DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Application No. 18/718,120 filed on 06/10/2024.
Claims 33-52 have been examined and are pending in this application. As per the Preliminary Amendment filed on 06/10/2024, claims 1-32 were amended.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 06/10/2024 and 04/30/2025, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Specification
The abstract of the disclosure is objected to because The abstract should be in narrative form and generally limited to a single paragraph within the range of 50 to 150 words in length . A corrected abstract of the disclosure is required and must be presented on a separate sheet, apart from any other text. See MPEP § 608.01(b).
Claim objections
Claims 33-52 are objected to because of the lengthy preambles of the independent claims 33, 44 and 51-52.
The preambles recite various elements and pose potential issues to the reader in regard to the scope of the claims (e.g., which elements are required elements of the claimed subject matter).
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.
Claim 42 is rejected under 35 U.S.C. 112(a), as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA 35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Specifically, the examiner was unable to find a specific structure, material, or acts corresponding to the claimed “the secret key is encrypted using attribute-based encryption”. For more detail refer to 35 U.S.C. 112(b) rejection below.
Claim 42 recites: “wherein the secret key is encrypted using attribute-based encryption.” The originally filed specification does not describe, teach, or suggest encrypting the secret key using attribute-based encryption. Rather, the specification consistently describes:
The secret key as a derived device-specific key generated using the device’s one or more attributes; and
The access key as the value that is encrypted using an attribute-based access policy for the network slice.
The claim introduces a cryptographic structure not supported anywhere in the specification, and contradicts the disclosed architecture in which the secret key is used to decrypt the encrypted access key. Accordingly, the claim is not supported by the written description.
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 42 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Claim 42 recites “wherein the secret key is encrypted using attribute-based encryption.”
The limitation is unclear and internally inconsistent with the base claim from which it depends.
In claim 33, the secret key is generated using the device attributes, and the access key is the item that is encrypted using the access policy. Claim 42 reverses this relationship by stating that the secret key itself is encrypted using attribute-based encryption. It is therefore unclear what subject matter is being claimed because:
It is ambiguous whether the “secret key” referred to in claim 42 is
(a) the same “secret key” of claim 33,
(b) a different key, or
(c) an encrypted version of the secret key, which would contradict the function of the secret key as the decrypting key in claim 33.
The claim fails to provide antecedent basis or clarity as to what attribute-based encryption is being applied to, and why the key used to decrypt the encrypted access key is itself an encrypted value. One of ordinary skill cannot reasonably ascertain how a key used for decrypting the access key can simultaneously be the ciphertext of attribute-based encryption, creating logical inconsistency in the claim’s functional structure. Because the claim language is inconsistent with the role of the secret key within the previously claimed key hierarchy, the metes and bounds of claim 42 cannot be determined with reasonable certainty, rendering the claim indefinite under §112(b)
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 33-39, 41-48, 51-52 are rejected under 35 U.S.C. 103 as being unpatentable over Ben Henda (U.S. Application US 20220070157 A1; Hereinafter “Ben Henda”) in view of Goyal et al. (“Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data” CCS 2006; Hereafter “Goyal”).
