Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsBEIJING XIAOMI MOBILE SOFTWARE CO., LTD. › 18580591
Last updated: April 19, 2026
Application No. 18/580,591

CREDENTIAL TRANSMISSION METHOD AND APPARATUS, COMMUNICATION DEVICE, AND STORAGE MEDIUM

Non-Final OA §103
Filed
Jan 18, 2024
Examiner
JAIN, SWATI
Art Unit
2649
Tech Center
2600 — Communications
Assignee
BEIJING XIAOMI MOBILE SOFTWARE CO., LTD.
OA Round
1 (Non-Final)
83%
Grant Probability
Favorable
1-2
OA Rounds
2y 11m
To Grant
99%
With Interview

Interview Optional

+26.3% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 113 resolved cases, 2023–2026

Examiner Intelligence

JAIN, SWATI View full profile →
Grants 83% — above average
83%
Career Allow Rate
94 granted / 113 resolved
+21.2% vs TC avg
Strong +26% interview lift
Without
With
+26.3%
Interview Lift
resolved cases with interview
Typical timeline
2y 11m
Avg Prosecution
28 currently pending
Career history
141
Total Applications
across all art units

Statute-Specific Performance

§101
2.3%
-37.7% vs TC avg
§103
74.4%
+34.4% vs TC avg
§102
15.5%
-24.5% vs TC avg
§112
2.4%
-37.6% vs TC avg
Black line = Tech Center average estimate • Based on career data from 113 resolved cases

