DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to Amendments filed on 01/20/2026.
In the instant Amendment, claims 1-2, 10, and 16-18, have been amended; and claims 1, 10, and 17 are independent claims. Claims 1-20 have been examined and are pending. This Action is made Final
In light of Applicant’s amendments, objection of claims 2, 16, and 18, and 112f of claim 17, have been withdrawn.
Response to Arguments
Applicant’s remarks filed on 01/20/2026 with respect to the 35 USC 112 (a) (b) rejection are persuasive. The 35 U.S.C. 112 (a) and 35 U.S.C. 112 (b) rejections of claims 1-9, 17-20 are withdrawn.
Applicants’ arguments filed on 01/20/2026 with respect to claims 1, and 10, and 17 have been considered but are moot in view of the new ground(s) of rejection, which were necessitated by amendment.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1, 3-9, 17, and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Herwono et al. (U.S. Pub. 2009/0287922 A1; Hereinafter “Herwono”) in view of Corella et al. (U.S. Pub 20160269393 A1; Hereinafter “Corella”) and Marsden et al. (U.S. Pub 2021/0289429 A1; Hereinafter “Marsden”).
As per claim 1, Herwono teaches a method for self-invalidation of a subscriber identity module (SIM) in a mobile communication device, the method comprising (Herwono: fig. 1 and 7, para [29], [44-45], “FIG. 1 illustrates a wireless communication system 100…the authentication and session key agreement between the authentication server and the client, and between the authentication server and the wireless server are both carried out using the EAP-SIM (extensible authentication protocol-subscriber identity module) protocol…FIG. 7 illustrates the EAP-SIM protocol at a high level.”):
receiving an authentication request from a network (Herwono: para [45], “The authenticator (in both cases the authentication server 115), requests the client (or later the wireless server) identity. 2) Client responds with Identity (International Mobile Subscriber Identity (IMSI) for full authentication)….5) Authenticator responds with a list of n (n=1 to 5) random challenges to authenticate the Client. These are produced by a GSM algorithm which generates a triplet of RAND, SRES and Kc. RAND is a 128 bit number used with a root key Ki (up to 128 bits stored on the SIM--the shared secret key) to generate a 64 bit key Kc and a 32 bit value SRES.”), the authentication request comprising one or more authentication values (Herwono: para[45], “Authenticator also sends a MAC of its n random numbers and Rc (the original random number sent by the Client). The MAC algorithm is HMAC-SHA1-128 [RFC2104] keyed hash value. The 16 byte HMAC-SHA1-128 value is obtained from the 20-byte HMAC-SHA1 value which is used to derive MK and is produced by concatenating a series of values--SHA1(Identity|n*Kc|NONCE_MT|Version List|Selected Version). MK (Master Key--K_C or K_WS in FIG. 2) is fed into a PRNG (Pseudo Random Number Generator) to produce Transient EAP Keys (TEKs) for protecting EAP-SIM packets, MSK (Master Session Key) for link layer security and EMSK (Extended Master Session Key). EAP-SIM requires two TEKs for its own purposes, the authentication key K_aut to be used with the AT_MAC attribute, and the encryption key K_encr, to be used with the AT_ENCR_DATA attribute. The same K_aut and K_encr keys are used in fall authentication and subsequent fast re-authentications.”);
comparing the one or more authentication values against one or more pre-stored authentication values (Herwono: para [45], “6) Client verifies MAC by using Ki (shared secret) to generate Kc and then in turn uses this and the RANDs to generate MK and then the MAC key K_aut. It then compares the generated MAC with the received MAC.”);
determining that the one or more authentication values and the pre-stored authentication values do not match (Herwono: para[45], “If MACs do not match Client sends EAP-Response/SIM/Client-Error and the exchange terminates.”).
Herwono does not explicitly teach based on the determination that the one or more authentication values and the pre-stored authentication values do not match, identifying the authentication request as an incorrect authentication attempt and incrementing a counter when the incorrect authentication attempt is one of one or more incorrect authentication attempts received consecutively; determining that the counter has reached a pre-configured threshold value; and in response to the counter reaching the pre-configured threshold value, updating an international mobile subscriber identity (IMSI) value within the SIM to a null value, wherein the null value is a value that prevents the SIM from being authenticated by the network.