As per claims 33, 51, Nayak teaches a method for authenticating a wireless communications device to a network slice of a communications network (Ben Henda: fig. 1, para[43], [90-91],“the terminal device 200 decides to use services provided by network slice B…. A network slice authentication procedure is triggered between the terminal device 200 and the communication network 100 during which signaling messages are exchanged with the target AMF 300b and possibly involving other network functions, here exemplified by the Authentication, Authorization and Accounting (AAA) entity 500 of network slice B”, the wireless communications device having one or more attributes associated with it (Ben Henda: para[ 90-92], “For the network slice authentication, it could be the AUSF or any other entity not necessarily under the control of the network operator since this would allow using other than the 3GPP credentials for primary access. In the case of EAP, if the used EAP method is key generating such as EAP-TLS or EAP-PSK then a successful authentication result in the establishment of shared keys, i.e. the MSK and the Extended MSK (EMSK) between the terminal device 200 and the AAA entity”, the credential are treated as UE attributes for slice policy (credentials plus slice authorization), because the UE must satisfy slice B credentials), the method being performed by a slice manager of the communications network and comprising (Ben Handa: fig. 1, 4, para[90-92], “signaling messages are exchanged with the target AMF 300b and possibly involving other network functions, here exemplified by the Authentication, Authorization and Accounting (AAA) entity 500 of network slice B. It is possible that this AAA entity could be an authentication server which is external to the operator network and under the control entity served by network slice B”):
sending a secret key to the wireless communications device (terminal device 200) (Ben Handa: para[90-92], “For the network slice authentication, it could be the AUSF or any other entity not necessarily under the control of the network operator since this would allow using other than the 3GPP credentials for primary access….In the case of EAP, if the used EAP method is key generating such as EAP-TLS or EAP-PSK then a successful authentication result in the establishment of shared keys, i.e. the MSK and the Extended MSK (EMSK) between the terminal device 200 and the AAA entity. The MSK is sent to the authenticator alongside the authentication result, i.e. EAP-SUCCESS in this case. A secret is thereby established between the terminal device 200 and the target AMF 300b following a successful authentication. In some examples, this secret could be a network slice authentication key denoted by K.sub.SA, or the MSK in case EAP is used. In other examples this secret could be a token or a random string, etc.” the keys are derived from the credentials); and
sending an encrypted access key to the wireless communications device (NAS SM Command (indication) step 304, fig. 4), such that the encrypted access key is decryptable via the secret key (Ben Henda: para[91-96], “S303: The target AMF 300b creates a new security context using the received secret. One possibility is to use directly the received secret if it is a key or to derive a new K.sub.AMF′ from it using a key derivation function such as the one used in 3GPP standards. In another example the target AMF 300b uses the current AMF key and the received secret to derive the K.sub.AMF′. This latter example protects against a key leakage in one domain (AAA or Source AMF domains)…. The target AMF 300b activates the new security context using the NAS SMC procedure described in aforementioned document 3GPP TS 33.501 with the difference that the target AMF 300b indicates in the downlink message (of this step) that the new security context is created based on the secret resulting from the successful slice authentication. This indication could be a Boolean flag, or a value generated using the slice authentication secret. For example, in the case of EAP, it could be a hash of the MSK key and possibly a freshness parameter, e.g. the NAS downlink count value used in this message, etc” the Examiner would like to notate that “such that the encrypted access key is decryptable via the secret key” is intended use).
Ben Henda does not explicitly teach at least one of the one or more attributes fulfilling an attribute-based access policy; the secret key generated using the one or more attributes associated with the wireless communications device; the encrypted access key being encrypted using the access policy.
However, in the related art Goyal teaches at least one of the one or more attributes fulfilling an attribute-based access policy (Goyal: sect. 4.2, 8 “In an ABE system, a user’s keys and ciphertexts are labeled with sets of descriptive attributes and a particular key can decrypt a particular ciphertext only if there is a match between the attributes of the ciphertext and the user’s key… We develop a much richer type of attribute-based encryption cryptosystem and demonstrate its applications. In our system each ciphertext is labeled by the encryptor with a set of descriptive attributes Each private key is associated with an access structure that specifies which type of ciphertexts the key can decrypt. We call such a scheme a Key-Policy Attribute-Based Encryption (KP-ABE)”);
the secret key generated using the one or more attributes ( Goyal: section 4.4, sect. 8, “The simulator B runs A. A chooses the set of attributes γ it wishes to be challenged upon….A adaptively makes requests for the keys corresponding to any access structures T such that the challenge set γ does not satisfy T . Suppose A makes a request for the secret key for an access structure T where T (γ) = 0. To generate the secret key, B needs to assign a polynomial Qx of degree dx for every node in the access tree T…..The key corresponding to each leaf node is given using its polynomial as follows. Let i = att(x). Dx = g Qx(0) ti = g bqx(0) ri = B qx(0) ri g Qx(0) ti = g bqx(0) bβi = g qx(0) βi if att(x) ∈ γ, otherwise” see also 4.2, and 5.1)
the encrypted access key being encrypted using the access policy ( Goyal: sect. 4.2, 5.1, 8, “Each user is subscribed to a different “package”. The user package describes an access policy, which along with the set of attributes describing any particular item being broadcast,….Our KP-ABE system naturally offers a targeted broadcast system. A new symmetric key would be chosen and used to encrypt each item being broadcast, and then the KP-ABE system would be used to encrypt the symmetric key with the attributes associated with the item being broadcast.”)
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the teaching of Ben Henda’s slice-authentication secret with Goyal’s attribute-based key-generation mechanism to enforce slice-specifics access policies cryptographically, achieving finer-grained authorization, it will enforce slice access policies through attribute-bound keys and provide a secure and scalable slice authentication (Goyal, page 4 sect. 2).
