DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This action is in response to the amendment filed by Applicant on 04/20/2026. This action is made FINAL.
Response to Arguments
Applicant’s arguments with respect to claims 1-7 and 16-27 have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-7 and 16-27 are rejected under 35 U.S.C. 103 as being unpatentable over "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on the security of Access and Mobility Management Function (AMF) re-allocation; (Release 17)", 1 February 2021, pages 1-38, XP051999426; provided by Applicant; (hereinafter referred to as 3GPP for simplicity) in view of Verma et al (Publication number: US 2020/0106812).
Consider Claim 1, 3GPP shows an apparatus for performing a network function (see figure 6.6.2-1), the apparatus (read as AUSF), comprising: (a) At least one memory (see page 3; figure 6.6.2-1); (In step 3, the AUSF stores a received SNN and SUCI/SUPI temporarily in its local memory).
(b) At least one processor coupled with the at least one memory and configured to cause the apparatus to: receive a security request message from an initial access and mobility management function (AMF), an initial security anchor function (SEAF), or a combination thereof, wherein the security request message comprises information indicating a serving network name (SNN), whether routing information is required, a subscription permanent identifier (SUPI), or a combination thereof (see page 3; figure 6.6.2-1); (In step 2a-b, the initial AMF forwards the received initial UE message containing Registration Request to the SEAF by including the AMF Slice Capabilities. The SEAF further sends a Request message to the AUSF, which shall contain SUCI/SUPI, SNN and AMF Slice Capabilities. The AMF Slice Capabilities can indicate one or more slice(s) or service information).
(c) Determine routing information based on the security request message; and transmit a security response message to the initial AMF, the initial SEAF, or the combination thereof, wherein the security response message comprises the routing information (see page 31); (In step 8, the AUSF sends to the SEAF, the response message containing SUPI, authentication result as success, Slice Incompatibility Indication. The SEAF forwards the received SUPI, authentication result as success, the Slice Incompatibility Indication and AMF_AUTN to the initial AMF).
However, 3GPP does not specifically show routing information that identifies selecting a network function instance that stores a security context with the SUPI.
In the same field of endeavor, Verma et al shows routing information that identifies selecting a network function instance that stores a security context with the SUPI (see paragraphs 58-65).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the security platform extracting SUPI information function shown in Verma into the teachings of 3GPP in order to implement security policies (see Verma et al; paragraph 58).
Consider Claim 16, 3GPP shows a method of performing a network function (see figure 6.6.2-1), the method comprising:
(a) Receiving a security request message from an initial access and mobility management function (AMF), an initial security anchor function (SEAF), or a combination thereof, wherein the security request message comprises information indicating a serving network name (SNN), whether routing information is required, a subscription permanent identifier (SUPI), or a combination thereof (see page 3; figure 6.6.2-1); (In step 2a-b, the initial AMF forwards the received initial UE message containing Registration Request to the SEAF by including the AMF Slice Capabilities. The SEAF further sends a Request message to the AUSF, which shall contain SUCI/SUPI, SNN and AMF Slice Capabilities. The AMF Slice Capabilities can indicate one or more slice(s) or service information).
(b) Determining routing information based on the security request message; and transmitting a security response message to the initial AMF, the initial SEAF, or the combination thereof, wherein the security response message comprises the routing information (see page 31); (In step 8, the AUSF sends to the SEAF, the response message containing SUPI, authentication result as success, Slice Incompatibility Indication. The SEAF forwards the received SUPI, authentication result as success, the Slice Incompatibility Indication and AMF_AUTN to the initial AMF).
However, 3GPP does not specifically show routing information that identifies selecting a network function instance that stores a security context with the SUPI.
In the same field of endeavor, Verma et al shows routing information that identifies selecting a network function instance that stores a security context with the SUPI (see paragraphs 58-65).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the security platform extracting SUPI information function shown in Verma into the teachings of 3GPP in order to implement security policies (see Verma et al; paragraph 58).
Consider Claim 21, 3GPP shows a processor for wireless communication (see figure 6.6.2-1), comprising:
(a) At least one controller coupled with at least one memory and configured to cause the processor to: receive a security request message from an initial access and mobility management function (AMF), an initial security anchor function (SEAF), or a combination thereof, wherein the security request message comprises information indicating a serving network name (SNN), whether routing information is required, a subscription permanent identifier (SUPI), or a combination thereof (see page 3; figure 6.6.2-1); (In step 2a-b, the initial AMF forwards the received initial UE message containing Registration Request to the SEAF by including the AMF Slice Capabilities. The SEAF further sends a Request message to the AUSF, which shall contain SUCI/SUPI, SNN and AMF Slice Capabilities. The AMF Slice Capabilities can indicate one or more slice(s) or service information).