However, in the related art, Corella teaches based on the determination that the one or more authentication values and the pre-stored authentication values do not match, identifying the authentication request as an incorrect authentication attempt and incrementing a counter when the incorrect authentication attempt is one of one or more incorrect authentication attempts received consecutively, determining that the counter has reached a pre-configured threshold value (Corella: fig. 1, 7, para [96-102], claim 20 “At 735 the application back-end compares the authentication phase tag computed at step 730 to the registration-phase tag 151 found in device record 145. If the two tags coincide, the process continues at 740. Otherwise the process continues at 750….. At 750 the application back-end increments the count 152 of consecutive authentication failures in device record 145. Then the process continues at 755. At 755 the application back-end compares the counter 152 of consecutive authentication failures found in device record 145 to its configured limit. If the count has reached the limit, the process continues at 760. Otherwise the process continues at 765. At 765 the application back-end sends a message to the application front-end over the secure connection indicating that authentication has failed. Then the authentication phase terminates”.).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to incorporate the retry counter and threshold authentication validation taught by Corella into the SIM authentication system of Herwono in order to improve authentication security and prevent repeated unauthorized authentication attempts (Corella: para [05]).
Herwono in view of Corella does not explicitly teach in response to the counter reaching the pre-configured threshold value, updating an international mobile subscriber identity (IMSI) value within the SIM to a null value, wherein the null value is a value that prevents the SIM from being authenticated by the network.
However, in the related art, Marsden teaches in response to the counter reaching the pre-configured threshold value, updating an international mobile subscriber identity (IMSI) value within the SIM to a null value, wherein the null value is a value that prevents the SIM from being authenticated by the network (Marsden: fig. 2, para[71-78], “The method 200 further comprises a step 202 of, in response to determining that the electronic device and/or SIM is not permitted to communicate using the mobile network, modifying the contents of the SIM to prevent the SIM from responding to a request from the modem or processing unit of the electronic device with communication data that enables the modem or processing unit to initiate a communication request to the mobile network…controlling the SIM to rewrite a stored SIM identifier (e.g. IMSI) with non-valid values, e.g. all ‘0’ or ‘F’. This will invalidate the SIM identifier, so that a request to the SIM (e.g. from the modem or processing module) will prevent the SIM from responding with appropriate communication data.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 3, Herwono in view of Corella and Marsden teaches the independent claim 1. Marsden teaches wherein the pre-configured threshold value for the counter is configurable by a network operator (Marsden: para[89], [152-154], “To increase a level of control over the mobile network system, any of the aforementioned counter values, predetermined values, thresholds or timers (where appropriate) may be updated or modified by an operator of the mobile network. Counter values, thresholds and timers stored on the SIM may be updated using an over-the-air process.”, para[89], “Over-the-air (OTA) is a well-known platform by which a mobile network operator, e.g. the operator of the remote system, and send and receive services to and from a SIM. The OTA platform is commonly used for providing software updates, configuration settings and/or encryption keys to a SIM”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 4, Herwono in view of Corella and Marsden teaches the independent claim 1. Marsden teaches further comprising refreshing the SIM or the mobile communication device following the updating the IMSI value (Marsden: para[89], [152-154], “To increase a level of control over the mobile network system, any of the aforementioned counter values, predetermined values, thresholds or timers (where appropriate) may be updated or modified by an operator of the mobile network. Counter values, thresholds and timers stored on the SIM may be updated using an over-the-air process.” ).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 5, Herwono in view of Corella and Marsden teaches the independent claim 1. Herwono teaches wherein the one or more authentication values are comprised of a challenge-response between the SIM and the network (Herwono: para [29], [32-33], “The authentication server then generates a first device random number (RANDa) together with a first device processed random number (SSDa[RANDa]) or challenge response using its shared secret data (SSDa) associated with the identified client”).