Furthermore, Ben Henda also teaches the hardware components of claim 51 such a processor; and a memory (Ben Henda: fig. 10, para[141], “rocessing circuitry 310 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 1210b (as in FIG. 12), e.g. in the form of a storage medium 330.”).
As per claim 34, Ben Henda in view of Goyal teaches the independent claim 33. Guya teaches generating the secret key using the one or more attributes associated with the wireless communication device ( Goyal: section 4.4, sect. 8, “The simulator B runs A. A chooses the set of attributes γ it wishes to be challenged upon….A adaptively makes requests for the keys corresponding to any access structures T such that the challenge set γ does not satisfy T . Suppose A makes a request for the secret key for an access structure T where T (γ) = 0. To generate the secret key, B needs to assign a polynomial Qx of degree dx for every node in the access tree T…..The key corresponding to each leaf node is given using its polynomial as follows. Let i = att(x). Dx = g Qx(0) ti = g bqx(0) ri = B qx(0) ri g Qx(0) ti = g bqx(0) bβi = g qx(0) βi if att(x) ∈ γ, otherwise” see also 4.2, and 5.1)
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the teaching of Ben Henda’s slice-authentication secret with Goyal’s attribute-based key-generation mechanism to enforce slice-specifics access policies cryptographically, achieving finer-grained authorization, it will enforce slice access policies through attribute-bound keys and provide a secure and scalable slice authentication (Goyal, page 4 sect. 2);
As per claim 35, Ben Henda in view of Goyal teaches the independent claim 33. Ben Henda teaches generating the access key (Ben Henda: para[92-96], “S303: The target AMF 300b creates a new security context using the received secret. One possibility is to use directly the received secret if it is a key or to derive a new K.sub.AMF′ from it using a key derivation function such as the one used in 3GPP standards. In another example the target AMF 300b uses the current AMF key and the received secret to derive the K.sub.AMF′. This latter example protects against a key leakage in one domain (AAA or Source AMF domains)…. The target AMF 300b activates the new security context using the NAS SMC procedure described in aforementioned document 3GPP TS 33.501 with the difference that the target AMF 300b indicates in the downlink message (of this step) that the new security context is created based on the secret resulting from the successful slice authentication. This indication could be a Boolean flag, or a value generated using the slice authentication secret. For example, in the case of EAP, it could be a hash of the MSK key and possibly a freshness parameter, e.g. the NAS downlink count value used in this message, etc” the Examiner would like to notate that “such that the encrypted access key is decryptable via the secret key” is intended use).
Goyal teaches encrypting the access key using the attribute-based access policy policy (Goyal: sect. 4.2, sect. 5.1, “Encryption (m, γ,PK): To encrypt a message m ∈ G2 under a set of attributes γ, choose a random value s ∈ Zp and publish the ciphertext as: E = (γ, E0 = me(g1, g2) s , E00 = g s , {Ei = T(i) s }i∈γ). Key Generation (T , MK,PK) The algorithm outputs a key which enables the user to decrypt a message encrypted under a set of attributes γ, if and only if T (γ) = 1.”….. The algorithm DecryptNode(E, D, x) then proceeds as follows: For all nodes z that are children of x, it calls DecryptNode(E, D, z) and stores the output as Fz. Let Sx be an arbitrary kx-sized set of child nodes z such that Fz 6= ⊥. If no such set exists then the node was not satisfied and the function returns ⊥. Otherwise, we compute:.. and return the result”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the teaching of Ben Henda’s slice-authentication secret with Goyal’s attribute-based key-generation mechanism to enforce slice-specifics access policies cryptographically, achieving finer-grained authorization, it will enforce slice access policies through attribute-bound keys and provide a secure and scalable slice authentication (Goyal, page 4 sect. 2);
As per claim 36, Ben Henda in view of Goyal teaches the dependent claim 35. Ben Henda teaches wherein the access key is generated in response to the network slice being created (Ben Henda: para[90-92], “A network slice authentication procedure is triggered between the terminal device 200 and the communication network 100 during which signaling messages are exchanged with the target AMF 300b and possibly involving other network functions, here exemplified by the Authentication, Authorization and Accounting (AAA) entity 500 of network slice B……The target AMF 300b creates a new security context using the received secret. One possibility is to use directly the received secret if it is a key or to derive a new K.sub.AMF′ from it using a key derivation function such as the one used in 3GPP standards”).
