Detailed Action
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office action is in response to Applicant’s amendment submitted on December 23, 2025.
Claims 1-3, 5-17, 19-22 are pending in the application.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on November 17, 2025 is in compliance with the provisions of 37 CFR 1.97, and accordingly, the IDS has been considered by the examiner.
Response to Arguments/Remarks
Claim Rejections - 35 USC § 102
Claims 1, 3-4, 6-8, 11, 14-15, 17-18, and 20 were rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kim et al. US Patent Publication No. 2023/0082718.
The amendments to claims 1, 15, and 20 have overcome the rejections. Therefore, the prior rejection has been withdrawn, and new grounds of rejection are made in this Office action. The new grounds of rejection are necessitated by Applicant's amendment, and accordingly, this Office action is made Final.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.
Claim 22 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention.
Regarding claim 22, the claim recites “the one or more permanent identifiers” followed by a list of identifiers, IMSI, IMEI, MSISDN, and NAI. The claim recites “one or more,” and as such, it is not clear whether the claim, at most, requires one of the permanent identifiers or all of the listed identifiers.
Claim Rejections - 35 USC § 103
The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action.
Claims 1, 3, 6-8, 11, 14-15, 17, 20-22 are rejected under 35 U.S.C. 103 as being unpatentable over Kim et al. US Patent Publication No. 2023/0082718 (“Kim”) in view of Verma et al. US Patent Publication No. 2020/0145432 (“Verma”) and Kim et al. US Patent Publication No. 2018/0234942 (“Kim ‘942”).
Regarding claim 1, Kim teaches a system, comprising: a processor configured to:
monitor network traffic in a core mobile network using a security platform to identify a Remote User Equipment (UE) that attached to the core mobile network for mobile network communications (para. [0054] core network 305. para. [0096] SMF device identifies specific traffic from the remote UE by the identifier);
extract one or more permanent identifiers from a Remote UE Report associated with the Remote UE using the security platform (para. [0094] remote UE report. para. [0096] SMF device identifies specific traffic from the remote UE by the identifier (e.g., the identifier provided in the remote UE report and/or associated with the PDU session). SMF device may identify an IP 3-tuple or 5-tuple, identify the corresponding packet filter for the corresponding remote UE); and
apply security enforcement to the Remote UE using the security platform based at least in part on the one or more permanent identifiers (para. [0095] SMF device may determine to manage the PDU session. SMF device may determine that abusive or otherwise malicious network traffic associated with the remote UE violated the operator policy and would require PDU session management. para. [0096] after identifying the network traffic of the remote UE to be restricted, the SMF device may identify the corresponding QoS flow and corresponding packet filter to determine instructions for managing the PDU session.); and a memory coupled to the processor and configured to provide the processor with instructions (para. [0151]).
Kim does not teach wherein the one or more permanent identifiers includes one or more of the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and/or Network Access Identifier (NAI).
Verma teaches applying security enforcement using a security platform based at least in part on one or more permanent identifiers, wherein the one or more permanent identifiers includes one or more of the following: IMSI, IMEI, MSISDN, and/or NAI (para. [0125] ‘user ID’ IE can include the following information/parameters: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identifier (IMEI), Mobile Subscriber ISDN (MSISDN), and/or Network Access Identifier (NAI). para. [0125] providing service-based security (e.g., performed using a security policy implemented by a security platform that can be applied) per IMSI, IMEI, MSISDN, and/or NAI to provide threat identification and prevention). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma’s disclosure of applying security enforcement based on based at least in part on one or more permanent identifiers, wherein the one or more permanent identifiers includes one or more of the following: IMSI, IMEI, MSISDN, and/or NAI. One of ordinary skill in the art would have been motivated to do so because Kim discloses applying security enforcement using identifier(s), and it would have been beneficial to expand the identifiers to include additional identifier(s) to provide threat identification and prevention.
Kim ‘942 teaches one or more permanent identifiers from a Remote UE Report, wherein the one or more permanent identifiers includes one or more of the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and/or Network Access Identifier (NAI) (para. [0152],[0170] Remote UE Report message includes… an international mobile subscriber identity (IMSI) as an ID of the remote UE). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim and Verma with Kim ‘942’s disclosure of a Remote UE Report comprising IMSI. One of ordinary skill in the art would have been motivated to do so because Kim discloses using identifier(s) in the remote UE report in order identify traffic, and it would have beneficial to have include additional types identifier(s) that can be used to uniquely identify the UE and apply security enforcement.
