TAMPER-PROOF EVENT LOGGING FOR OPEN-RADIO ACCESS NETWORKS (O-RANs)

DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103, which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-5, 7, 10-17 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US 20200344074 A1 (Främling), in view of O-RAN.WG11.SecReqSpecs.0-R003-v07.0 (O-RAN Spec), and Trusted Platform Module Library Part 1 and Part 2, Family “2.0”, Level 00 Revision 01.59, November 8, 2019 (TPM). Regarding Claims 1, 12 and 20: A method, executed by a processor (Främling: Figs. 1-5A-B, a system configuration and method for secured event logging), comprising: detecting a first event log associated with a first network component of an open-radio access network (O-RAN) (Främling: e.g., Figs. 2-3, detection and collection of log event from distributed system components); generating a first digest associated with the first event log (Främling: e.g., Fig. 5 and par. 100, hash of the raw data may also be referred to as a digest or a hash code, i.e., secure log infrastructure computers digests of each event; TPM: Part 1, 31., “the TPM produces a standard attestation structure and appends the command-specific data. The resulting data block is then hashed and signed by the selected signing key.”; Part 2, 6.3, Algorithm ID,; 9.27-29, hash algorithms with an algorithm ID; ); Främling does not teach explicitly on secured event log on O-RAN. However, O-RAN Spec teaches (O-RAN Spec: e.g., 4.-5.). It would have been obvious for one of ordinary skill in the art before the effective filling date of the claimed invention was made to modify Främling with secured event log on O-RAN as further taught by O-RAN Spec. The advantage of doing so is to leverage the industry standards to enrich system security and ensure compatibilities in the marketplace. applying a first encryption key on the first digest associated with the first event log (Främling: e.g., Fig. 5 and 92-126, Logs use encryption keys to protect digest); Främling does not teach explicitly on generating a first encrypted digest from the first digest based on the application of the first encryption key on the first digest; generating first log information associated with the first network component, based on the first event log and the first encrypted digest; transmitting the first log information to a service management component of the O-RAN, the service management component is configured to validate, based on the first encrypted digest, an authenticity of the first event log; and controlling a first display device to render the first log information based on the authenticity of the first event log. However, TPM in addition to Främling and O-RAN Spec teach: generating a first encrypted digest from the first digest based on the application of the first encryption key on the first digest (TPM: Part 1, 22., TPM uses asymmetric or symmetric keys to sign or encrypt digests; part 2, 11.3-11.4, the signature is a n “encrypted digest created using a key; Främling: e.g., par. 114, Certifying Authority may generate a unique serial number associated with the certificate that is to identify the certificate, and this serial number is stored within the certificate); generating first log information associated with the first network component, based on the first event log and the first encrypted digest (TPM: part 1, 11.6.2., (event) log entry; 9.4.3 and 35., audit logs); transmitting the first log information to a service management component of the O-RAN (O-RAN: e.g. Fig. 5.1.1.2.2-1 and 5.1.1.2.4, SMO log export through secured O-RAN security protocols); the service management component is configured to validate, based on the first encrypted digest, an authenticity of the first event log; and controlling a first display device to render the first log information based on the authenticity of the first event log (O-RAN: 5.3.2.1.1, e.g., REQ-SEC-ALM-PKG-6: The Application package shall be validated by SMO upon its reception using the signature generated and provided by the Application Provider; TPM: part 1 , e.g., 27.4, 31.6, where displaying info to an user is known practice in the field). It would have been obvious for one of ordinary skill in the art before the effective filling date of the claimed invention was made to modify Främling with generating a first encrypted digest from the first digest based on the application of the first encryption key on the first digest; generating first log information associated with the first network component, based on the first event log and the first encrypted digest; transmitting the first log information to a service management component of the O-RAN, the service management component is configured to validate, based on the first encrypted digest, an authenticity of the first event log; and controlling a first display device to render the first log information based on the authenticity of the first event log as further taught by TPM. The advantage of doing so is to provide a trusted platform module to enable trust in computer platform. Regarding Claims 2 and 13, Främling as modified further teaches: The method according to claim 1, wherein the service management component is further configured to transmit a result of the validation of the authenticity of the first event log and the first log information to a security management component of the O-RAN and the first network component (O-RAN: e.g. Fig. 5.1.1.2.2-1 and 5.1.1.2.4, SMO log export through secured O-RAN security protocols; 5.3.2.1.1, e.g., REQ-SEC-ALM-PKG-6: The Application package shall be validated by SMO upon its reception using the signature generated and provided by the Application Provider) . Regarding Claims 3 and 14, Främling as modified further teaches: The method according to claim 1, further comprising receiving the first encryption key by the first network component from a key-delivery component of the O-RAN (TPM: Part 2, 6.3, Algorithm IDs; 9.27-29, hash algorithms with an algorithm ID). Regarding Claims 4 and 15, Främling as modified further teaches: The method according to claim 3, wherein the first encryption key corresponds to a secret encryption key distributed to a set of network components of the O-RAN by the key-delivery component, and the set of network components includes the first network component (Främling: e.g., e.g., par. 121, signature may use public/private key, where the public key may be distributed to a set of network components of the O-RAN). Regarding Claims 5 and 16, Främling as modified further teaches: The method according to claim 3, wherein each network component of a set of network components of the O-RAN is configured to receive a corresponding encryption key of a set of encryption keys from the key-delivery component, each encryption key of the set of encryption keys corresponds to a secret encryption key, the set of network components includes the first network component, and the set of encryption keys includes the first encryption key (Främling: e.g., e.g., par. 121, signature may use public/private key, where the public key may be distributed to a set of network components of the O-RAN). Regarding Claims 7 and 17, Främling as modified further teaches: The method according to claim 5, wherein the service management component is further configured to receive each encryption key of the set of encryption keys from the key-delivery component (Främling: e.g., e.g., par. 121, signature may use public/private key, where the public key may be distributed to a set of network components of the O-RAN; O-RAN: O-RAN: e.g. Fig. 5.1.1.2.2-1 and 5.1.1.2.4, SMO log export through secured O-RAN security protocols;). Regarding Claim 10, Främling as modified further teaches: The method according to claim 1, wherein the set of network components includes at least one of: an open-cloud (O-cloud) component, a radio unit (RU) component, a distributed unit (DU) component, a centralized unit (CU) component, or a radio intelligent controller (RIC) component (O-RAN Spec: Fig. 4-1). Regarding Claim 11, Främling as modified further teaches: The method according to claim 1, further comprising: applying a concatenation operation on the first event log and the first encrypted digest, wherein the generation of the first log information is further based on the concatenation operation (Främling: Fig. 2; TPM: part 1, 4.32, 11.4.10.2). Allowable Subject Matter The Claims 6, 8 and 18 are objected to as being dependent upon a rejected base claim, but are potentially allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Claims 9 and 19 depend on objected Claims 8 and 18, therefore, are objected for the same reasons as Claims 8 and 18 respectively. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHITONG CHEN whose telephone number is (571) 270-1936. The examiner can normally be reached on M-F 9:30am - 5pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Yuwen Pan can be reached on 571-272-7855. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /ZHITONG CHEN/ Primary Examiner, Art Unit 2649