As per claim 37, Ben Henda in view of Goyal teaches the independent claim 33. Goyal teaches determining an attribute- based access policy for the network slice (Goyal: sect. 4.2, 5.1, 8, “Each user is subscribed to a different “package”. The user package describes an access policy, which along with the set of attributes describing any particular item being broadcast, determine whether or not the user should be able to access the item. For example, a television user may want to subscribe to a package that allows him view episodes of “24” from either the current season or Season 3. This could be encoded as policy as (“24” AND (“Season:5” OR “Season:3”)).”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the teaching of Ben Henda’s slice-authentication secret with Goyal’s attribute-based key-generation mechanism to enforce slice-specifics access policies cryptographically, achieving finer-grained authorization, it will enforce slice access policies through attribute-bound keys and provide a secure and scalable slice authentication (Goyal, page 4 sect. 2);
As per claim 38, Ben Henda in view of Goyal teaches the independent claim 33. Ben Henda teaches receiving a request from the wireless communications device for the secret key (Ben Henda: para[91], “A network slice authentication procedure is triggered between the terminal device 200 and the communication network 100 during which signaling messages are exchanged with the target AMF 300b and possibly involving other network functions”, this inherently includes the UE requesting the slice authentication secret. See also Guya page 25, phase 1.).
As per claim 39, Ben Henda in view of Goyal teaches the dependent claim 38, Ben Henda wherein the request indicates the one or more attributes associated with the wireless communications device (Ben Henda: para[91], “A network slice authentication procedure is triggered between the terminal device 200 and the communication network 100 during which signaling messages are exchanged with the target AMF 300b and possibly involving other network functions…In the case of EAP, if the used EAP method is key generating such as EAP-TLS or EAP-PSK then a successful authentication result in the establishment of shared keys, i.e. the MSK and the Extended MSK (EMSK) between the terminal device 200 and the AAA entity.”, slice authentication uses EAP-TLS/EAP-PSK, where the UE provide credential attributes (certificate, PSK identity) in the request. See also Guya section A.2).
As per claim 41, Ben Henda in view of Goyal teaches the independent claim 33. Ben Henda teaches generating a secret master key and a corresponding public key for the slice manager, wherein the secret key is generated using the secret master key and the one or more attributes associated with the wireless communications device, and wherein the public key is available to the wireless communications device (Ben Henda: para[92], “One possibility is to use directly the received secret if it is a key or to derive a new K.sub.AMF′ from it using a key derivation function such as the one used in 3GPP standards. In another example the target AMF 300b uses the current AMF key and the received secret to derive the K.sub.AMF′. This latter example protects against a key leakage in one domain (AAA or Source AMF domains). More precisely, if the K.sub.AMF is compromised then the K.sub.AMF′ is not since the attacker does not know the secret and vice versa.”).
As per claim 42, Ben Henda in view of Goyal teaches the independent claim 33. Guya teaches wherein the secret key is encrypted using attribute-based encryption (Goyal: sect. 5.1, “Encryption (m, γ,PK): To encrypt a message m ∈ G2 under a set of attributes γ, choose a random value s ∈ Zp and publish the ciphertext as: E = (γ, E0 = me(g1, g2) s , E00 = g s , {Ei = T(i) s }i∈γ). Key Generation (T , MK,PK) The algorithm outputs a key which enables the user to decrypt a message encrypted under a set of attributes γ, if and only if T (γ) = 1.”….. The algorithm DecryptNode(E, D, x) then proceeds as follows: For all nodes z that are children of x, it calls DecryptNode(E, D, z) and stores the output as Fz. Let Sx be an arbitrary kx-sized set of child nodes z such that Fz 6= ⊥. If no such set exists then the node was not satisfied and the function returns ⊥. Otherwise, we compute:.. and return the result”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the teaching of Ben Henda’s slice-authentication secret with Goyal’s attribute-based key-generation mechanism to enforce slice-specifics access policies cryptographically, achieving finer-grained authorization, it will enforce slice access policies through attribute-bound keys and provide a secure and scalable slice authentication (Goyal, page 4 sect. 2).
