Office Action Predictor
Last updated: April 16, 2026
Application No. 18/705,319

Enhanced Authentication and Authorization of Servers and Clients in Edge Computing

Final Rejection §102§103
Filed
Apr 26, 2024
Examiner
KIM, TAE K
Art Unit
2496
Tech Center
2400 — Computer Networks
Assignee
Telefonaktiebolaget Lm Ericsson (PUBL)
OA Round
2 (Final)
74%
Grant Probability
Favorable
3-4
OA Rounds
3y 6m
To Grant
76%
With Interview

Examiner Intelligence

Grants 74% — above average
74%
Career Allow Rate
486 granted / 653 resolved
+16.4% vs TC avg
Minimal +1% lift
Without
With
+1.2%
Interview Lift
resolved cases with interview
Typical timeline
3y 6m
Avg Prosecution
29 currently pending
Career history
682
Total Applications
across all art units

Statute-Specific Performance

§101
11.6%
-28.4% vs TC avg
§103
39.7%
-0.3% vs TC avg
§102
26.2%
-13.8% vs TC avg
§112
15.8%
-24.2% vs TC avg
Black line = Tech Center average estimate • Based on career data from 653 resolved cases

Office Action

§102 §103
DETAILED ACTION This Action is in consideration of the Applicant’s response on November 20, 2025. Claims 33, 38, 40, 49, and 51 are amended by the Applicant. Claims 33 – 52, where Claims 33, 41, 42, 51, and 52 are in independent form, are presented for examination. Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Information Disclosure Statement The information disclosure statement (IDSs) submitted on August 29, 2025 and September 17, 2025 were filed before the mailing date of the current action. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner. Response to Arguments Applicant’s arguments filed November 20, 2025 have been fully considered but they are not persuasive. Applicant argued: a) Regarding Claims 33 and 51, Gilpin does not disclose or suggest of an edge data network. b) Regarding Claims 33 and 51, Gilpin does not disclose or suggest of the client sending the access credentials to the server. The Office respectfully disagrees with Applicant’s assertions. 1. With regards to a), Gilpin discloses that the network may comprise edge servers [Para. 0086]. Therefore, the network is an edge network. 2. With regards to b), the Applicant concurs that the connection broker disclosed in Gilpin performs various actions on behalf of client services [See Remarks, Pg. 14]. The Office reminds the Applicant that the pending claims must be "given the broadest reasonable interpretation consistent with the specification" [In re Prater, 162 USPQ 541 (CCPA 1969)] and "consistent with the interpretation that those skilled in the art would reach" [In re Cortright, 49 USPQ2d 1464 (Fed. Cir. 1999)]. Since the connection broker authenticates to access the access-protected network resource on behalf of the client services, the connection broker acts like a client with respect to the access-protected network resource. Therefore, the connection broker was mapped as the client within the claims. The claims do not specifically define or describe the client in a way that precludes the interpretation of the connection broker as the claimed client. Claim Rejections - 35 USC § 102 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. Claim(s) 33 – 38, 41 – 47, 51, and 52 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by PGPub. 2020/0004946 (hereinafter “Gilpin”). 3. Regarding Claim 33 and 41, Gilpin discloses a non-transitory, computer-readable medium storing computer-executable instructions that [Para. 0085], when executed by processing circuitry associated with a client for an edge data network [Para. 0059, 0086, 0089], configure the client to perform a method comprising: obtaining an initial access credential for a server in the edge data network, before accessing the server [Abstract]; providing the initial access credential to the server for authentication of the client [Abstract; Fig. 4; connection broker obtains authenticated access to access-protected network resource using connection credential]; obtaining an updated access credential for the server based on expiration of one of the following: the initial access credential, or a further access credential provided by the server [Fig. 4; Para. 0073-74; updated connection credential used]; and providing the updated access credential to the server for authentication of the client [Abstract; Fig. 4; Para. 0073-74], wherein the initial access credential and the updated access credential are obtained from a credential provider other than the server [Fig. 4; Para. 0068, 0070; connection credentials fetched from the authentication credential provider].. 4. Regarding Claim 34, Gilpin discloses the limitations of Claim 33. Gilpin further discloses of establishing a first connection with the server based on transport layer security (TLS) [Para. 0070]; and authenticating the server via the first connection based on a server certificate, wherein the initial access credential is provided to the server via the first connection after authenticating the server [Fig. 4; Para. 0067, 0070]. 5. Regarding Claim 35, Gilpin discloses the limitations of Claim 33. Gilpin further discloses that after authentication of the client based on the initial access credential, receiving a second access credential from the server via the first connection [Fig. 4; Para. 0073]; and obtaining the updated access credential is based on expiration of the second access credential [Fig. 4; Para. 0073]. 