As per claim 6, Herwono in view of Corella and Marsden teaches the independent claim 1. Marsden teaches wherein the SIM stores a record of each incorrect authentication (Marsden: para[123], “In particular examples, step 403 may comprise a step 403A of modifying a second counter value, stored by the SIM, upon each unsuccessful connection attempt of the electronic device to the mobile network. Step 403A may comprise incrementing (e.g. by 1) the second counter value or decrementing (e.g. by 1) the second counter value.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 7, Herwono in view of Corella and Marsden teaches the independent claim 1. Marsden teaches further comprising the step of sending an alert to a network operator when the counter reaches the pre-configured threshold value (Marsden: para[71-77], “code of the SIM may be activated so that it responds to a request for an SIM identifier with invalid data, or other information such as “Not Ready” or “Access Denied” to prevent the SIM identifier from being passed back in response to the request.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 8, Herwono in view of Corella and Marsden teaches the independent claim 1. Marsden teaches wherein the SIM is remotely reset by the network operator after the IMSI value has been updated to the null value (Marsden: para[30-32], “The reset communication may be provided from the remote system as an OTA command during an authenticated communication session….In other words, there may be a third counter value (or “reset counter value”) stored by the SIM, wherein the third counter value is modified (e.g. incremented) in response to a reset communication and the SIM is adapted to not set the second counter value to the second predetermined value in response to the third counter value reaching or breaching a predetermined threshold.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 9, Herwono in view of Corella and Marsden teaches the independent claim 1. Marsden teaches wherein the counter is reset to zero after a successful authentication attempt (Marsden: para[130], [148] “the second counter value is reset to the predetermined/initialized value in response to the electronic device successfully connecting to the mobile network”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 17, Herwono teaches a system for managing authentication of a mobile communication network using a subscriber identity module (SIM), comprising (Herwono: para [29], [44-45], fig. 1 and 7, “the authentication and session key agreement between the authentication server and the client, and between the authentication server and the wireless server are both carried out using the EAP-SIM (extensible authentication protocol-subscriber identity module) protocol…FIG. 7 illustrates the EAP-SIM protocol at a high level.”):
a SIM configured to store an international mobile subscriber identity (IMSI) and authentication keys (Herwono: para[29], [45], fig. 2, “In this embodiment however, two SIM cards are used, a first SIM (A) card 120 for the first device, in this embodiment a wireless client device 105, and a second SIM (B) card 125 for the second device, in this embodiment a wireless server 110. As will be appreciated by those skilled in the art, each SIM card 120, 125 contains an embedded microprocessor 150 and secret shared data (SSD) including a secret key 115 (Ki), key generating algorithms 160, and authentication response algorithms 165 which are securely embedded within the SIM card 120, 125”, “Client responds with Identity (International Mobile Subscriber Identity (IMSI) for full authentication).”);
a monitor and an analyzer working in conjunction within the SIM configured to (Herwono: para[29], “each SIM card 120, 125 contains an embedded microprocessor 150 and secret shared data (SSD) including a secret key 115 (Ki), key generating algorithms 160, and authentication response algorithms 165 which are securely embedded within the SIM card 120, 125”):
compare authentication values received from a network entity with pre-stored authentication values (Herwono: para [45], “6) Client verifies MAC by using Ki (shared secret) to generate Kc and then in turn uses this and the RANDs to generate MK and then the MAC key K_aut. It then compares the generated MAC with the received MAC…. If MACs do not match Client sends EAP-Response/SIM/Client-Error and the exchange terminates”).
Herwono does not explicitly teach track a number of consecutive incorrect authentication attempts by incrementing a counter when one or more incorrect authentication attempts is received consecutively; update the IMSI to a null value upon reaching a predetermined number of consecutive incorrect attempts, wherein the null value is a value that prevents the SIM from being authenticated by the network; and a management interface for a network operator to configure the predetermined number of consecutive incorrect attempts and monitor a status of the SIM.
However, in the related art, Corella teaches based on the determination that the one or more authentication values and the pre-stored authentication values do not match, identifying the authentication request as an incorrect authentication attempt and incrementing a counter when the incorrect authentication attempt is one of one or more incorrect authentication attempts received consecutively, determining that the counter has reached a pre-configured threshold value (Corella: fig. 1, 7, para [96-102], claim 20 “At 735 the application back-end compares the authentication phase tag computed at step 730 to the registration-phase tag 151 found in device record 145. If the two tags coincide, the process continues at 740. Otherwise the process continues at 750….. At 750 the application back-end increments the count 152 of consecutive authentication failures in device record 145. Then the process continues at 755. At 755 the application back-end compares the counter 152 of consecutive authentication failures found in device record 145 to its configured limit. If the count has reached the limit, the process continues at 760. Otherwise the process continues at 765. At 765 the application back-end sends a message to the application front-end over the secure connection indicating that authentication has failed. Then the authentication phase terminates”.).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to incorporate the retry counter and threshold authentication validation taught by Corella into the SIM authentication system of Herwono in order to improve authentication security and prevent repeated unauthorized authentication attempts (Corella: para [05]).