As per claim 43, Ben Henda in view of Goyal teaches the independent claim 33. Guya teaches wherein the wireless communications device is one among a plurality of wireless communications devices and wherein the secret key is a corresponding device- specific secret key; wherein each wireless communications device among the plurality of wireless communications devices has one or more attributes associated therewith, with at least one of the one or more attributes fulfilling an attribute-based access policy of the network slice; and wherein the method comprises sending a device-specific secret key to each wireless communications device among the plurality of wireless communications device, and sending the encrypted access key to the plurality of wireless communications devices, the encrypted access key being decryptable by each of the device-specific secret keys (Guya: sect. 2, “Fine-grained access control systems facilitate granting differential access rights to a set of users and allow flexibility in specifying the access rights of individual users…. we introduce new techniques to implement fine grained access control. In our techniques, the data is stored on the server in an encrypted form while different users are still allowed to decrypt different pieces of data per the security policy. This effectively eliminates the need to rely on the storage server for preventing unauthorized data access…..In our construction each user’s key is associated with a tree-access structure where the leaves are associated with attributes. A user is able to decrypt a ciphertext if the attributes associated with a ciphertext satisfy the key’s access structure”).
As per claims 44 and 52, Ben Henda teaches a method performed by a wireless communications device, for authenticating the wireless communications device to a network slice of a communications network (Ben Henda: fig. 1, para[43], [90-91],“the terminal device 200 decides to use services provided by network slice B…. A network slice authentication procedure is triggered between the terminal device 200 and the communication network 100 during which signaling messages are exchanged with the target AMF 300b and possibly involving other network functions, here exemplified by the Authentication, Authorization and Accounting (AAA) entity 500 of network slice B”), the wireless communications device having one or more attributes associated with it (Ben Henda: para [90-92], “For the network slice authentication, it could be the AUSF or any other entity not necessarily under the control of the network operator since this would allow using other than the 3GPP credentials for primary access. In the case of EAP, if the used EAP method is key generating such as EAP-TLS or EAP-PSK then a successful authentication result in the establishment of shared keys, i.e. the MSK and the Extended MSK (EMSK) between the terminal device 200 and the AAA entity” the credential are treated as UE attributes for slice policy (credentials plus slice authorization), because the UE must satisfy slice B credentials), the method comprising:
receiving a secret key (Ben Handa: para[90-92], “In the case of EAP, if the used EAP method is key generating such as EAP-TLS or EAP-PSK then a successful authentication result in the establishment of shared keys, i.e. the MSK and the Extended MSK (EMSK) between the terminal device 200 and the AAA entity. The MSK is sent to the authenticator alongside the authentication result, i.e. EAP-SUCCESS in this case. A secret is thereby established between the terminal device 200 and the target AMF 300b following a successful authentication. In some examples, this secret could be a network slice authentication key denoted by K.sub.SA, or the MSK in case EAP is used. In other examples this secret could be a token or a random string, etc.” the keys are derived from the credentials);
receiving an encrypted access key for the network slice, such that the encrypted access key is decryptable via the secret key (Ben Henda: para[92-96], “S303: The target AMF 300b creates a new security context using the received secret. One possibility is to use directly the received secret if it is a key or to derive a new K.sub.AMF′ from it using a key derivation function such as the one used in 3GPP standards. In another example the target AMF 300b uses the current AMF key and the received secret to derive the K.sub.AMF′. This latter example protects against a key leakage in one domain (AAA or Source AMF domains)…. The target AMF 300b activates the new security context using the NAS SMC procedure described in aforementioned document 3GPP TS 33.501 with the difference that the target AMF 300b indicates in the downlink message (of this step) that the new security context is created based on the secret resulting from the successful slice authentication. This indication could be a Boolean flag, or a value generated using the slice authentication secret. For example, in the case of EAP, it could be a hash of the MSK key and possibly a freshness parameter, e.g. the NAS downlink count value used in this message, etc” the Examiner would like to notate that “such that the encrypted access key is decryptable via the secret key” is intended use).
decrypting the encrypted access key using the secret key to obtain the access key (Ben Henda: para [50-60], [90-94], UE derives and validates the slice access key using the secret, UE “creates a new security context” based on the slice-auth secret. UE verifies the NAS SMC message using data derived from the secret (hash of MSK). This result in UE obtaining K_AMF’, i.e., the access key. Thus decrypting an encrypted access key suing the secret. ); and
authenticating the wireless communications device to the network slice using the access key (Ben Henda: para[92-95], UE activate the new security context using K_AMF’, completing the slice-authentication procedure. Resulting keys enable secure access to slice B. Thus the UE is authenticated to the slice using the derived access key.).