6. Regarding Claim 36, Gilpin discloses the limitations of Claim 35. Gilpin further discloses of establishing a second connection with the server based on transport layer security (TLS) [Fig. 4; Para. 0074]; authenticating the server via the second connection based on a server certificate [Fig. 4; Para. 0074]; and providing the second access credential to the server via the second connection, for authentication of the client [Fig. 4; Para. 0074]. 7. Regarding Claim 37, Gilpin discloses the limitations of Claim 36. Gilpin further discloses that after authentication of the client based on the second access credential, receiving a third access credential from the server via the second connection [Fig. 4; Para. 0073-74; continually repeated]; and obtaining the updated access credential is based on expiration of the third access credential [Fig. 4; Para. 0073-74; continually repeated]. 8. Regarding Claim 38, Gilpin discloses the limitations of Claim 33. Gilpin further discloses that obtaining an updated access credential comprises: sending a request for an updated access credential to the credential provider [Fig. 4; Para. 0073-74]; and receiving the updated access credential from the credential provider in response to the request [Fig. 4; Para. 0073-74]. 9. Regarding Claim 42, Gilpin discloses of a server configured for operation in an edge data network, the server comprising: communication interface circuitry configured to communicate with one or more clients for the edge data network [Para. 0052, 0086, 0089]; and processing circuitry operably coupled to the communication interface circuitry, wherein the processing circuitry and the communication interface circuitry are configured to [Para. 0052, 0059, 0086, 0089]: authenticating a client in the edge data network based on an initial access credential received from the client [Fig. 4; Para. 0066-67; access-protected network resource (server) authenticates the connection broker (client) using the received connection credential]; and after expiration of the initial access credential or a further access credential provided by the server [Fig. 4; Para. 0073-74], authenticating the client based on an updated access credential received from the client, wherein the initial access credential and the updated access credential are obtained by the client from a credential provider other than the server [Fig. 4; Para. 0073-74]. 10. Regarding Claim 43, Gilpin discloses the limitations of Claim 42. Gilpin further discloses of establish a first connection with the client based on transport layer security (TLS) [Para. 0070]; and provide a server certificate to the client, via the first connection, for authentication of the server [Fig. 4; Para. 0067, 0070]; and wherein the initial access credential is received from the client via the first connection after providing the server certificate [Fig. 4; Para. 0067, 0070]. 11. Regarding Claim 44, Gilpin discloses the limitations of Claim 42. Gilpin further discloses that after authentication of the client based on the initial access credential, send a second access credential to the client via the first connection [Fig. 4; Para. 0073-74]; and authenticating the client based on the updated access credential is further based on expiration of the second access credential [Fig. 4; Para. 0073-74]. 12. Regarding Claim 45, Gilpin discloses the limitations of Claim 44. Gilpin further discloses of establish a second connection with the client based on transport layer security (TLS) [Fig. 4; Para. 0073-74]; provide the server certificate to the client, via the second connection, for authentication of the server [Fig. 4; Para. 0067, 0073-74]; and authenticate the client based on the second access credential received from the client via the second connection [Fig. 4; Para. 0073-74]. 13. Regarding Claim 46, Gilpin discloses the limitations of Claim 45. Gilpin further discloses that after authentication of the client based on the second access credential, selectively send a third access credential to the client via the second connection [Fig. 4; Para. 0073-74]; and authenticating the client based on the updated access credential is further based on expiration of the third access credential [Fig. 4; Para. 0073-74]. 14. Regarding Claim 47, Gilpin discloses the limitations of Claim 46. Gilpin further discloses of selectively send the third access credential based on [Para. 0073]: comparing a duration of validity of the third access credential to a predetermined threshold [Para. 0073-74]; sending the third access credential when the duration of validity is less than the predetermined threshold [Para. 0073-74]; and refraining from sending the third access credential when the duration of validity is not less than the predetermined threshold [Para. 0073-74]. 15. Regarding Claim 51, Gilpin discloses a user equipment (UE) configured to host a client for an edge data network [Fig. 1; Para. 0050, 0059, 0086, 0089], the UE comprising: communication interface circuitry configured to facilitate communication between the client and one or more servers of the edge data network [Para. 0052]; and processing circuitry operably coupled to the communication interface circuitry, wherein the processing circuitry and communication interface circuitry are configured [Para. 0050, 0059, 0086, 0089] to: obtain an initial access credential for a server in the edge data network, before accessing the server [Abstract; Fig. 4; connection broker (client) obtains connection credentials for access-restricted network resource (server)]; provide the initial access credential to the server for authentication of the client [Abstract; Fig. 4]; obtain an updated access credential for the server based on expiration of one of the following: the initial access credential, or a further access credential provided by the server [Fig. 4; Para. 0073-74]; and provide the updated access credential to the server for authentication of the client [Fig. 4; Para. 0073-74]. 