However, in the related art, Marsden teaches update the IMSI to a null value upon reaching a predetermined number of consecutive incorrect attempts, wherein the null value is a value that prevents the SIM from being authenticated by the network (Marsden: fig. 2, para[25], [71-78], “in response to determining that the electronic device and/or SIM is not permitted to communicate using the mobile network, modifying the contents of the SIM to prevent the SIM from responding to a request from the modem or processing unit of the electronic device with communication data that enables the modem or processing unit to initiate a communication request to the mobile network…controlling the SIM to rewrite a stored SIM identifier (e.g. IMSI) with non-valid values, e.g. all ‘0’ or ‘F’. This will invalidate the SIM identifier, so that a request to the SIM (e.g. from the modem or processing module) will prevent the SIM from responding with appropriate communication data.”); and
a controller for a network operator to configure the predetermined number of consecutive incorrect attempts and monitor a status of the SIM (Marsden: para[25], [40], [138], [152-153], “The mobile network system may further comprise.. the electronic device (such as a processing unit, user interface, sensor and so on”, “The SIM may be further adapted to permit a limited boost to the second counter value, e.g. to enable a user or the electronic device to manually configure the SIM to permit at least some further authentication requests to be made by the electronic device” “by monitoring the number of requests for the relevant information (e.g. a request for an identification number) made by the modem or processing unit and/or the accept/reject status following the connection attempt made subsequently.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 19, Herwono in view of Corella and Marsden teaches independent claim 17. Marsden teaches wherein the predetermined number of consecutive incorrect attempts is configurable by the network operator through the management interface (Marsden: para[40], [138], [152-153], “The mobile network system may further comprise.. the electronic device (such as a processing unit, user interface, sensor and so on”, “The SIM may be further adapted to permit a limited boost to the second counter value, e.g. to enable a user or the electronic device to manually configure the SIM to permit at least some further authentication requests to be made by the electronic device”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
As per claim 20, Herwono in view of Corella and Marsden teaches the independent claim 17. Marsden teaches notifying a user of a mobile communication device when the IMSI is updated to the null value (Marsden: para [76], “code of the SIM may be activated so that it responds to a request for an SIM identifier with invalid data, or other information such as “Not Ready” or “Access Denied” to prevent the SIM identifier from being passed back in response to the request.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to update the modified Herwono with the modification of SIM contents based on counter values of Marsden, it will provide flexible and configurable authentication security policies and control SIM authentication behavior based on repeated authentication failure (Marsden: para [05-06]).
Claims 10-15 are rejected under 35 U.S.C. 103 as being unpatentable over Herwono et al. (U.S. Pub. 2009/0287922 A1; Hereinafter “Herwono”) in view of Corella et al. (U.S. Pub 20160269393 A1; Hereinafter “Corella”) and Collins et al. (U.S. Pub 2016/0036779 A1; Hereinafter “Collins”).
As per claim 10, Herwono teaches a method for managing authentication in a mobile communication device with an embedded subscriber identity module (eSIM), the method comprising (Herwono: para [29], [44-45], fig. 1 and 7, “the authentication and session key agreement between the authentication server and the client, and between the authentication server and the wireless server are both carried out using the EAP-SIM (extensible authentication protocol-subscriber identity module) protocol…FIG. 7 illustrates the EAP-SIM protocol at a high level.”):
receiving, by the eSIM, a sequence of authentication requests from a network (Herwono: para [45], “The authenticator (in both cases the authentication server 115), requests the client (or later the wireless server) identity. 2) Client responds with Identity (International Mobile Subscriber Identity (IMSI) for full authentication)….5) Authenticator responds with a list of n (n=1 to 5) random challenges to authenticate the Client. These are produced by a GSM algorithm which generates a triplet of RAND, SRES and Kc. RAND is a 128 bit number used with a root key Ki (up to 128 bits stored on the SIM--the shared secret key) to generate a 64 bit key Kc and a 32 bit value SRES.”);
performing a verification process for each authentication request to determine if one or more authentication values match pre-stored values within the eSIM (Herwono: para [45], “6) Client verifies MAC by using Ki (shared secret) to generate Kc and then in turn uses this and the RANDs to generate MK and then the MAC key K_aut. It then compares the generated MAC with the received MAC…. If MACs do not match Client sends EAP-Response/SIM/Client-Error and the exchange terminates”).