Regarding claim 15, Kim teaches a method, comprising:
monitoring network traffic in a core mobile network using a security platform to identify a Remote User Equipment (UE) that attached to the core mobile network for mobile network communications (para. [0054] core network 305. para. [0096] SMF device identifies specific traffic from the remote UE by the identifier);
extracting one or more permanent identifiers from a Remote UE Report associated with the Remote UE using the security platform (para. [0094] remote UE report. para. [0096] SMF device identifies specific traffic from the remote UE by the identifier (e.g., the identifier provided in the remote UE report and/or associated with the PDU session). For example, the SMF device may identify an IP 3-tuple or 5-tuple, identify the corresponding packet filter for the corresponding remote UE); and
applying security enforcement to the Remote UE using the security platform based at least in part on the one or more permanent identifiers (para. [0095] SMF device may determine to manage the PDU session. SMF device may determine that abusive or otherwise malicious network traffic associated with the remote UE violated the operator policy and would require PDU session management. para. [0096] after identifying the network traffic of the remote UE to be restricted, the SMF device may identify the corresponding QoS flow and corresponding packet filter to determine instructions for managing the PDU session.).
Kim does not teach wherein the one or more permanent identifiers includes one or more of the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and/or Network Access Identifier (NAI).
Verma teaches applying security enforcement using a security platform based at least in part on one or more permanent identifiers, wherein the one or more permanent identifiers includes one or more of the following: IMSI, IMEI, MSISDN, and/or NAI (para. [0125] ‘user ID’ IE can include the following information/parameters: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identifier (IMEI), Mobile Subscriber ISDN (MSISDN), and/or Network Access Identifier (NAI). para. [0125] providing service-based security (e.g., performed using a security policy implemented by a security platform that can be applied) per IMSI, IMEI, MSISDN, and/or NAI to provide threat identification and prevention). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma’s disclosure of applying security enforcement based on based at least in part on one or more permanent identifiers, wherein the one or more permanent identifiers includes one or more of the following: IMSI, IMEI, MSISDN, and/or NAI. One of ordinary skill in the art would have been motivated to do so because Kim discloses applying security enforcement using identifier(s), and it would have been beneficial to expand the identifiers to include additional identifier(s) to provide threat identification and prevention.
Kim ‘942 teaches one or more permanent identifiers from a Remote UE Report, wherein the one or more permanent identifiers includes one or more of the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and/or Network Access Identifier (NAI) (para. [0152],[0170] Remote UE Report message includes… an international mobile subscriber identity (IMSI) as an ID of the remote UE). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim and Verma with Kim ‘942’s disclosure of a Remote UE Report comprising IMSI. One of ordinary skill in the art would have been motivated to do so because Kim discloses using identifier(s) in the remote UE report in order identify traffic, and it would have beneficial to have include additional types identifier(s) that can be used to uniquely identify the UE and apply security enforcement.
Regarding claim 20, Kim teaches a computer program product, the computer program product being embodied in a non-transitory computer readable storage medium and comprising computer instructions for:
monitoring network traffic in a core mobile network using a security platform to identify a Remote User Equipment (UE) that attached to the core mobile network for mobile network communications (para. [0058] core network 305. para. [0096] SMF device identifies specific traffic from the remote UE by the identifier);
extracting one or more permanent identifiers from a Remote UE Report associated with the Remote UE using the security platform (para. [0094] remote UE report. para. [0096] SMF device identifies specific traffic from the remote UE by the identifier (e.g., the identifier provided in the remote UE report and/or associated with the PDU session). For example, the SMF device may identify an IP 3-tuple or 5-tuple, identify the corresponding packet filter for the corresponding remote UE); and
applying security enforcement to the Remote UE using the security platform based at least in part on the one or more permanent identifiers (para. [0095] SMF device may determine to manage the PDU session. SMF device may determine that abusive or otherwise malicious network traffic associated with the remote UE violated the operator policy and would require PDU session management. para. [0096] after identifying the network traffic of the remote UE to be restricted, the SMF device may identify the corresponding QoS flow and corresponding packet filter to determine instructions for managing the PDU session.).
Kim does not teach wherein the one or more permanent identifiers includes one or more of the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and/or Network Access Identifier (NAI).
Verma teaches applying security enforcement using a security platform based at least in part on one or more permanent identifiers, wherein the one or more permanent identifiers includes one or more of the following: IMSI, IMEI, MSISDN, and/or NAI (para. [0125] ‘user ID’ IE can include the following information/parameters: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identifier (IMEI), Mobile Subscriber ISDN (MSISDN), and/or Network Access Identifier (NAI). para. [0125] providing service-based security (e.g., performed using a security policy implemented by a security platform that can be applied) per IMSI, IMEI, MSISDN, and/or NAI to provide threat identification and prevention). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma’s disclosure of applying security enforcement based on based at least in part on one or more permanent identifiers, wherein the one or more permanent identifiers includes one or more of the following: IMSI, IMEI, MSISDN, and/or NAI. One of ordinary skill in the art would have been motivated to do so because Kim discloses applying security enforcement using identifier(s), and it would have been beneficial to expand the identifiers to include additional identifier(s) to provide threat identification and prevention.