Office Action

§103
DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-4, 6-10, 12, 15, 16, 18, 20, 22, 23 and 37 are rejected under 35 U.S.C. 103 as being unpatentable over US 20210400490 A1 (WU et al.)(hereinafter WU) in view of Intel, "Registration Procedure for UE Onboarding", S2-2102320, 3GPP TSG-SA WG2 Meeting #144E, 12th - 16th April 2021 (23p) (hereinafter Intel) and in further view of HUAWEI et al., "Clarification on Key Issue #2", S3-202749, 3GPP TSG WG3 Meeting #100bis-e, e-meeting, 12-16 October 2020, (3p) (hereinafter Huawei). In re claim 1, WU discloses a credential transmission method (Fig. 3, [0008], “the method provided in the embodiments of this application can be performed to implement collaborative processing on user plane data integrity protection between devices. For example, the method may enable all the devices to activate the user plane data integrity protection function or enable no device to activate the user plane data integrity protection function, so that the devices are kept consistent in their processing manner, thereby reducing an error probability”), comprising: receiving, by a terminal, first indication information sent by a base station (Fig. 5: S512, [0355], “S316: The NG-RAN sends an RRC connection reconfiguration message to the UE, and the UE receives the RRC connection reconfiguration message from the NG-RAN”); wherein the first indication information is used for indicating that a user plane security protection operation of a data radio bearer (DRB) of the terminal is requested to be activated or not to be activated (Fig. 3:S315, [0342], “S311: The UE sends a PDU session establishment request message to the NG-RAN, and the NG-RAN receives the PDU session establishment request from the UE”. [0345], “The PDU session establishment request message may include information such as a PDU session ID, a data network name (DNN), and network slice selection assistance information (NSSAI)”. [0346], “S312: The NG-RAN forwards the PDU session establishment request to an access and mobility management function (AMF) network element, and after receiving the PDU session establishment request, the AMF network element forwards the PDU session establishment request to the SMF”. [0348], “S313: The SMF obtains a user plane security policy (UP security policy or user plane security enforcement information)”. [0351], “S314: The SMF network element sends N2 information (message) to the NG-RAN through the AMF, and the NG-RAN receives the N2 information from the SMF network element through the AMF”. [0352], “The N2 information may carry the user plane security policy obtained by the SMF in S33 (equivalent to receiving security policy information sent by the second core network device)”. [0350], “The user plane security policy may include two types of information: (1) User plane data encryption protection needs to be activated (required), tends to be activated (preferred), or does not need to be activated (not needed). (2) User plane data integrity protection is “required”, “preferred”, or “not needed””. [0353], “S315: The NG-RAN activates user plane security based on the user plane security policy”); and the DRB is at least used for bearing a credential required by the terminal for accessing a stand-alone non-public network (SNPN). WU does not explicitly disclose a credential transmission method. Intel discloses a credential transmission method (Fig. 4.2.2.2.2-1, step 1, section 4.2.2.2.1, “SNPN Onboarding Registration allows the UE to access an ONN based on the default UE credentials for the purpose of provisioning the UE with SO-SNPN credentials to enable SO-SNPN access. SNPN Onboarding Registration is only applicable for registration with ON-SNPN”. Page 6, lines 23-25, “an Emergency Registration or SNPN Onboarding Registration (i.e., allows the UE to access an ONN for the purpose of provisioning the UE with SOSNPN credentials)”. Pages 1-11, “the UE sends a registration request to the RAN; and step 3, the RAN sends the registration request to the new AMF, the registration request comprising a registration type, and the registration type indicating whether the UE wants to perform SNPN onboarding registration”). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of WU with Intel to provide a security configuration method in a handover scenario wherein a target access network node receives a first message including first information indicating a terminal device to be handed over from a source access network node to the target access network node and indicating to use a user plane security configuration that is of a data radio bearer and that is the same as that of a data radio bearer of the source access network node. The advantage of doing so is to reduce security risk caused by different security configurations of the data radio bearer when the target access network node and the source access network node transmit a same data packet and improve data transmission security. WU and Intel do not explicitly disclose DRB is at least used for bearing a credential required by the terminal for accessing a stand-alone non-public network (SNPN). Huawei discloses DRB is at least used for bearing a credential required by the terminal for accessing a stand-alone non-public network (SNPN) (Pages 1-3, “the UE can perform the onboarding procedure on onboarding network, and then the UE may be remotely provisioned with the SNPN credentials by Provisioning Server (PS). The SNPN credentials shall be confidentiality protected, integrity protected, and replay protected during remote provisioning”). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of WU with Intel and Huawei to provide a security configuration method in a handover scenario wherein a target access network node receives a first message including first information indicating a terminal device to be handed over from a source access network node to the target access network node and indicating to use a user plane security configuration that is of a data radio bearer and that is the same as that of a data radio bearer of the source access network node. The advantage of doing so is to reduce security risk caused by different security configurations of the data radio bearer when the target access network node and the source access network node transmit a same data packet and improve data transmission security. In re claim 2, the combination discloses the method according to claim 1, wherein WU discloses wherein the user plane security protection operation comprises at least one of integrity protection or encryption ([0356], “The RRC connection reconfiguration message may carry a user plane data encryption protection indication or a user plane data integrity protection activation indication”). In re claim 3, the combination discloses the method according to claim 1, wherein WU discloses wherein the receiving the first indication information sent by the base station comprises: receiving a radio resource control (RRC) connection reconfiguration message carrying the first indication information sent by the base station ([0356], “The RRC connection reconfiguration message may carry a user plane data encryption protection indication or a user plane data integrity protection activation indication”. [0360], “If an integrity check for the RRC connection reconfiguration message succeeds, the UE sends the RRC connection reconfiguration complete message to the NG-RAN”). In re claim 4, the combination discloses the method according to claim 3, wherein WU discloses the method further comprising: verifying the RRC connection reconfiguration message, and obtaining a result of the verifying; and determining, based on the first indication information in response to the result of the verifying indicating that the verifying is successful, whether to activate the user plane security protection operation of the DRB of the terminal ([0357], “S317: The UE activates user plane security based on an indication”. [0360], “If the UE determines that integrity protection for a data resource bearer (DRB) of the PDU session is to be activated, the UE may activate uplink integrity protection and downlink integrity protection verification” (whether to activate the user plane data integrity protection may be determined by using a bearer as a granularity. Equivalent to the first indication information being used for indicating: a user plane security protection operation of a radio data bearer of the terminal is requested to be activated or deactivated)). In re claim 6, the combination discloses the method according to claim 4, wherein WU discloses the method further comprising: rejecting the RRC connection reconfiguration message in response to the first indication information indicating that the user plane security protection operation of the DRB of the terminal is requested not to be activated; or in response to the first indication information indicating that the user plane security protection operation of the DRB of the terminal is requested to be activated, accepting the RRC connection reconfiguration message, and performing the user plane security protection operation ([0350], “The user plane security policy may include two types of information: (1) User plane data encryption protection needs to be activated (required), tends to be activated (preferred), or does not need to be activated (not needed). (2) User plane data integrity protection is “required”, “preferred”, or “not needed”” (indication may be for user plane security protection operation to be activated or not to be activated) . [0353], “S315: The NG-RAN activates user plane security based on the user plane security policy”. [0356], “The RRC connection reconfiguration message may carry a user plane data encryption protection indication or a user plane data integrity protection activation indication”. [0360], “If the UE determines that integrity protection for a data resource bearer (DRB) of the PDU session is to be activated, the UE may activate uplink integrity protection and downlink integrity protection verification” (whether to activate the user plane data integrity protection may be determined by using a bearer as a granularity)). In re claim 7, the combination discloses the method according to claim 6, wherein WU discloses the method further comprising: sending an RRC connection reconfiguration completion message to the base station ([0359], “S318: The UE sends an RRC connection reconfiguration complete message to the NG-RAN, and the NG-RAN receives the RRC connection reconfiguration complete message from the UE”). In re claim 8, the combination discloses the method according to claim 1, wherein WU discloses wherein the base station is in an onboarding network (ONN), and the method further comprises: sending second indication information to the base station during an RRC connection establishment process (Fig. 5: S514, [0356], “The RRC connection reconfiguration message may carry a user plane data encryption protection indication or a user plane data integrity protection activation indication”), wherein Intel discloses wherein the second indication information is used for indicating that an RRC connection being established is used for the terminal to log into the ONN (Pages 1-11, Fig. 4.2.2.2.2-1, step 1, the UE sends a registration request to the RAN; and step 3, the RAN sends the registration request to the new AMF, the registration request comprising a registration type, and the registration type indicating whether the UE wants to perform SNPN onboarding registration allowing the UE to access an ONN for the purpose of provisioning the UE with SO-SNPN credentials (registering to allow access and login to ONN)). In re claim 9, the combination discloses the method according to claim 8, wherein Intel discloses the method further comprising: sending, in response to the terminal initiating registration to the ONN, a registration request message to the base station; wherein a registration type of the registration request message is set to be a predetermined registration type; and the predetermined registration type is used for indicating that the registration request message is used for logging into the ONN to obtain the credential (Fig. 4.2.2.2.2-1, step 1, pages 1-11, “the UE sends a registration request to the RAN; and step 3, the RAN sends the registration request to the new AMF, the registration request comprising a registration type, and the registration type indicating whether the UE wants to perform SNPN onboarding registration” (i.e. allowing the UE to access an ONN for the purpose of provisioning the UE with SO-SNPN credentials, equivalent to the predetermined registration type)). In re claim 10, the combination