DETAILED ACTION
1. This is in response to the application No. 18/259.416 filed on 06/27/2023. Claims 51-64 are submitted for examination. Claims 51, 57 and 58 are independent.
Notice of Pre-AIA or AIA Status
2. The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Preliminary Amendment
3. The preliminary amendment filed on 06/27/2023 is acknowledged. Accordingly claim 1-50 are canceled and new claims 51-64 are submitted for examination.
Priority
4. This application filed on 06/27/2023 is a National Stage entry of PCT/EP2021/086902, International Filing Date: 12/20/2021. PCT/EP2021/086902 Claims Priority from Provisional Application 63131936, filed on 12/30/2020
Information Disclosure Statement
5. The information disclosure statements (IDS) submitted on June 27, 2023 has been considered. The submission is in-compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.
Drawings
6. The drawings filed on June 27, 2023 are accepted.
Specification
7. The specification filed on June 27, 2023 is also accepted.
Claim Rejections - 35 USC § 103
8. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
9. Claims 51-64 are rejected under 35 U.S.C. 103 as being unpatentable over NPL Document, titled 3rd Generation Partnership Project: 3GPP TR 23.700-07 V1.1.0 (October 2020) (herein after referred as 3GPP10) in view of 3rd Generation Partnership Project: 3GPP TS 33.501 V17.0.0 (December 2020) (3GPP12) (Both prior arts are submitted with the IDS)
The following is referring to independent claims 51, 57 and 58 and dependent claim 64
As per independent claim 51, 3GPP10 discloses a method for a user equipment (UE) to obtain security credentials for accessing a non-public network (NPN) [See 6.X.2.1: ..The NPN credential is for authentication with the SNPN…”], the method comprising:
performing a primary authentication procedure See 6.X.1:…”UE onboarding …UE is registered in the PLMN….];
receiving, from a unified data management (UDM) function, encrypted UE credentials for accessing the NPN [See figure 6.X.2-1, Steps 3 and 4]; and
decrypting the encrypted UE credentials [See figure 6.X.2-1, Step 5];
3GPP10 substantially discloses all the limitation recited the claim. Furthermore 3GPP10 further disclose a a primary authentication procedure and obtaining a Nudm_SDM_Notification Notify”including the encrypted UE credentials to be decrypted, but doesn’t explicitly disclose the following underlined claim limitation “performing a primary authentication procedure to obtain a key KAUSF and decrypting the encrypted UE credentials based on KAUSF”. In other word, 3GPP10 doesn’t disclose limitation that …the credentials are decrypted based on a key/KAUSF obtained during the primary authentication procedure.
However, 3GPP12 discloses the underlined claim limitation, ““performing a primary authentication procedure to obtain a key KAUSF and decrypting the encrypted UE credentials based on KAUSF” OR…the credentials are decrypted based on a key/KAUSF obtained during the primary authentication procedure [See, A. 19, page 199, section 6.15.2.1, UDM transmits encrypted UE parameters to a UE using a Nudm_SDM_Notification service equation, wherein the parameter are protected using the KAUSF obtained during a primary authentication procedure.
3GPP10 and 3GPP12 are an analogous/in the same field of endeavor as they both are directed to non-public networks.
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to implement in the system of 3GPP12 a mechanism or a feature such as “performing a primary authentication procedure to obtain a key KAUSF and decrypting the encrypted UE credentials based on KAUSF” as per teaching 3GPP12 for obtaining the credential and access a non-public network (NPN) securely. [See 3GPP12 at least page 9]
As per independent claim 57, 3GPP10 discloses a method for an authentication server function (AUSF) for a a non-public network (NPN) [See at least “AF” figure 6.X.2-1] to facilitate user equipment (UE) access to a non-public network (NPN) [figure 6.X.2-1]
the method comprising:
performing a primary authentication procedure [See 6.X.1:…”UE onboarding …UE is registered in the PLMN….];
receiving, from a unified data management (UDM) function, unencrypted UE credentials for the UE to access the NPN [See figure 6.X.2-1, Step 2] and
encrypting the UE credentials [See figure 6.X.2-1, Step 2]; and sending the encrypted UE credentials to the UDM function [[See figure 6.X.2-1, Step 2-4].
3GPP10 substantially discloses all the limitation recited the claim. Furthermore 3GPP10 further disclose a a primary authentication procedure and obtaining a Nudm_SDM_Notification Notify”including the encrypted UE credentials to be decrypted, but doesn’t explicitly disclose the following underlined claim limitation “performing a primary authentication procedure to obtain a key KAUSF and encrypting or decrypting the encrypted UE credentials based on KAUSF”. In other word, 3GPP10 doesn’t disclose limitation that …the credentials are encrypted or decrypted based on a key/KAUSF obtained during the primary authentication procedure.
However, 3GPP12 discloses the underlined claim limitation, ““performing a primary authentication procedure to obtain a key KAUSF and decrypting or encrypted the encrypted UE credentials based on KAUSF” OR…the credentials are decrypted or encrypted based on a key/KAUSF obtained during the primary authentication procedure [See, A. 19, page 199, section 6.15.2.1, UDM transmits encrypted UE parameters to a UE using a Nudm_SDM_Notification service equation, wherein the parameter are protected using the KAUSF obtained during a primary authentication procedure.