Kim ‘942 teaches one or more permanent identifiers from a Remote UE Report, wherein the one or more permanent identifiers includes one or more of the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and/or Network Access Identifier (NAI) (para. [0152],[0170] Remote UE Report message includes… an international mobile subscriber identity (IMSI) as an ID of the remote UE). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim and Verma with Kim ‘942’s disclosure of a Remote UE Report comprising IMSI. One of ordinary skill in the art would have been motivated to do so because Kim discloses using identifier(s) in the remote UE report in order identify traffic, and it would have beneficial to have include additional types identifier(s) that can be used to uniquely identify the UE and apply security enforcement.
Regarding claim 3, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the one or more permanent identifiers includes subscriber identity and/or equipment identity information (Kim: para. [0094] IP address, MAC address. Kim ‘942: para. [0152],[0170] IMSI).
Regarding claim 6, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the security platform is located in the core mobile network (Kim: para. [0058] core network 305).
Regarding claim 7, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the security platform is located in the core mobile network, and wherein the mobile network includes a 4G/LTE mobile network (Kim: para. [0028] 4G, LTE. para. [0058] core network 305).
Regarding claim 8, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the security platform is located in the core mobile network, and wherein the mobile network includes a 5G mobile network (Kim: para. [0027],[0028] 5G. para. [0058] core network 305).
Regarding claim 11, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the security platform is configured with a plurality of security policies to apply network slice based security, subscriber identity based security, and/or equipment identity based security in the core mobile network (Kim: para. [0135] security may be improved by enabling particular remote UEs to be identified, and distinguished from other remote UEs that may use the same PDU session, which may facilitate specific network security enforcement actions and policy enforcement).
Regarding claim 14, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the processor is further configured to: apply known and/or unknown threat identification and/or prevention to the network traffic of the Remote UE in the core mobile network based at least in part on the one or more permanent identifiers (Kim: para. [0084] security may be improved by enabling particular remote UEs to be identified and distinguished from other remote UEs that may use the same PDU session, which may facilitate specific network security enforcement actions and policy enforcement. para. [0097] restrict the network traffic, exclude traffic).
Regarding claim 17, Kim in view of Verma and Kim ‘942 teach the method of claim 15, wherein the one or more permanent identifiers includes subscriber identity and/or equipment identity information (Kim: para. [0094] IP address, MAC address. Kim ‘942: para. [0152],[0170] IMSI).
Regarding claim 21, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the one or more permanent identifiers includes two or more of the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and/or Network Access Identifier (NAI) (Verma: para. [0125] ‘user ID’ IE can include the following information/parameters: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identifier (IMEI), Mobile Subscriber ISDN (MSISDN), and/or Network Access Identifier (NAI). para. [0125] providing service-based security (e.g., performed using a security policy implemented by a security platform that can be applied) per IMSI, IMEI, MSISDN, and/or NAI to provide threat identification and prevention).
Regarding claim 22, Kim in view of Verma and Kim ‘942 teach the system recited in claim 1, wherein the one or more permanent identifiers includes the following: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identity (IMEI), Mobile Station International Subscriber Directory Number (MSISDN), and Network Access Identifier (NAI) (Verma: para. [0125] ‘user ID’ IE can include the following information/parameters: International Mobile Subscription Identity (IMSI), International Mobile Equipment Identifier (IMEI), Mobile Subscriber ISDN (MSISDN), and/or Network Access Identifier (NAI). para. [0125] providing service-based security (e.g., performed using a security policy implemented by a security platform that can be applied) per IMSI, IMEI, MSISDN, and/or NAI to provide threat identification and prevention).
Claims 2 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Kim in view of Verma, Kim ‘942, and Cheng et al. US Patent Publication No. 2021/0250749 (“Cheng”).
Regarding claim 2, Kim teaches the system recited in claim 1. Kim discloses a relay UE relaying network traffic and the relay UE providing with ProSe relay parameters (para. [0086],[0090]), wherein the Remote UE is attached to the core mobile network. However, Kim does not expressly teach via a ProSe UE-to-Network Relay.