discloses the method according to claim 9, wherein WU discloses the method further comprising: initiating, in response to the terminal logging into the ONN successfully and requiring to receive the credential via the ONN, a protocol data unit (PDU) session establishment procedure; wherein the initiating the PDU session establishment procedure comprises: sending a first PDU session establishment request message to the base station, wherein the first PDU session establishment request message carries digital data network (DNN) information used for obtaining the credential ([0345], “The PDU session establishment request message may include information such as a PDU session ID, a data network name (DNN), and network slice selection assistance information (NSSAI)”). In re claim 37, WU discloses a communication device, comprising: a memory (Fig. 25B:2502); and a processor (Fig. 25B: 2501), connected to the memory, and configured to perform, through executing a computer executable instruction stored in the memory, the credential transmission method according to claim 1 ([0873], “Alternatively, when the communications apparatus 2500 is configured to implement the functions of the terminal device described above, the processor 2501 may be configured to perform some steps or all steps”). In re claim 12, WU discloses a credential transmission method, performed by a base station ([0379], “S511: The access network device determines first information, where the first information is used to indicate whether to activate a user plane data integrity protection function, or is used to indicate whether the access network device supports a user plane data integrity protection function”), and comprising: receiving, by a base station, security policy information sent by a second core network device (Fig. 3: S315, [0346], “S312: The NG-RAN forwards the PDU session establishment request to an access and mobility management function (AMF) network element, and after receiving the PDU session establishment request, the AMF network element forwards the PDU session establishment request to the SMF”. [0348], “S313: The SMF obtains a user plane security policy (UP security policy or user plane security enforcement information)”. [0351], “S314: The SMF network element sends N2 information (message) to the NG-RAN through the AMF, and the NG-RAN receives the N2 information from the SMF network element through the AMF”. [0352], “The N2 information may carry the user plane security policy obtained by the SMF in S33 (equivalent to receiving security policy information sent by the second core network device)”); and sending, by the base station and to a terminal, first indication information determined based on the security policy information (Fig. 3: S317, [0353], “The NG-RAN activates user plane security based on the user plane security policy”); wherein the first indication information is used for indicating that a user plane security protection operation of a data radio bearer (DRB) of the terminal is requested to be activated or not to be activated ([0350], “The user plane security policy may include two types of information: (1) User plane data encryption protection needs to be activated (required), tends to be activated (preferred), or does not need to be activated (not needed). (2) User plane data integrity protection is “required”, “preferred”, or “not needed””); and the DRB is at least used for bearing a credential required by the terminal for accessing a stand-alone non-public network (SNPN). WU does not explicitly disclose a credential transmission method. Intel discloses a credential transmission method (Fig. 4.2.2.2.2-1, step 1, section 4.2.2.2.1, “SNPN Onboarding Registration allows the UE to access an ONN based on the default UE credentials for the purpose of provisioning the UE with SO-SNPN credentials to enable SO-SNPN access. SNPN Onboarding Registration is only applicable for registration with ON-SNPN”. Page 6, lines 23-25, “an Emergency Registration or SNPN Onboarding Registration (i.e., allows the UE to access an ONN for the purpose of provisioning the UE with SOSNPN credentials)”. Pages 1-11, “the UE sends a registration request to the RAN; and step 3, the RAN sends the registration request to the new AMF, the registration request comprising a registration type, and the registration type indicating whether the UE wants to perform SNPN onboarding registration”). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of WU with Intel to provide a security configuration method in a handover scenario wherein a target access network node receives a first message including first information indicating a terminal device to be handed over from a source access network node to the target access network node and indicating to use a user plane security configuration that is of a data radio bearer and that is the same as that of a data radio bearer of the source access network node. The advantage of doing so is to reduce security risk caused by different security configurations of the data radio bearer when the target access network node and the source access network node transmit a same data packet and improve data transmission security. WU and Intel do not explicitly disclose DRB is at least used for bearing a credential required by the terminal for accessing a stand-alone non-public network (SNPN). Huawei discloses DRB is at least used for bearing a credential required by the terminal for accessing a stand-alone non-public network (SNPN) (Pages 1-3, “the UE can perform the onboarding procedure on onboarding network, and then the UE may be remotely provisioned with the SNPN credentials by Provisioning Server (PS). The SNPN credentials shall be confidentiality protected, integrity protected, and replay protected during remote provisioning”). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of WU with Intel and Huawei to provide a security configuration method in a handover scenario wherein a target access network node receives a first message including first information indicating a terminal device to be handed over from a source access network node to the target access network node and indicating to use a user plane security configuration that is of a data radio bearer and that is the same as that of a data radio bearer of the source access network node. The advantage of doing so is to reduce security risk caused by different security configurations of the data radio bearer when the target access network node and the source access network node transmit a same data packet and improve data transmission security. In re claim 15, the combination discloses the method according to claim 12, wherein WU discloses the method further comprising: initiating, in response to sending a radio resource control the (RRC) connection reconfiguration message to the terminal, a user plane security protection operation of a DRB of the base station ([0356], “The RRC connection reconfiguration message may carry a user plane data encryption protection indication or a user plane data integrity protection activation indication”. [0360], “If the UE determines that integrity protection for a data resource bearer (DRB) of the PDU session is to be activated, the UE may activate uplink integrity protection and downlink integrity protection verification” (whether to activate the user plane data integrity protection may be determined by using a bearer as a granularity)). In re claim 16, the combination discloses the method according to claim 12, wherein WU discloses the method further comprising: receiving second indication information sent by the terminal during an RRC connection establishment process (Fig. 5: S514, [0356], “The RRC connection reconfiguration message may carry a user plane data encryption protection indication or a user plane data integrity protection activation indication”), wherein Intel discloses wherein the second indication information is used for indicating that an RRC connection being established is used for the terminal to log into an onboarding network (ONN) (Pages 1-11, Fig. 4.2.2.2.2-1, step 1, the UE sends a registration request to the RAN; and step 3, the RAN sends the registration request to the new AMF, the registration request comprising a registration type, and the registration type indicating whether the UE wants to perform SNPN onboarding registration allowing the UE to access an ONN for the purpose of provisioning the UE with SO-SNPN credentials (registering to allow access and login to ONN)); and determining, in response to receiving the second indication information, a first core network device used for supporting the terminal to log into the ONN ([0346], “S312: The NG-RAN forwards the PDU session establishment request to an access and mobility management function (AMF) network element, and after receiving the PDU session establishment request, the AMF network element forwards the PDU session establishment request to the SMF”. [0348], “S313: The SMF obtains a user plane security policy (UP security policy or user plane security enforcement information)”. [0351], “S314: The SMF network element sends N2 information (message) to the NG-RAN through the AMF, and the NG-RAN receives the N2 information from the SMF network element through the AMF”. [0352], “The N2 information may carry the user plane security policy obtained by the SMF in S33” (equivalent to receiving security policy information sent by the second core network device)); wherein the first core network device is configured with access control and mobility management function (AMF) login configuration data; and the AMF login configuration data comprises at least one of: digital data network (DNN) information used for obtaining the credential, or information restricting the terminal to only be configured to request to obtain the credential ([0345], “The PDU session establishment request message may include information such as a PDU session ID, a data network name (DNN), and network slice selection assistance information (NSSAI)”). In re claim 18, the combination discloses the method according to claim 16, wherein Intel discloses the method further comprising: receiving a registration request message sent by the terminal, wherein a registration type of the registration request message is set to be a predetermined registration type; and the predetermined registration type is used for indicating that the registration request message is used for logging into the ONN to obtain the credential; (Fig. 4.2.2.2.2-1, step 1, pages 1-11, “the UE sends a registration request to the RAN; and step 3, the RAN sends the registration request to the new AMF, the registration request comprising a registration type, and the registration type indicating whether the UE wants to perform SNPN onboarding registration” (i.e. allowing the UE to access an ONN for the purpose of provisioning the UE with SO-SNPN credentials, equivalent to the predetermined registration type and registering to allow access and login to ONN)); and sending the registration request message to the first core network device ([0449], “For example, the terminal device sends the third information to the access network device, the access network device sends a fourth message to the first core network device, and the first core network device receives the fourth message from the access network device, where the fourth message includes the third information”). In re claim 20, the combination discloses the method according to claim 18, wherein WU discloses the method further comprising: receiving a first protocol data unit (PDU) session establishment request message sent by the terminal (Fig. 3, [0342], “S311: The UE sends a PDU session establishment request message to the NG-RAN, and the NG-RAN receives the PDU session establishment request from the UE”), wherein the first PDU session establishment request message comprises DNN information used for obtaining the credential ([0345], “The PDU session establishment request message may include information such as a PDU session ID, a data network name (DNN), and network slice selection assistance information (NSSAI)”); and sending the first PDU session establishment request message to the first core network device ([0346], “S312: The NG-RAN forwards the PDU session establishment request to an access and mobility management function (AMF) network element, and after receiving the PDU session establishment request, the AMF network element forwards the PDU session establishment request to the SMF”). In re claim 22, Intel discloses a credential transmission method, performed by a first core network device, and comprising: receiving, by a first core network device, a registration request message