Herwono does not explicitly teach maintaining, a record of a number of consecutive failed authentication attempts by incrementing a counter when one or more failed authentication attempt is received consecutively; implementing a lockout period for the eSIM when the number of consecutive incorrect authentication attempts exceeds a predefined threshold; and automatically resuming normal operation of the eSIM after the lockout period ends.
However, in the related art, Corella teaches maintaining, a record of a number of consecutive failed authentication attempts by incrementing a counter when one or more failed authentication attempt is received consecutively (Corella: fig. 1, 7, para [96-102], claim 20 “At 735 the application back-end compares the authentication phase tag computed at step 730 to the registration-phase tag 151 found in device record 145. If the two tags coincide, the process continues at 740. Otherwise the process continues at 750….. At 750 the application back-end increments the count 152 of consecutive authentication failures in device record 145. Then the process continues at 755. At 755 the application back-end compares the counter 152 of consecutive authentication failures found in device record 145 to its configured limit. If the count has reached the limit, the process continues at 760. Otherwise the process continues at 765. At 765 the application back-end sends a message to the application front-end over the secure connection indicating that authentication has failed. Then the authentication phase terminates”.).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to incorporate the retry counter and threshold authentication validation taught by Corella into the SIM authentication system of Herwono in order to improve authentication security and prevent repeated unauthorized authentication attempts (Corella: para [05]).
Herwono in view of Corella does not explicitly teach implementing a lockout period for the eSIM when the number of consecutive incorrect authentication attempts exceeds a predefined threshold; and automatically resuming normal operation of the eSIM after the lockout period ends.
However, in the related art, Collins teaches implementing a lockout period for the eSIM when the number of consecutive incorrect authentication attempts exceeds a predefined threshold (Collins: para [123-131], “If the access to any of these files goes beyond a threshold, the SIM CMM 550 will block the access temporarily or turn off features in the EF.sub.SST that determine access to network service controlled via the modem module 510”); and
automatically resuming normal operation of the eSIM after the lockout period ends (Collins: para[103], [125-131], “The SIM may be revived by the user, control center administrator, control center automated processor, or network operator by entering a PIN or validating any of the invalidated SIM files 530.”, “The testing and monitoring program code 305 can automatically establish a connection with the control center 280 over the wireless cellular network 230 and/or a direct channel through the Internet 260”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the modified teaching of Herwono with the authentication process of Marsden, it will prevent a large number of devices from attempting operations on the network at the same time (Collins: para [137]).
As per claim 11, Herwono in view of Corella and Collins teaches the independent claim 10. Collins teaches further comprising the step of notifying a user of the mobile communication device when the lockout period is implemented (Collins: para106], “the USB device 301 with the SIM passes the provisioning test step 401. A test failure indicates that one or more of the foregoing conditions were not met. For example, if the SIM's state is not “Activation Ready” or “Activated,” or if the SIM has been blocked due to excessive signaling or excessive data usage, then the USB device 301 with the SIM 311 will fail the provisioning step 401. In response, one embodiment of the testing and monitoring program code 305 performs troubleshooting operations to fix the problem and/or notifies the user of troubleshooting steps to be taken.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Herwono with the authentication process of Marsden, it will prevent a large number of devices from attempting operations on the network at the same time (Collins: para [137]).
As per claim 12, Herwono in view of Corella and Collins teaches the independent claim 10. Collins teaches wherein the lockout period is configurable by the network operator through a remote management system (Collins: para[127-129], “the SIM CMM 550 is embedded software within the SIM 311 that controls the modem module 510, ensures that a connection is established and maintained, enables external network-initiated connections, and provides remote control options and diagnostic functions (e.g. via the control center 280)…The rules sets may be created, revised, updated, and tested and can be distributed remotely by various means, including generation and distribution by the control center 280. In one embodiment, the rules sets are created, at least in part, based on results of the certification process described above”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Herwono with the authentication process of Marsden, it will prevent a large number of devices from attempting operations on the network at the same time (Collins: para [137]).
As per claim 13, Herwono in view of Corella and Collins teaches the independent claim 10. Collins teaches wherein the lockout period is temporary (Collins: para124], “f the access to any of these files goes beyond a threshold, the SIM CMM 550 will block the access temporarily or turn off features in the EF.sub.SST that determine access to network service controlled via the modem module 510.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Herwono with the authentication process of Marsden, it will prevent a large number of devices from attempting operations on the network at the same time (Collins: para [137]).