Cheng discloses a Remote UE attached to a core mobile network via a ProSe UE-to-Network Relay (para. [0114] remote UE 115-d, network relay UE 115-e, NG-RAN 305, AMF 310, SMF 315, and UPF 320 may undergo authorization and provision for ProSe UE-to-network Relay (i.e., network relay UE 115-e) to provide an attachment to the network for remote UE 115-d). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have implemented Cheng’s disclosure of providing attachment via a ProSe UE-to-Network Relay. One of ordinary skill in the art would have motivated to do so in order to have similarly provided support for proximity services and a point of attachment for the remote UE.
Regarding claim 16, Kim teaches the method of claim 15. Kim discloses a relay UE relaying network traffic and the relay UE providing with ProSe relay parameters (para. [0086],[0090]), wherein the Remote UE is attached to the core mobile network. However, Kim does not expressly teach via a ProSe UE-to-Network Relay.
Cheng discloses a Remote UE attached to a core mobile network via a ProSe UE-to-Network Relay (para. [0114] remote UE 115-d, network relay UE 115-e, NG-RAN 305, AMF 310, SMF 315, and UPF 320 may undergo authorization and provision for ProSe UE-to-network Relay (i.e., network relay UE 115-e) to provide an attachment to the network for remote UE 115-d). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have implemented Cheng’s disclosure of providing attachment via a ProSe UE-to-Network Relay. One of ordinary skill in the art would have motivated to do so in order to have similarly provided support for proximity services and a point of attachment for the remote UE.
Claims 5, 9-10, 12-13, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Kim in view of Verma, Kim ‘942, and Verma et al. US Patent Publication No. 2020/0259870 (“Verma ‘870”).
Regarding claim 5, Kim does not teach the system recited in claim 1, wherein the security platform is configured to monitor one or more interfaces and to decode one or more of the following protocols in the core mobile network: GPRS Tunneling Protocol (GTP)-C, GTP-U, NAS, HTTP/2, and Next Generation Application Protocol (NGAP).
Verma ‘870 teaches a security platform configured to monitor one or more interfaces and to decode one or more of the following protocols in the core mobile network: GPRS Tunneling Protocol (GTP)-C, GTP-U, NAS, HTTP/2, and Next Generation Application Protocol (NGAP) (claim 1. security platform monitors wireless interfaces. para. [0041] security platform is configured to monitor the GTP communications between the SGSN and GGSN in the mobile core network (e.g., next generation firewall, which can monitor GTP-U traffic during GTP sessions...) para. [0192] monitoring traffic… extract RAT information/parameters from GTP-C traffic on the mobile core network). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma ‘870’s disclosure by implementing a security platform configured to monitor one or more interfaces and to decode one or more of the following protocols in the core mobile network: GTP-C, GTP-U, NAS, HTTP/2, and NGAP. One of ordinary skill in the art would have motivated to do so for benefits of providing enhanced security services by enabling the monitoring of traffic for communications including data associated with tunneling protocols and applying security policies based on an application, PI address, and unique device identifiers (para. [0038]).
Regarding claim 9, Kim does not expressly teach the system recited in claim 1, wherein the security platform is executed on a host entity in the core mobile network.
Verma ‘870 teaches a security platform executed on a host entity in the core mobile network (para. [0040] security platform is configured to monitor the GTP communications between the SGSN and GGSN in the mobile core network. para. [0166] network device 500 (e.g., an appliance, gateway, or server that can implement the security platform disclosed herein). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma ‘870’s disclosure by implementing a security platform executed on a host entity in the core mobile network. One of ordinary skill in the art would have motivated to do so for benefits of providing the flexibility to implement the security platform on different devices and providing enhanced security services by applying security policies to monitored traffic (para. [0038]).
Regarding claim 10, Kim does not teach the system recited in claim 1, wherein the security platform is a virtual firewall executed on a host entity in the core mobile network.
Verma ‘870 teaches a virtual firewall executed on a host entity in the core mobile network (para. [0052] using a security platform 102 (e.g., a (virtual) device/appliance that includes a firewall (FW)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma ‘870’s disclosure by implementing a security platform as a virtual firewall executed on a host entity in the core mobile network. One of ordinary skill in the art would have motivated to do so for benefits of providing the flexibility to implement the security platform on different devices to monitor/filter traffic and providing enhanced security services by applying security policies to monitored traffic (para. [0038]).
Regarding claim 12, Kim does not teach the system recited in claim 1, wherein the processor is further configured to: apply application control to the network traffic of the Remote UE in the core mobile network based at least in part on the one or more permanent identifiers.