sent by a base station (Pages 1-11, Fig. 4.2.2.2.2-1, step 1, the UE sends a registration request to the RAN and step 3, the RAN sends the registration request to the new AMF”); wherein a registration type of the registration request message is set to be a predetermined registration type and the predetermined registration type is used for indicating that the registration request message is used for a terminal to log into an onboarding network (ONN) (Pages 1-11, Fig. 4.2.2.2.2-1, “the registration request comprising a registration type, and the registration type indicating whether the UE wants to perform SNPN onboarding registration (i.e. allowing the UE to access an ONN for the purpose of provisioning the UE with SO-SNPN credentials, equivalent to the predetermined registration type)); to obtain a credential required by the terminal for accessing a stand-alone non-public network (SNPN). Intel does not explicitly disclose to obtain a credential required by the terminal for accessing a stand-alone non-public network (SNPN). Huawei discloses to obtain a credential required by the terminal for accessing a stand-alone non-public network (SNPN) (Pages 1-3, “the UE can perform the onboarding procedure on onboarding network, and then the UE may be remotely provisioned with the SNPN credentials by Provisioning Server (PS). The SNPN credentials shall be confidentiality protected, integrity protected, and replay protected during remote provisioning”). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Intel and Huawei to provide a security configuration method in a handover scenario wherein a target access network node receives a first message including first information indicating a terminal device to be handed over from a source access network node to the target access network node and indicating to use a user plane security configuration that is of a data radio bearer and that is the same as that of a data radio bearer of the source access network node. The advantage of doing so is to reduce security risk caused by different security configurations of the data radio bearer when the target access network node and the source access network node transmit a same data packet and improve data transmission security. In re claim 23, the combination discloses the method according to claim 22, wherein Intel discloses the method further comprising: initiating, in response to receiving the registration request message, a procedure for authenticating the terminal to an authentication service function (AUSF) in the ONN (Figure 4.2.2.2.2-1:steps 8, 9, Page 11, line 4 “The AMF may decide to initiate UE authentication by invoking an AUSF”). Claims 24, 26 and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Intel, "Registration Procedure for UE Onboarding", S2-2102320, 3GPP TSG-SA WG2 Meeting #144E, 12th - 16th April 2021 (23p) (hereinafter Intel) in view of HUAWEI et al., "Clarification on Key Issue #2", S3-202749, 3GPP TSG WG3 Meeting #100bis-e, e-meeting, 12-16 October 2020, (3p) (hereinafter Huawei) and in further view of US 20210400490 A1 (WU et al.)(hereinafter WU). In re claim 24, the combination of Intel and Huawei discloses the method according to claim 23, but does not explicitly disclose further comprising: receiving a first protocol data unit (PDU) session establishment request message sent by the base station, wherein the first PDU session establishment request message comprises digital data network (DNN) information used for obtaining the credential; and determining, based on a DNN determined according to the DNN information in the first PDU session establishment request message and a DNN determined according to DNN information in access control and mobility management function (AMF) login configuration data, whether the terminal requests an establishment of a PDU session for obtaining the credential. WU discloses receiving a first protocol data unit (PDU) session establishment request message sent by the base station ([0346], “S312: The NG-RAN forwards the PDU session establishment request to an access and mobility management function (AMF) network element, and after receiving the PDU session establishment request, the AMF network element forwards the PDU session establishment request to the SMF”), wherein the first PDU session establishment request message comprises digital data network (DNN) information used for obtaining the credential ([0345], “The PDU session establishment request message may include information such as a PDU session ID, a data network name (DNN), and network slice selection assistance information (NSSAI)”) and determining, based on a DNN determined according to the DNN information in the first PDU session establishment request message and a DNN determined according to DNN information in access control and mobility management function (AMF) login configuration data, whether the terminal requests an establishment of a PDU session for obtaining the credential ([0340]-[0360], “In the 5G system, activation of a user plane data integrity protection function is completed in a PDU session establishment process. The UE sends a PDU session establishment request message to the NG-RAN (equivalent to the base station), the NG-RAN forwards the request to an AMF (equivalent to the first core network device), and after receiving the request, the AMF forwards the request to the SMF (equivalent to the second core network device). The PDU session establishment request message may include a DNN. The SMF obtains a user plane security policy. The SMF sends an N2 message to the NG-RAN through the AMF, the NG-RAN receives the N2 message, and the N2 message carries the user plane security policy (equivalent to receiving security policy information sent by the second core network device). The user plane security policy includes: user plane data encryption protection needs to be activated (required), tends to be activated (preferred), or does not need to be activated (not needed); and integrity protection is required, preferred, or not needed. The NGRAN activates user plane security on the basis of the user plane security policy. The NG-RAN sends an RRC connection reconfiguration message to the UE, and the UE receives the message, which may carry a user plane data encryption protection indication and/or a user plane data integrity protection activation indication. Whether