Ben Henda does not explicitly teach at least one of the one or more attributes fulfilling an attribute-based access policy.
However, in the related art Goyal teaches at least one of the one or more attributes fulfilling an attribute-based access policy (Goyal: sect. 4.2 “In an ABE system, a user’s keys and ciphertexts are labeled with sets of descriptive attributes and a particular key can decrypt a particular ciphertext only if there is a match between the attributes of the ciphertext and the user’s key… We develop a much richer type of attribute-based encryption cryptosystem and demonstrate its applications. In our system each ciphertext is labeled by the encryptor with a set of descriptive attributes Each private key is associated with an access structure that specifies which type of ciphertexts the key can decrypt. We call such a scheme a Key-Policy Attribute-Based Encryption (KP-ABE)…In our construction each user’s key is associated with a tree-access structure where the leaves are associated with attributes”, sect. 5.1, “Encryption (m, γ,PK): To encrypt a message m ∈ G2 under a set of attributes γ, choose a random value s ∈ Zp and publish the ciphertext as: E = (γ, E0 = me(g1, g2) s , E00 = g s , {Ei = T(i) s }i∈γ). Key Generation (T , MK,PK) The algorithm outputs a key which enables the user to decrypt a message encrypted under a set of attributes γ, if and only if T (γ) = 1.”….. The algorithm DecryptNode(E, D, x) then proceeds as follows: For all nodes z that are children of x, it calls DecryptNode(E, D, z) and stores the output as Fz. Let Sx be an arbitrary kx-sized set of child nodes z such that Fz 6= ⊥. If no such set exists then the node was not satisfied and the function returns ⊥. Otherwise, we compute:.. and return the result”);
the secret key generated using the one or more attributes ( Goyal: section 4.4, sect. 8, “The simulator B runs A. A chooses the set of attributes γ it wishes to be challenged upon….A adaptively makes requests for the keys corresponding to any access structures T such that the challenge set γ does not satisfy T . Suppose A makes a request for the secret key for an access structure T where T (γ) = 0. To generate the secret key, B needs to assign a polynomial Qx of degree dx for every node in the access tree T…..The key corresponding to each leaf node is given using its polynomial as follows. Let i = att(x). Dx = g Qx(0) ti = g bqx(0) ri = B qx(0) ri g Qx(0) ti = g bqx(0) bβi = g qx(0) βi if att(x) ∈ γ, otherwise” see also 4.2, and 5.1)
the encrypted access key being encrypted using the access policy ( Goyal: sect. 4.2, 5.1, 8, “Each user is subscribed to a different “package”. The user package describes an access policy, which along with the set of attributes describing any particular item being broadcast,….Our KP-ABE system naturally offers a targeted broadcast system. A new symmetric key would be chosen and used to encrypt each item being broadcast, and then the KP-ABE system would be used to encrypt the symmetric key with the attributes associated with the item being broadcast.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the teaching of Ben Henda’s slice-authentication secret with Goyal’s attribute-based key-generation mechanism to enforce slice-specifics access policies cryptographically, achieving finer-grained authorization, it will enforce slice access policies through attribute-bound keys and provide a secure and scalable slice authentication (Goyal, page 4 sect. 2).
Furthermore, Ben Henda also teaches the hardware components of claim 52 such a processor; and a memory (Ben Henda: fig. 8, para[133], “Processing circuitry 210 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 1210a (as in FIG. 12), e.g. in the form of a storage medium 233”).
As per claim 45, The method according to claim 44, wherein the network slice is a dynamically created network slice or a temporary network slice (Ben Henda: para[91], slice B is selected dynamically on-demand, this implies dynamic slice assignment).
As per claim 46, The method according to claim 44, wherein the method further comprises receiving a notification to authenticate to the network slice and an identifier of the network slice (Ben Henda: para[90-91], “The terminal device 200 decides to use services provided by network slice B. This could possibly result in additional signaling between the terminal device 200 and the Core Network and within the Core Network to redirect the terminal device 200 to the correct Network Function handling the access to network slice B. It is here assumed that this Network Function is the Target AMF 300b.” this requires the UE being notified of the target slice and its identifier (slice B)).