Verma ‘870 teaches a processor configured to: apply application control to network traffic of a Remote UE in the core mobile network based at least in part on one or more permanent identifiers (para. [0111] security platform can extract mobile device identifier information (e.g., IMEI or IMEISV) to perform security based on a security policy. para. [0099] enhanced security in mobile networks for service providers based on location information (e.g., and/or in combination with other DPI and/or NGFW techniques, such as Application-ID. para. [0111] identify an Application-ID to perform security based on a security policy that can be applied based on the mobile device identifier information and Application-ID.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma ‘870’s disclosure of configuring a processor to: apply application control to network traffic of a Remote UE in the core mobile network based at least in part on one or more permanent identifiers. One of ordinary skill in the art would have motivated to do so for benefits of providing enhanced security services and threat detection service by applying security policies based on device identifier and application id (para. [0104]).
Regarding claim 13, Kim does not teach the system recited in claim 1, wherein the processor is further configured to: apply URL filtering to the network traffic of the Remote UE in the core mobile network based at least in part on the one or more permanent identifiers.
Verma ‘870 teaches a processor configured to: apply URL filtering to network traffic of a Remote UE in the core mobile network based at least in part on one or more permanent identifiers (para. [0111] security platform can extract mobile device identifier information (e.g., IMEI or IMEISV) to perform security based on a security policy. para. [0041] apply a security policy using one or more parameters extracted from the GTP-C messages and based on the user session traffic monitored by the security platform during the GTP session (e.g., APP ID, Content ID, URL filtering)). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma ‘870’s disclosure by configuring a processor to: apply URL filtering to network traffic of a Remote UE in the core mobile network based at least in part on one or more permanent identifiers. One of ordinary skill in the art would have motivated to do so for benefits of providing enhanced security service by applying security policies on monitored traffic (para. [0041]).
Regarding claim 19, Kim does not teach the method of claim 15, wherein the security platform is configured to monitor one or more interfaces and to decode one or more of the following protocols in the core mobile network: GPRS Tunneling Protocol (GTP)-C, GTP-U, NAS, HTTP/2, and Next Generation Application Protocol (NGAP).
Verma ‘870 teaches a security platform configured to monitor one or more interfaces and to decode one or more of the following protocols in the core mobile network: GPRS Tunneling Protocol (GTP)-C, GTP-U, NAS, HTTP/2, and Next Generation Application Protocol (NGAP) (claim 1. Security platform monitors wireless interfaces. para. [0041] security platform is configured to monitor the GTP communications between the SGSN and GGSN in the mobile core network (e.g., next generation firewall, which can monitor GTP-U traffic during GTP sessions...) para. [0191] security platform. para. [0192] monitoring traffic… extract RAT information/parameters from GTP-C traffic on the mobile core network). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified Kim with Verma ‘870’s disclosure by implementing a security platform configured to monitor one or more interfaces and to decode one or more of the following protocols in the core mobile network: GTP-C, GTP-U, NAS, HTTP/2, and NGAP. One of ordinary skill in the art would have motivated to do so for benefits of providing enhanced security services by enabling the monitoring of traffic for communications including data associated with tunneling protocols and applying security policies based on an application, PI address, and unique device identifiers (para. [0038]).
Examiner' s Note
The following prior art made of record and not relied upon is considered pertinent to applicant' s disclosure.
Verma et al. US Patent Publication No. 2020/0287871 (“Verma”) teaches applying security enforcement using a security platform based at least in part on one or more permanent identifiers, wherein the one or more permanent identifiers includes one or more of the following: IMSI, IMEI, MSISDN, and/or NAI (para. [0040] disclosed techniques facilitate applying security policies based on…. unique device identifier… IMEI, IMSI. para. [0089] various information/parameters, such as location, hardware identity (e.g., IMEI), subscriber identity (e.g., IMSI). for use in applying a security policy based on this extracted information and/or in combination with packet content inspection performed by the security platform on tunneled user data traffic).
Verma US Patent Publication No. 2021/0243232 (para. [0105] extract information exchanged in the N4 session establishment related messages including various parameters, such as International Mobile Subscription Identity (IMSI), International Mobile Equipment Identifier (IMEI), Mobile Subscriber ISDN (MSISDN), and/or Network Access Identifier (NAI) related information)
Baek et al. US Patent Publication No. 2021/0250843 (para. [0085], [0091] remote UE Info Report message including the information on the remote UE 200, i.e. IP address (or IP address and port information) and User Info of the remote UE 200. The User Info may include at least one of IMSI, MSISDN)
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Joshua Joo whose telephone number is 571 272-3966. The examiner can normally be reached on Monday-Friday 7am-3pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar Louie can be reached on 571 270-1684. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/JOSHUA JOO/Primary Examiner, Art Unit 2445