DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Application, submitted on 03/18/2024, has been received, entered, and made of record. Currently, claims 1-10 and 29-39 remain pending in the application. Claims 11-28 have been canceled.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 03/18/2024 was filed in compliance with the provisions of 37 CFR 1.97 and 1.98. Accordingly, the information disclosure statement is being considered by the examiner. However, Applicant has not provided an explanation of relevance of cited document(s).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 5-6, 29, and 33-34 are rejected under 35 U.S.C. 103 as being unpatentable over Livanos et al. (hereinafter referred to as Livanos, US 2019/0253407 A1) in view of Laitinen et al. (hereinafter referred to as Laitinen, US 2011/0289315 A1).
Referring to claim 1, Livanos discloses a method performed in a Generic Bootstrapping Architecture, GBA (fig.1, General Bootstrapping Architecture (GBA) client 112), of a User Equipment, UE (fig.1, UE 102), comprising:
communicating, at a GBA application (figs.1 and 3B, GBA client 112) of the UE, with one or more network nodes (fig.3B, multi-purpose AAA (“MPA”) server 222) of a cellular communications network to run a GBA procedure during which the GBA application obtains a key, Ks, and a Bootstrapping Transaction Identifier, B-TID (fig.3B and [0065]-[0070]) (Note: the GBA client 214 of UE communicates with an enterprise BSF 232 to run a GBA procedure to obtain a bootstrapping session key (Ks) and a bootstrapping transaction identifier (B-TID));
providing, at an application (figs.1 and 2A, Client App 218) of the UE, to the GBA application, a request for a key for the application, Ks_APP, the request comprising a Network Application Function, NAF, identifier, NAF-ID (fig.3D and [0080]) (Note: in step 28 (of the UE 202), the Client App 218 provides a request for key Ks-NF (Req Ks-NF) (Ks_APP) to the GBA client 214; wherein the request comprises a Network Application Function, NAF, identifier, NAF-ID);
at the GBA application (fig.3D, GBA client 214):
deriving the key, Ks_APP, for the application based on: the key, Ks, the NAF-ID; and an additional parameter that is either a parameter generated by the GBA application or an application identifier, APP-ID, of the application (fig.3D and [0080]) (Note: the UE 202 (e.g. GBA client 214) derives a NAF-specific shared key material (KsNAF) (Ks_APP) for the Client App 218 based on the Ks and the NAF-ID. More specifically, the KsNAF may be generated as a function KDF (Ks, “GBA=U”, RAND, IMSI, and NAF-ID) with “GBA=U”, RAND, IMSI as additional parameter); and
sending a response to the application, the response comprising the B-TID and the key, Ks_APP, for the application; and receiving, at the application, the response from the GBA application (fig.3D and [0080]) (Note: in step 29 (of the UE 202), the GBA client 214 sends a response comprising the KsNAF (Ks_APP) and the B-TID to the Client App 218).
Livanos fails to explicitly disclose at the GBA application: verifying that the application is entitled to use a NAF that corresponds to the NAF-ID; and responsive to successful verification that the application is entitled to use the NAF that corresponds to the NAF-ID, deriving the key, Ks_APP, for the application.
However, in the same field of endeavor of Generic Bootstrapping Architecture (GBA) art, Laitinen discloses at the GBA application: verifying that the application is entitled to use a NAF that corresponds to the NAF-ID; and responsive to successful verification that the application is entitled to use the NAF that corresponds to the NAF-ID, deriving the key, Ks_APP, for the application (fig.4, [0096]-[0098], and [0121]-[0125]) (Note: the Generic Bootstrapping Architecture (GBA) verifies whether a web application can access the URL (corresponding to a NAF-ID) of the server (NAF) 20, and if the validation is successful, the GBA function 12 allows access to the GBA key and derives the Ks_NAF).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention by the applicant to modify the method of Livanos with the concept of Laitinen to obtain the claimed invention wherein at the GBA application: verifying that the application is entitled to use a NAF that corresponds to the NAF-ID; and responsive to successful verification that the application is entitled to use the NAF that corresponds to the NAF-ID, deriving the key, Ks_APP, for the application. The suggestion/motivation for doing so would have been for a strong mutual authentication that would significantly reduce security risks.
Referring to claim 5, Lavinos in view of Laitinen discloses the method of claim 1. Lavinos further discloses wherein the additional parameter is a parameter generated by the GBA application ([0080]) (Note: the KsNAF may be generated as a function KDF (Ks, “GBA=U”, RAND, IMSI, and NAF-ID) with “GBA=U”, RAND, IMSI as additional parameter).
Referring to claim 6, Lavinos in view of Laitinen discloses the method of claim 5. Lavinos discloses (wherein the parameter generated by the GBA application is a counter, a time-based parameter, or a random number ([0080]) (Note: the KsNAF may be generated as a function KDF (Ks, “GBA=U”, RAND, IMSI, and NAF-ID) with RAND as random number).
Referring to claim 29, the same ground of rejection provided for claim 1 is applicable herein. Lavinos further discloses a user equipment (UE) (figs.1 and 7, UE 202), comprising: processing circuitry (fig.7, processor 702), memory (fig.7, Memory 710), and transceiver circuitry (fig.7, wireless transceivers 704) ([0088]).
Referring to claim 33, the same ground of rejection provided for claim 5 is applicable herein.
Referring to claim 34, the same ground of rejection provided for claim 6 is applicable herein.
Claims 2-3 and 30-31 are rejected under 35 U.S.C. 103 as being unpatentable over Livanos in view of Laitinen, and further in view of Wager et al. (hereinafter referred to as Wager, US 2005/0114694 A1).
Referring to claim 2, Livanos in view of Laitinen discloses the method of claim 1, except wherein the additional parameter is the APP-ID of the application.
However, Wager discloses a concept wherein the additional parameter is the APP-ID of the application ([0018]) (Note: message 102 also includes an application identification (appid) as additional parameter).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention by the applicant to replace additional parameter of Livanos in view of Laitinen with an application identifier as taught by Wager. The suggestion/motivation for doing so would have been to improve security and reliability.
Referring to claim 3, Livanos in view of Laitinen and Wager discloses the method of claim 2. Wager discloses wherein the request for the key, Ks_APP, comprises the APP-ID of the application ([0008] and fig.1, S104) (Note: the request for the key comprises the Appid).
Therefore, it would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention by the applicant to modify Livanos in view of Laitinen with Wager to obtain the claimed invention. The suggestion/motivation for doing so would have been to improve security and reliability by verifying an application's authorization.
Referring to claim 30, the same ground of rejection provided for claim 2 is applicable herein.
Referring to claim 31, the same ground of rejection provided for claim 3 is applicable herein.
Allowable Subject Matter
Claims 4, 7-10, 32, and 35-39 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOUSTAPHA DIABY whose telephone number is (571)270-1669. The examiner can normally be reached Monday-Friday: 9AM-6PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ABDERRAHIM MEROUAN can be reached at (571) 270-5254. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOUSTAPHA DIABY/Primary Examiner, Art Unit 2683