As per claim 47, The method according to claim 44, further comprising establishing a secure connection with a slice manager of the communications network, wherein the secret key is received from the slice manager using the secure connection (Ben Henda: para[90-93], EAP-based sluice authentication requires a secure, integrity-protected exchange. NAS SMC message is integrity protected using slice-auth secret).
As per claim 48, The method according to claim 44, further comprising transmitting the one or more attributes associated with the wireless communications device to a slice manager of the communications network (Ben Henda: para[91], “A network slice authentication procedure is triggered between the terminal device 200 and the communication network 100 during which signaling messages are exchanged with the target AMF 300b and possibly involving other network functions…In the case of EAP, if the used EAP method is key generating such as EAP-TLS or EAP-PSK then a successful authentication result in the establishment of shared keys, i.e. the MSK and the Extended MSK (EMSK) between the terminal device 200 and the AAA entity.”, slice authentication uses EAP-TLS/EAP-PSK, where the UE provide credential attributes (certificate, PSK identity) in the request. See also Guya section A.2).
Claims 40, 49-50 are rejected under 35 U.S.C. 103 as being unpatentable over Ben Henda (U.S. Application US 20220070157 A1; Hereinafter “Ben Henda”) in view of Goyal et al. (“Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data” CCS 2006; Hereafter “Goyal”) and Gigov et al. (U.S. Application US 20210374265 A1; Hereinafter “Gigov”).
As per claim 40, Ben Henda in view of Goyal teaches the dependent claim 38.
Ben Henda in view of Goyal does not explicitly teach verifying that the one or more attributes associated with the wireless communications device originate from a trusted application of the wireless communication device.
However, in the related art, Gigov teaches verifying that the one or more attributes associated with the wireless communications device originate from a trusted application of the wireless communications device (Gigov: para[76-79], “The Key Generation phase begins when the sender receives a set of attributes from the receiver. The sender first verifies the attributes: if the attributes supplied by the receiver do not align with the sender's expectations, the sender may terminate the process. Otherwise, using the verified attributes and the Master Secret Key, the sender generates a Private Key corresponding to these attributes (also referred to herein as a “Private ABE Key”) and communicates the Private Key to the receiver.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the modified teaching of Ben Henda and verify the attributes as discussed in Gigov, it will minimize the attack surfaces available for malicious unauthorized access attempts while providing granular access control for file contents sharing (Goyal, para [119]).
As per claim 49, Ben Henda in view of Goyal teaches the independent claim 44. Ben Henda discloses EAP-TLS and EAP-TLS is based on certificates stored in secure storage (SIM, secure element TEE)).
Gigov teaches wherein the one or more attributes associated with the wireless communications device are stored by a trusted entity of the wireless communications device, wherein the trusted entity is trusted by a manager of the communications network (Gigov: para [65-67], “the secure sharing module 170 may include a trusted viewer 180 for securely viewing (or otherwise making available to a user) contents of files 126 shared by the sender device 120. The storage units 154 may be used in some embodiments to store encrypted data used by the secure sharing module 170, including encrypted files 174, encrypted files encryption keys 176, and encrypted private attribute-based encryption (ABE) keys 178, as described further below.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the modified teaching of Ben Henda and verify the attributes as discussed in Gigov, it will minimize the attack surfaces available for malicious unauthorized access attempts while providing granular access control for file contents sharing (Goyal, para [119]).
As per claims 50, Ben Henda in view of Goyal teaches the dependent claim 49.
Ben Henda in view of Goyal does not explicitly teach wherein the trusted entity comprises an application of the wireless communications device.
However, in the related art, Gigov, wherein the trusted entity comprises an application of the wireless communications device (Gigov: para[135-137], “The sender device 120 and receiver device 150 include a sender secure sharing module 140 and receiver secure sharing module 170, respectively, as described above with reference to FIGS. 2-3. In some embodiments, these modules 140, 170 are trusted software applications signed cryptographically by a trusted authority.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have combine the modified teaching of Ben Henda and verify the attributes as discussed in Gigov, it will minimize the attack surfaces available for malicious unauthorized access attempts while providing granular access control for file contents sharing (Goyal, para [119]).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
“Flexible and anonymous network slicing selection for C-RAN enabled 5G
service authentication” Zang et al.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached on (571)-270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/L.L.N./Examiner, Art Unit 2437
/ALEXANDER LAGOR/Supervisory Patent Examiner, Art Unit 2437
Prosecution Insights