METHOD AND DEVICE TO PROVIDE A SECURITY LEVEL FOR COMMUNICATION

DETAILED ACTION This Office Action is in response to the application 18/277,095 filed on August 13th, 2023. In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claims 1-14 are pending and herein considered. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement (IDS), submitted on 08/14/2023, is in compliance with the provisions of 37 CRR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Priority Acknowledgement is made of Applicant’s claim for foreign priority under 35 U.S.C. 119(a)-(d) to Application No. 21157226.8, the signed copy having been filed on February 15th, 2021. Claim Objections Claim 2 objected to because claim 2 is a device claim, but only recites steps in the body of the claim. Claim 14 objected to because claim 14, lines 1-4 “a computer program product … implementing a method according to claim 1” is the computer program product claim that refers back to claim 1. The Office considers any claim that refers to another claim as dependent thereon, i.e., a dependent claim. Since claim 1 is a method comprising 5 elements/functions and claim 14 fails to add, delete, or changes any of these functions, claim 14 fails to further limit its parent claim. Applicant is required to cancel the claim(s), or amend the claim(s) to place the claim(s) in proper dependent form, or rewrite the claim(s) in independent form. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. (a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention. Claims 1-3, 5 and 9-14 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Conceicao et al. (Conceicao), “Real-Time Dynamic Security for ProSe in 5G,” 2019 2nd International Conference On Signal Processing And Information Security (ICSPIS), IEEE, 30 October 2019 (2010-10-30), pages 1-4, XP033745167. Regarding claim 1; Conceicao discloses a method to establish a security level for communication between a first device and a second device over a physical channel according to a security protocol (pg. 1; abstract: a method with minimum radio cost and security overhead is proposed that allows changes in security levels in real-time.), the security protocol providing: - establishing first integrity data in the first device and second integrity data in the second device (pg. 3, section A; the information element (IE) can be sent over a pair security mode command and security mode complete keeping compliance from ProSe and previous cellular networks standards.); and - at least two security levels, the security level being selectable based on grading information transferred via the physical channel (pg. 3, table I; four security levels are defined based on cryptographic services.), wherein the security protocol according to the first security level does not prevent tracking of the first device across multiple communication sessions in the network based on recurring data in messages of the first device (pg. 3, table I; “level 1” messages are sent without protection; thus, tracking is not prevented.),) and the security protocol according to the second security level requires avoiding or modifying said recurring data to prevent tracking (pg. 3, table I; “level 4” messages are secured with data authentication, integrity and confidentiality; thus, the message is modified preventing tracking.), the method comprising: transferring via the physical channel a grading indicator indicative of a minimum security level as minimally required in at least one of the first and second device (pg. 3, section A; for each NW status that will be updated, Discovery, CP and UP security levels and algorithms used in each security service need to be updated; the information element (IE) can be sent over a pair security mode command and security mode complete.); providing integrity protection of the grading indicator based on the integrity data, and applying said tracking prevention when so indicated by the grading indicator (pg. 3, section A; pair security mode command and security mode complete, keeping compliance from ProSe and previous cellular networks standards, implying establishing of integrity data because security mode command and security mode complete messages are integrity protected in cellular networks standards.). Regarding claim 2; Conceicao discloses a device, the device being a first device adapted to establish a security level for communication between the first device and a second device over a physical channel according to a security protocol (pg. 1, section I; device-to-device (D2D) communications; direct User Equipment (UE) communications.), the security protocol providing: - establishing first integrity data in the first device and second integrity data in the second device (pg. 3, section A; the information element (IE) can be sent over a pair security mode command and security mode complete keeping compliance from ProSe and previous cellular networks standards.), and - at least two security levels, the security level being selectable based on grading information transferred via the physical channel (pg. 3, table I; four security levels are defined based on cryptographic services.), wherein the security protocol according to the first security level does not prevent tracking of the first device across multiple communication sessions in the network based on recurring data in messages of the first device and the security protocol according to the second security level requires avoiding or modifying said recurring data to prevent tracking (pg. 3, table I; “level 4” messages are secured with data authentication, integrity and confidentiality; thus, the message is modified preventing tracking.), the device comprising a processor arranged for: - sending or receiving via the physical channel a grading indicator indicative of a minimum security level as minimally required in at least one of the first and second device (pg. 3, section A; for each NW status that will be updated, Discovery, CP and UP security levels and algorithms used in each security service need to be updated; the information element (IE) can be sent over a pair security mode command and security mode complete.); - when sending, including protection data for the grading indicator based on the integrity data (pg. 1, section I; ProSe UEs can change security settings at will, creating vulnerabilities to malicious that can try to enforce lower or no security (downgrading attacks).); - when receiving, verifying the protection data based on the integrity data (pg. 3, table III; IEs exchanged with the CN and authentication data size are not accounted for in order to compare only the direct impact on the security overhead on the UEs and because there are different authentication methods that can be used.); and - applying at least the minimum security level for the communication between the first device and the second device (pg. 3, table I; “level 1” messages are sent without protection; thus, tracking is not prevented.)) and -applying said tracking prevention when so indicated by the grading indicator (pg. 3, table I; “level 4” messages are secured with data authentication, integrity and confidentiality; thus, the message is modified preventing tracking.). Regarding claim 3; Conceicao discloses the device according to claim 2, wherein in the security protocol according to the first security level requires determining a pairwise master key in both the first and the second device based on private and public key material, the pairwise master key being used for determining the pairwise master key involving ephemeral Diffie-Hellman key pairs, and the processor is arranged to apply the second security level when so indicated by the grading indicator (pg. 2; section B; in UE-to-NW, keys are also transported to both relays and remote UEs via a ProSe protocol instead of mutual authentication and key agreement, while