to activate the user plane data integrity protection may be determined by using a bearer as a granularity (equivalent to the first indication information being used for indicating: a user plane security protection operation of a radio data bearer (ORB) of the terminal is requested to be activated or deactivated). The UE activates the user plane security on the basis of the indication”). It would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Intel and Huawei with WU to provide a security configuration method in a handover scenario wherein a target access network node receives a first message including first information indicating a terminal device to be handed over from a source access network node to the target access network node and indicating to use a user plane security configuration that is of a data radio bearer and that is the same as that of a data radio bearer of the source access network node. The advantage of doing so is to reduce security risk caused by different security configurations of the data radio bearer when the target access network node and the source access network node transmit a same data packet and improve data transmission security. In re claim 26, the combination discloses the method according to claim 24, wherein WU discloses wherein the determining, whether the terminal requests the establishment of the PDU session for obtaining the credential comprises: rejecting, in response to the DNN determined according to the DNN information in the first PDU session establishment request message not matching with the DNN determined according to the DNN information in the AMF login configuration data, the first PDU session establishment request message; or determining, in response to the DNN determined according to the DNN information in the first PDU session establishment request message matching with the DNN determined according to the DNN information in the AMF login configuration data, a second core network device connected to the DNN (Fig. 13, [0340], “Instead, the integrity protection function is completed in a PDU session establishment process. Currently, in the 5G system, activation of an RRC integrity protection function and activation of uplink and downlink encryption and decryption of the user plane data are still implemented by using the AS SMC procedure in the registration procedure”. [0382], “For example, the first information includes one bit. In this case, the two types of values included in the first information are “1” and “0”. If a value of the bit is “1”, it may indicate that the first information indicates “activated”, “required”, “true”, or the like, and it also indicates that the first information indicates to activate the user plane data integrity protection function. However, if a value of the bit is “0”, it may indicate that the first information indicates “deactivated (deactivated)”, “not needed”, or “false”, and it also indicates that the first information indicates not to activate the user plane data integrity protection function”. [0630], “S1214: The PGW performs policy and charging enforcement function (PCEF) initiated internet protocol connectivity access network (IP-CAN) session modification with a policy and charging rules function (PCRF) network element”. [0683], “S1413: The UE and the MME perform mutual authentication”. [0763], “S1812: The UE performs RRC integrity protection verification on the AS SMC message, and if the verification succeeds, the UE determines whether to activate a user plane data integrity protection function”. [0305], “If the authentication is synchronized (matches), the MME notifies the SGW to initiate default bearer setup” (when authentication is done by core network, it checks if the DNN information in the PDU session establishment matches the DNN credentials in the MF login for connection or rejection)). In re claim 27, the combination discloses the method according to claim 26, wherein WU discloses wherein further comprising: sending, in response to determining the second core network device, a second PDU session establishment request message to the second core network device, wherein the second PDU session establishment request message carries information of the DNN, and creation indication information for creating the PDU session used for obtaining the credential; or sending, in response to determining the second core network device, a third PDU session establishment request message to the second core network device, wherein the third PDU session establishment request message carries information of the DNN, and does not carry creation indication information for creating the PDU session used for obtaining the credential (Please refer to claim 26. “All features are included in claim 26”. Based on authentication, if DNN credentials matches a third PDU session establishment is made with the second core network and so on...)). Contact Any inquiry concerning this communication or earlier communications from the examiner should be directed to SWATI JAIN whose telephone number is (571)270-0699. The examiner can normally be reached Mon - Fri (830 am - 530 pm). Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Pan Yuwen can be reached on 571-272-7855. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /SWATI JAIN/Examiner, Art Unit 2649 /YUWEN PAN/Supervisory Patent Examiner, Art Unit 2649
Read full office action

Prosecution Timeline

Jan 18, 2024
Application Filed
Feb 12, 2026
Non-Final Rejection — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

17/756,092
Patent 12598477
METHOD FOR DETERMINING LOCATION OF MOBILE BASE STATION
2y 5m to grant Granted Apr 07, 2026
17/977,169
Patent 12581313
ADAPTIVE PRESENCE-BASED ACCESS POINT RADIO CONFIGURATION
2y 5m to grant Granted Mar 17, 2026
18/084,761
Patent 12573287
Systems and methods for installing and testing alarming systems at cell sites
2y 5m to grant Granted Mar 10, 2026
17/800,895
Patent 12567333
Method, Central Unit and System for Providing a Communication Function in a Means of Transport
2y 5m to grant Granted Mar 03, 2026
17/964,468
Patent 12546808
TEST SYSTEM AND TEST METHOD
2y 5m to grant Granted Feb 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
83%
Grant Probability
99%
With Interview (+26.3%)
2y 11m
Median Time to Grant
Low
PTA Risk
Based on 113 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month