3GPP10 and 3GPP12 are an analogous/in the same field of endeavor as they both are directed to non-public networks.
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to implement in the system of 3GPP12 a mechanism or a feature such as “performing a primary authentication procedure to obtain a key KAUSF and decrypting the encrypted UE credentials based on KAUSF OR ” encrypting the unencrypted UE credentials based on KAUSF as per teaching 3GPP12 for significantly reducing the risk of credential breaches. [See 3GPP12 at least page 9]
As per independent claim 58, independent claim 58 is rejected for the same reason as that of the above independent claim 51.
As per dependent claim 52, the combination of 3GPP10 and 3GPP12 discloses the method or system as applied to claim 51 above. Furthermore, 3GPP12 discloses the method/system, wherein, one of the following cryptographic algorithms or functions is used to decrypt the encrypted UE credentials: a hash message authentication code (HMAC) function; or a cryptographic algorithm used for protection of UE Parameter Update (UPU) procedure payloads. [See at least Annex A19 and A20 define the exact KDF functions (HMAC-SHA-256 and 6.15.2.2 specifies that UPU-MAC-IAUSF/UPU-MAC-IUE are calculated using KAUSF as input key and HMAC-based function]
As per dependent claim 59, dependent claim 59 is rejected for the same reason as that of the above dependent claim 52.
As per dependent claim 53, the combination of 3GPP10 and 3GPP12 discloses the method or system as applied to claim 51 above. Furthermore, 3GPP12 discloses the method/system, wherein, one of the following keys is used to decrypt the UE credentials: KAUSF; or a key derived from KAUSF based on a Generic Bootstrapping Architecture (GBA), Key Derivation Function (KDF), and a specific FC value allocated for UPU key derivation.[ See at least 6.15.2.2, The AUSF and the UE shall associate a 16-bit CounterUPU with the key KAUSF…used as input into UPU-MAC derivation. Annex A.19/A. 20 specifies key derivation functions where KAUSF is input plus a Function Code (FC) value to produce the integrity keys]
As per dependent claim 60, dependent claim 60 is rejected for the same reason as that of the above dependent claim 53.
As per dependent claim 54, the combination of 3GPP10 and 3GPP12 discloses the method or system as applied to claim 51 above. Furthermore, 3GPP12 discloses the method/system, wherein, the encrypted UE credentials are received in control plane (CP) non-access stratum (NAS) signaling from an access and mobility management function (AMF) associated with the NPN [See at least 6.15.1, Parameters Update is a control plane procedure supported by UDM. 6.15.2.1, the protected UPU data shall be carried in a NAS container and delivered via the AMF]
As per dependent claim 61, dependent claim 61 is rejected for the same reason as that of the above dependent claim 54.
As per dependent claim 55, the combination of 3GPP10 and 3GPP12 discloses the method or system as applied to claim 51 above. Furthermore, 3GPP12 discloses the method/System, wherein, the primary authentication procedure is based on default UE credentials [See 6.1 and 6.1.1, the primary authentication in 5G is the 3GPP AKA procedure using default subscription credentials (SUPI/SUCI) stored in the USIM, these are default UE credentials used for initial primary authentication with AUSF/UDM]
As per dependent claim 62, dependent claim 62 is rejected for the same reason as that of the above dependent claim 55.
As per dependent claim 56, the combination of 3GPP10 and 3GPP12 discloses the method or system as applied to claim 51 above. Furthermore, 3GPP12 discloses the method/System further comprising obtaining access to the NPN based on the decrypted UE credentials [6.15.1, after successful integrity verification of UPU Data (protected with KAUSF), the UE updates its parameters. Those parameters include credentials (eg. NPN configuration, SoR data). Once updated, UE uses them to access and operate in the target network (PLMN or NPN context, depending on configuration].
As per dependent claim 63, dependent claim 63 is rejected for the same reason as that of the above dependent claim 56.
As per dependent claim 64, dependent claim 64 is rejected for the same reason as that of the above independent claim 51.
Conclusion
10. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
A. US Publication No. 20230057968-A1 to Sharma discloses a user equipment for a mobile telecommunications system, including circuitry configured to: communicate with a non-public network authentication-authorization-accounting server and initiate a registration procedure with the mobile telecommunications system; and provide an authentication interface between the non-public network authentication-authorization-accounting server and an authentication server function entity in the mobile tele-communications system.
B. US Publication No. -20190373461 A1 to Ito discloses a communication system capable of achieving advanced security in a 5G communication system. The communication system according to the present disclosure includes: a communication terminal (10); an Access and Mobility Management (AMF) entity (20) configured to execute Mobility Management (MM) processing regarding the communication terminal (10); and a Session Management Function (SMF) entity (30) configured to execute Session Management (SM) processing regarding the communication terminal (10), in which the communication terminal (10) sends an MM message used in the MM processing, a first security key having been applied to the MM message, between the communication terminal and the AMF entity (20), and sends an SM message used in the SM processing, a second security key having been applied to the SM message, between the communication terminal and the SMF entity (30) via the AMF entity (20).
C. See the other cited prior arts.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMSON B LEMMA whose telephone number is 571-272-3806. The examiner can normally be reached on M-F 8am-10pm.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shaw Yin Chen can be reached on to 571-272-8878. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SAMSON B LEMMA/Primary Examiner, Art Unit 2498
Prosecution Insights