both are still in coverage.). Regarding claim 5; Conceicao discloses the device according to claim 2, wherein in the security protocol at least part of the grading information lacks integrity protection (pg. 3, section A; pair security mode command and security mode complete keeping compliance from ProSe and previous cellular networks standards.). Regarding claim 9; Conceicao discloses the device according to claim 3, wherein in the security protocol is based upon the Device Provisioning Protocol for configuring Wi-Fi device as defined in [DPP], and wherein the connector message is based on the Connector as defined in the Device Provisioning Protocol modified by inserting the grading indicator; wherein the processor is adapted to receive the modified Connector (pg. 3, section A; pair security mode command and security mode complete keeping compliance from ProSe and previous cellular networks standards.). Regarding claim 10; Conceicao discloses the device according to claim 2, wherein the security protocol is based upon the Device Provisioning Protocol for configuring Wi-Fi devices as defined in [DPP], and wherein the connector message is a reconfiguration Connector based on the Connector generated for use in a Reconfiguration Authentication Request message as defined in the Device Provisioning Protocol (pg. 3, section A; pair security mode command and security mode complete keeping compliance from ProSe and previous cellular networks standards.); the configurator inserting the grading indicator in the reconfiguration Connector, the grading indicator being indicative of a prevention constraint indicating that device tracking prevention can or should be used by a device that wants to be reconfigured, and the processor is arranged for - retrieving the prevention constraint from the modified connector (pg. 3, section IV; Bootstrapping ProSe.); applying tracking prevention during reconfiguration based on the prevention constraint (pg. 3, table I; “level 4” messages are secured with data authentication, integrity and confidentiality; thus, the message is modified preventing tracking.). Regarding claim 11; Conceicao discloses the device according to claim 2, wherein the physical channel is a wireless communication channel (pg. 2, fig. 1; overview of ProSe.). Regarding claim 12; Conceicao discloses the device according to claim 2, wherein the integrity data is applied for providing integrity protection of messages transferred via the physical channel (pg. 3, section A; pair security mode command and security mode complete keeping compliance from ProSe and previous cellular networks standards.). Regarding claim 13; Conceicao discloses a method for use in a device, the method establishing a security level for communication between the device and a further device over a physical channel according to a security protocol (pg. 1, section I; device-to-device (D2D) communications; direct User Equipment (UE) communications.), the security protocol providing: - establishing first integrity data in the device and second integrity data in the further device (pg. 3, section A; the information element (IE) can be sent over a pair security mode command and security mode complete keeping compliance from ProSe and previous cellular networks standards.), and - at least two security levels, the security level being selectable based on grading information transferred via the physical channel (pg. 3, table I; four security levels are defined based on cryptographic services.), wherein the security protocol according to the first security level does not prevent tracking of the first device across multiple communication sessions in the network based on recurring data in messages of the first device and the security protocol according to the second security level requires avoiding or modifying said recurring data to prevent tracking (pg. 3, table I; “level 4” messages are secured with data authentication, integrity and confidentiality; thus, the message is modified preventing tracking.), the method being arranged for: - sending or receiving via the physical channel a grading indicator indicative of a minimum security level as minimally required in at least one of the device and further device (pg. 3, section A; for each NW status that will be updated, Discovery, CP and UP security levels and algorithms used in each security service need to be updated; the information element (IE) can be sent over a pair security mode command and security mode complete.); - when sending, including protection data for the grading indicator based on the integrity data (pg. 1, section I; ProSe UEs can change security settings at will, creating vulnerabilities to malicious that can try to enforce lower or no security (downgrading attacks).); -when receiving, verifying the protection data based on the integrity data (pg. 3, table III; IEs exchanged with the CN and authentication data size are not accounted for in order to compare only the direct impact on the security overhead on the UEs and because there are different authentication methods that can be used.); - applying at least the minimum security level for the communication between the device and the further device (pg. 3, table I; “level 1” messages are sent without protection; thus, tracking is not prevented.)), and -applying said tracking prevention when so indicated by the grading indicator (pg. 3, table I; “level 4” messages are secured with data authentication, integrity and confidentiality; thus, the message is modified preventing tracking.). Regarding claim 14; Claim 14 is directed to a computer program product which has similar scope as claim 1. Therefore, claim 14 remains un-patentable for the same reasons. Allowable Subject Matter Claims 4, or 6-8 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. The following is a statement of reasons for the indication of allowable subject matter: Regarding claim 4; Claim 4 recites additional features of “the security protocol according to the first security level requires determining a pairwise master key in both the first and the second device based on private and public key material, the pairwise master key being used for determining session keys for encrypted communication between the first device and the second device, the security protocol according to the second security level requires determining the pairwise master key involving ephemeral Diffie-Hellman key pairs, and the processor is arranged to apply the second security level when so indicated by the grading indicator” which meets the requirements of PCT with respect to novelty and/or inventive step. Regarding claim 6; Claim 6 recites additional features of “the security protocol comprises a setup protocol that comprises: obtaining a certificate from a certification authority; - providing security parameters using the certificate - transferring the security parameters to the device via setup messages, wherein the certificate includes the grading indicator, the grading indicator being indicative of constraints of the security parameters, and the processor is arranged for - retrieving the grading indicator from the certificate; -receiving the setup messages; and -determining the security level based on the setup messages and the constraints of the security parameters” which meets the requirements of PCT with respect to novelty and/or inventive step. Regarding claim 7; Claim 7 depends from claim 6. Therefore, claim 7 is allowable. Regarding claim 8; Claim 8 depends from claim 6. Therefore, claim 8 is allowable. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHOI V LE whose telephone number is (571)270-5087. The examiner can normally be reached 9:00 AM - 5:00 PM EST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on 571-272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /KHOI V LE/ Primary Examiner, Art Unit 2436