16. Regarding Claim 51, Gilpin discloses a credential provider associated with an edge data network [Fig. 1; authentication credential provider], the credential provider comprising: communication interface circuitry configured to communicate with one or more clients in the edge data network [Para. 0052, 0086, 0089]; and processing circuitry operably coupled to the communication interface circuitry, wherein the processing circuitry and the communication interface circuitry [Para. 0052, 0086, 0089] are configured to: provide to a client in the edge data network an initial access credential for a server in the edge data network, before the client accesses the server [Fig. 4; Para. 0069-70]; receive from the client a request for an updated access credential for the server [Fig. 4; Para. 0073-74]; and send the updated access credential to the client in response to the request [Fig. 4; Para. 0073-74]. Claim Rejections - 35 USC § 103 The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. Claim(s) 39, 40, 48, 49, and 50 are rejected under 35 U.S.C. 103 as being unpatentable over Gilpin, in view of PGPub. 2020/0359218 (hereinafter “Lee”). 17. Regarding Claims 39 and 48, Gilpin discloses the limitations of Claims 38 and 42. Gilpin further discloses that each of the initial access credential and the updated access credential comprises a token or a certificate that is based on or includes one or more of the following: an indication that the client is a legitimate client, a client type associated with the client, and an identifier of the client [Para. 0066-69]. Gilpin, however, does not specifically disclose that the client is an Edge Enabler Client (EEC). Lee discloses a system and method for authenticating a UE [Abstract]. Lee further discloses that a UE can comprise an Edge Enabler Client (EEC) used to assist in authentication the UE to the network [Para. 0088]. It would have been obvious to one skilled in the art before the effective filing date of the current invention to incorporate the teachings of Lee with Gilpin since both systems require UE authentication to access resources. The motivation to do so is to utilize well-known, established protocols for use in mobile edge networks for improve scalability (obvious to one skilled in the art). 18. Regarding Claims 40 and 49, Gilpin, in view of Lee, discloses the limitations of Claims 39 and 48. The combination of Gilpin and Lee further discloses that one of the following applies: the server is an Edge Configuration Server (ECS), and the initial access credential and the updated access credential are obtained from an edge computing service provider (ECSP) associated with the EEC [Lee, Para. 0209]; or the server is an Edge Enabler Server (EES), and the initial access credential and the updated access credential are obtained from the ECSP or an ECS [Lee, Para. 0210]. 19. Regarding Claim 50, Gilpin, in view of Lee, discloses the limitations of Claim 48. The combination of Gilpin and Lee further discloses the processing circuitry and the communication interface circuitry are configured to authenticate the client based on the initial access credential based on: validating the initial access credential based on one of the following: a certificate of the credential provider, a public key of the credential provider, or by contacting the credential provider [Gilpin, Para. 0066-68]; and verifying one or more of the following based on the initial access credential: that the EEC is a legitimate EEC, and that the EEC type associated with the EEC is a legitimate EEC type [Gilpin, Para. 0066-68; Lee, Para. 0088]. Conclusion THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. Contacts Any inquiry concerning this communication or earlier communications from the examiner should be directed to Tae K. Kim, whose telephone number is (571) 270-1979. The examiner can normally be reached on Monday - Friday (10:00 AM - 6:30 PM EST). If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Jorge Ortiz-Criado, can be reached on (571) 272-7624. The fax phone number for submitting all Official communications is (703) 872-9306. The fax phone number for submitting informal communications such as drafts, proposed amendments, etc., may be faxed directly to the examiner at (571) 270-2979. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free). /TAE K KIM/Primary Examiner, Art Unit 2496
Read full office action

Prosecution Timeline

Apr 26, 2024
Application Filed
Aug 17, 2025
Non-Final Rejection — §102, §103
Nov 20, 2025
Response Filed
Jan 08, 2026
Final Rejection — §102, §103
Apr 08, 2026
Notice of Allowance
Apr 08, 2026
Response after Non-Final Action

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12598064
ESTABLISHING TRUST BY A COMMUNITY OF VEHICLES
2y 5m to grant Granted Apr 07, 2026
Patent 12591655
SYSTEMS AND METHODS OF PROTECTING SECRETS IN USE WITH CONTAINERIZED APPLICATIONS
2y 5m to grant Granted Mar 31, 2026
Patent 12574241
TECHNIQUES FOR MANUAL VERIFICATION
2y 5m to grant Granted Mar 10, 2026
Patent 12561470
DATA PROTECTION VIA ATTRIBUTES-BASED AGGREGATION
2y 5m to grant Granted Feb 24, 2026
Patent 12562898
NATIVE APPLICATION INTEGRATION IN DATA SYSTEM
2y 5m to grant Granted Feb 24, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
74%
Grant Probability
76%
With Interview (+1.2%)
3y 6m
Median Time to Grant
Moderate
PTA Risk
Based on 653 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month