view of Torvinen, discloses the method of claim 2, wherein the registration request message includes a digital signature and the DIG-ID-based SUCI if it does not include a Service provider public Key ID (Liu, subscriber ID in fig. 4, 9 & 11 could be MAC address, serial number and SUCI), in response to using a plain text DIG-ID or using a null scheme to construct the DIG-ID-based SUCI (Liu, fig. 16-23 for SUCI format; Torvinen, SUCI in fig. 7-11 and null encryption scheme in par. 0083 & 0116; accordingly, one of ordinary skill in the art would have expected the combined prior art to perform equally well to the claim). Claim 7 Liu discloses a method (AUSF or UDM in fig. 4,9, 11 & 13) of a network function (par. 0059) in a mobile communication network (fig. 1-4,9, 11 & 13), the method comprising: receiving a first authentication request message (Nausf UE authentication from AMF to AUSF or from AUSF to UDM in fig. 4; SUCI in fig. 16-23), the message comprising a concealed UE identifier (subscriber ID in UE authentication from AMF to AUSF or from AUSF to UDM in fig. 4, par. 0067, subscriber identifier is SUPI in IMS or NAI format during the authentication procedure); receiving subscription information (subscriber ID in fig. 4); storing the subscription information and UE security context in response to successful authentication of the UE using the DIG-ID (subscription data and authentication data may be stored in UDR in par. 0059, and see par. 0062; and mapping data stored in the UE and AMF and see fig. 6), wherein the UE security context contains at least one security key derived using the DIG-ID (NAS key set identifier in fig. 6), transmitting the at least one security key to a network function in the mobile communication network (AKA form UDM to AUSF or from AUSF to AMF in fig. 4), wherein the at least one security key is used to protect traffic of the UE (see fig. 5-8, SUCI is encrypted as explained in par. 0110). Although Liu does not explicitly disclose “de-concealing the concealed UE identifier to obtain a UE permanent identifier, the UE permanent identifier comprising a digital identifier ("DIG-ID") having a verifiably secure identity, wherein the DIG-ID comprises a network subscription identifier, a user subscription identifier, a verifiable user identifier, a decentralized identifier, a self-sovereign identifier, a verifiable subscription identifier, or a service subscription identifier; receiving subscription information from a service provider, said service provider identified using the DIG-ID”, the claim limitations are considered obvious by the following rationales. In fact, Liu discloses wherein the UE permanent identifier indicates a service provider holding subscription information of the UE and a trust service provider that enabled the DIG- ID generation at the UE (SUPI in par. 0067 and see fig. 14-22 and see par. 0109-0119 for explaining SUCI for concealing SUPI, alternatively, different formats of SUCI subscriber identity formats in fig. 16-22). In particular, Torvinen teaches decrypting SUCI and generating SUCI using 5G-USIM UICC with SUPI (SUCI in fig. 6 and see fig. 5-12, UICC or USIM is from a service provider; see de-concealing server in par. 0072). PNG media_image3.png 492 588 media_image3.png Greyscale Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify security realization of connections over heterogeneous access networks of Liu by providing a subscription concealing identifier as taught in Torvinen to obtain the claimed invention as specified in the claim. Such a modification would have provided a user equipment an encryption scheme to obtain a SUPI so that the UE could have encrypted SUPI in SUCI for giving a user a security and a privacy as suggested in par. 0004-0006 of Torvinen. Claim 8 Liu, in view of Torvinen, discloses the method of claim 7, further comprising determining to authenticate the UE with the service provider (Liu, fig. 4 connecting to fig. 5-8 & 15-22 with SUPI for RSP-ID), the determination based on a DIG-ID-type of the DIG-ID and also based on service provider information associated with the DIG-ID (Liu, RSP ID in par. 0068; Torvinen, fig. 6-14; and thus, the combined prior art renders the claim obvious). Claim 10 Liu, in view of Torvinen, discloses the method of claim 7, further comprising: verifying the DIG-ID using a locally stored DIG-ID (Liu, mapping data are stored in UE or AMF in fig. 10 and par. 0089); and authenticating the UE in response to successful verification of the DIG-ID (Liu, security mode for authenticating UE in fig. 4, 9 & 11; Torvinen, fig. 6-14; for these reasons, one of ordinary skill in the art would have expected the combined prior art to perform equally well to the claim). Claim 11 Liu, in view of Torvinen, discloses the method of claim 10, wherein verifying the DIG-ID comprises verifying a digital signature of the DIG-ID with a public key corresponding to the user (Liu, KSEAF keys and KAUSF in par. 0077; Torvinen, privacy key in fig. 13-14), the method further comprising deriving the associated UE security context in response to successful authentication of the UE (Liu, authenticated in fig. 4, 9, 11 & 13; authentication in fig. 6 & 13-14 of Torvinen; and thus, the combined prior art reads on the claim). Claim 12 Liu, in view of Torvinen, discloses the method of claim 7, further comprising: sending a second authentication request message to a service provider (Liu, as depicted in fig. 4, 9 & 11 and see fig. 1-3 in view of par. 0068 for service provider, registration request can be transmitted to the service way; alternatively, accessing for the first time or a new location or roaming, using