(b) Determine routing information based on the security request message; and transmit a security response message to the initial AMF, the initial SEAF, or the combination thereof, wherein the security response message comprises the routing information (see page 31); (In step 8, the AUSF sends to the SEAF, the response message containing SUPI, authentication result as success, Slice Incompatibility Indication. The SEAF forwards the received SUPI, authentication result as success, the Slice Incompatibility Indication and AMF_AUTN to the initial AMF).
However, 3GPP does not specifically show routing information that identifies selecting a network function instance that stores a security context with the SUPI.
In the same field of endeavor, Verma et al shows routing information that identifies selecting a network function instance that stores a security context with the SUPI (see paragraphs 58-65).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the security platform extracting SUPI information function shown in Verma into the teachings of 3GPP in order to implement security policies (see Verma et al; paragraph 58).
Consider claims 2, 17, and 22, 3GPP shows that the at least one processor is configured to cause the apparatus to receive a key request message from a target AMF, a target SEAF, or a combination thereof, and the key request message comprises information indicating the SNN, the target AMF, or a combination thereof (see figure 6.6.2-1; and page 31); (see step 10a, key request).
Consider Claims 3, 18, and 23, 3GPP shows that the at least one processor is configured to cause the apparatus to derive a key based on the key request message, wherein deriving the key based on the key request message comprises deriving the key based on the target AMF (see figure 6.6.2-1; and page 31); (see step 10c, key response).
Consider Claims 4, 19, and 24, 3GPP shows that the at least one processor is configured to cause the apparatus to verify the SNN to verify whether the target AMF is authorized to use the SNN (see figure 6.6.2-1; and page 31); (In step 10b, the AUSF verifies the received AMF_AUTN based on the UE authentication information locally stored. If the Target AMF provided AMF_AUTN matches with the locally stored AMF_AUTN for a SUCI, then the
AUSF considers the AMF_AUTN verification (i.e., Reallocated AMF authentication) as successful and fetches the corresponding UE security context).
Consider Claims 5, 20, and 25, 3GPP shows that the at least one processor is configured to cause the apparatus to: transmit a key response message to the target AMF, the target SEAF, or the combination thereof, wherein the key response message comprises the key; and delete locally stored user equipment (UE) context information in response to transmitting the key response message (see figure 6.6.2-1; and pages 31-32); (In step 10b, the AUSF verifies the received AMF_AUTN based on the UE authentication information locally stored. If the Target AMF provided AMF_AUTN matches with the locally stored AMF_AUTN for a SUCI, then the AUSF considers the AMF_AUTN verification (i.e., Reallocated AMF authentication) as successful and fetches the corresponding UE security context. On receiving Security Context Request message, the AUSF based on the SUPI identifies Step 4. the locally stored security context (i.e., the one stored during primary authentication as in step 7b of Figure 6.6.2-1) and derives an authentication token for AMF (AMF_AUTN) using hash of AUSF key, SUPI and Target AMF Information Locally stores the AMF_AUTN and 5G-GUTI along with the SUPI and related information).
Consider Claims 6 and 26, 3GPP shows that the apparatus comprises an authentication server function (AUSF), a network function (NF), or a combination thereof (see figure 6.6.2-1).
Consider Claims 7 and 27 the routing information comprises an AUSF instance identifier (ID), a unified data management (UDM) instance ID, an AUSF group ID, a UDM group ID, AUSF identification information, UDM identification information, a routing indicator, network routing information, an AUSF address, a UDM address, or a combination thereof (see page 3; figure 6.6.2-1); (In step 2a-b, the initial AMF forwards the received initial UE message containing Registration Request to the SEAF by including the AMF Slice Capabilities. The SEAF further sends a Request message to the AUSF, which shall contain SUCI/SUPI, SNN and AMF Slice Capabilities. The AMF Slice Capabilities can indicate one or more slice(s) or service information).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL A FARAGALLA whose telephone number is (571)270-1107. The examiner can normally be reached Mon-Fri 8:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Matthew Eason can be reached at 571-270-7230. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MICHAEL A FARAGALLA/Primary Examiner, Art Unit 2624 06/18/2026