As per claim 14, Herwono in view of Corella and Collins teaches the independent claim 10. Collins teaches wherein the lockout period is permanent (Collins: para124], “f the access to any of these files goes beyond a threshold, the SIM CMM 550 will block the access temporarily or turn off features in the EF.sub.SST that determine access to network service controlled via the modem module 510.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching Herwono with the authentication process of Marsden, it will prevent a large number of devices from attempting operations on the network at the same time (Collins: para [137]).
As per claim 15, Herwono in view of Corella and Collins teaches the independent claim 10. Marsden teaches wherein the lockout period comprises updating, by the eSIM, an international mobile subscriber identity (IMSI) value to a null value (Marsden: fig. 2, para[71-78], [127-154], “The method 200 further comprises a step 202 of, in response to determining that the electronic device and/or SIM is not permitted to communicate using the mobile network, modifying the contents of the SIM to prevent the SIM from responding to a request from the modem or processing unit of the electronic device with communication data that enables the modem or processing unit to initiate a communication request to the mobile network…controlling the SIM to rewrite a stored SIM identifier (e.g. IMSI) with non-valid values, e.g. all ‘0’ or ‘F’. This will invalidate the SIM identifier, so that a request to the SIM (e.g. from the modem or processing module) will prevent the SIM from responding with appropriate communication data.”).
Claims 2 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Herwono et al. (U.S. Pub. 2009/0287922 A1; Hereinafter “Herwono”) in view of Corella et al. (U.S. Pub 20160269393 A1; Hereinafter “Corella”), Marsden et al. (U.S. Pub 2021/0289429 A1; Hereinafter “Marsden”) and Heutschi et al. (W.O. 9810614 A1; Hereinafter “Heutschi”).
As per claims 2 and 18, Herwono in view of Corella and Marsden teaches the independent claim 1.
Herwono in view of Corella and Marsden does not teach wherein the null value for the IMSI is represented by a sequence of hexadecimal values, each hexadecimal value of the sequence of hexadecimal values comprising an FF value
However, in the related art, Heutschi teaches wherein the null value for the IMSI is represented by a sequence of hexadecimal values, each hexadecimal value of the sequence of hexadecimal values comprising an FF value (Heutschi: “If the subscriber identifier IMSI corresponds to an identifier in the partner network PPLMN, the program continues with the following step 35, in which the subscriber identifier IMSI-PPLMN is replaced by the identifier IMSI-HPLMN in the subscriber's home network. The program then executes operation 36 in which the EFLOCI file is deleted, for example by writing the hexadecimal value "FF FF FF”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have update the modified teaching Herwono with Heutschi, it will protect user privacy and enhance security by preventing sophisticated attacks.
Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over Herwono et al. (U.S. Pub. 2009/0287922 A1; Hereinafter “Herwono”) in view of Corella et al. (U.S. Pub 20160269393 A1; Hereinafter “Corella”), Collins et al. (U.S. Pub 2016/0036779 A1; Hereinafter “Collins”) and Heutschi et al. (W.O. 9810614 A1; Hereinafter “Heutschi”).
As per claim 16, Herwono in view of Corella and Collins teaches the independent claim 10.
Herwono in view of Corella and Collins does not teach wherein the null value for the IMSI is represented by a sequence of hexadecimal values, each hexadecimal value of the sequence of hexadecimal values comprising an FF value
However, in the related art, Heutschi teaches wherein the null value for the IMSI is represented by a sequence of hexadecimal values comprising hexadecimal value FF, wherein hexadecimal value FF indicates that the IMSI is not valid (Heutschi: “If the subscriber identifier IMSI corresponds to an identifier in the partner network PPLMN, the program continues with the following step 35, in which the subscriber identifier IMSI-PPLMN is replaced by the identifier IMSI-HPLMN in the subscriber's home network. The program then executes operation 36 in which the EFLOCI file is deleted, for example by writing the hexadecimal value "FF FF FF”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to have update the modified teaching Herwono with Heutschi, it will protect user privacy and enhance security by preventing sophisticated attacks.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Alexander Lagor can be reached on (571)-270-5143. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/L.L.N./Examiner, Art Unit 2437
/BENJAMIN E LANIER/Primary Examiner, Art Unit 2437