SIM or USIM or UICC is registering with the service provider as depicted in fig. 7-11 of Torvinen), the second authentication request message containing the concealed UE identifier or the UE permanent identifier in plaintext form and containing a subscription information request (Liu, SUCI in par. 0067-0069 and fig. 16-23, and see fig. 4, 9 & 11 for the security context and NAS security context, subscription permanent ID in par. 0067, 0079, 0086, 0088, 0094 and see fig. 14-22 for security and SUCI format; Torvinen, SUCI and privacy key in fig. 4-11); and receiving the associated UE security context from the service provider in response to successful authentication of the UE (Liu, mapping table in fig. 10 and SUCI format in fig. 14-22; Torvinen, secret key fig. 4-11 & 13-14; since claim does not specifically define what are involved in security context, the information in fig. 14-22 of Liu and fig. 4-11 & 13-14 of Torvinen would have been expected by one of ordinary skill in the art to perform equally well to the claim, see MPEP 2143, KSR Exemplary Rationale F-G). Claim 13 Liu, in view of Torvinen, discloses the method of claim 7, wherein the UE derives at least one matching security key corresponding to the associated UE security context (Liu, SUCI is generated using a protection scheme with the raw public key in par. 0067 and see fig. 16-23), wherein the matching security key is based on one or more of: the DIG-ID, PLMN identifier ("PLMN ID"), Network identifier ("NID"), and a service provider identifier ("SP ID") (Liu, NHN-ID and PSP-ID in par. 0068; and thus, the combined prior art reads on the claim). Claim 14 Liu, in view of Torvinen, discloses the method of claim 7, wherein the UE security context (Liu, security context in fig. 5-8 & 14-22) is bound to one or more of: the DIG-ID (Liu, subscriber ID in fig. 4, 9 & 11 as explained in par. 0067 for SUPI to SUCI), PLMN identifier ("PLMN ID") (Liu PLMN ID in fig. 19), Network identifier ("NID"), or a service provider identifier ("SP ID") (Liu, PSP-ID & NHN-ID in fig. 22 for network ID and service provider ID), wherein the at least one security key is derived further using the SP ID (Liu, participating service provider PSP-ID in par. 0068; therefore, the combined prior art meets the claim requirement; see Markush Claims in MPEP 2117). Claim 15 Liu, in view of Torvinen, discloses the method of claim 7, wherein the first authentication request is received from a network function that is an access and mobility management function ("AMF") and a security anchor function ("SEAF"), or both, (Liu, AMF and SEAF in par. 0062 and AMF/SEAF in fig. 13-14 of Torvinen), wherein transmitting the at least one security key comprises transmitting the at least one security key to the AMF or SEAF or both (Liu, AMF in fig. 4, 9 & 11 and key in AMF/SEAF in par. 0062 & 0079; Torvinen, AMF/SEAF in fig. 13-14; hence, the combined prior art meets the claim requirement). Claim 16 Liu, in view of Torvinen, discloses the method of claim 15, wherein the one security key comprises an AMF Key (Kamf) or a SEAF Key (Kseaf) (Liu, KAMF key in par. 0079 and see key at AMF and SEAF in par. 0062; Torvinen, AMF/SEAF and public key identifier value in par. 0116; and thus, the combined prior art reads on the claim). Claim 17 Liu, in view of Torvinen, discloses the method of claim 7, wherein the first authentication request is received from an authentication server function ("AUSF") (Liu, in fig. 4, AMF sends AUSF Nausf_UE Authentication; Torvinen, AUSF in fig. 13-14), wherein transmitting the at least one security key comprises transmitting the at least one security key to the AUSF (Liu, public identifier key in fig. 18-22; Torvinen, SUCI and privacy key in fig. 13-14 and see par 0090 for public identifier key in SUCI; therefore, the combined prior art renders the claim obvious). Claim 18 Liu, in view of Torvinen, discloses the method of claim 17, wherein the one security key comprises an AUSF Key (Kausf), an Extended Master Session Key (EMSK) or a Cipher and Integrity Key (CK', IK') (Liu, AUSF in fig. 4, 9 & 11 and NAS key set identifier in fig. 6 and AUSF using RAND, AUTN, XRES, CK’, IK’ in par. 0062; Torvinen, SIDF/AUSF and privacy key in fig. 13-14; in addition, claim recites Markush form, i.e., alternative limitations, see MPEP 2117; therefore, the combined prior art meets the claim condition). Claim 21 PNG media_image4.png 630 616 media_image4.png Greyscale Claim 21 is an equipment claim corresponding to method claim 1. Claim 21 recites the structure for the same scopes of the respective limitations of claim 1. Accordingly, claim 1 can be considered obvious by the same rationale applied in the rejection of claim 1 set forth above. Additionally, Liu discloses A user equipment ("UE") for wireless communication (UE 220 in fig. 24), comprising: at least one memory (memory device 2602); and at least one processor coupled with the at least one memory (processing device 2600). Allowable Subject Matter 7. Claims 5-6 and 19-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Examiner’s Note 8. Applicant is friendly reminded that not to introduce a new matter to claim 7 which would not expedite the prosecution but the restriction. Conclusion 9. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Contact Information 10. Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAN HTUN whose telephone number is (571)270-3190. The examiner can normally be reached Monday - Thursday 7 AM - 5 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jinsong Hu can be reached on 5712723965. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SAN HTUN/ Primary Examiner, Art Unit 2643