Detailed Action
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This is the initial office action that has been issued in response to patent application, 18/813,320, filed on 08/23/2024. Claims 1-20, as originally filed, are currently pending and have been considered below. Claim 1, 12, 13 and 20 are independent claim.
Priority
This application is a CON of PCT/CN2022/078411 filed on 02/28/2022.
Drawings
The drawings filed on 08/23/2024 are accepted by the examiner.
Specification
The title of the invention is not descriptive. A new title is required that is clearly indicative of the invention to which the claims are directed.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
The claimed invention is not directed to patent eligible subject matter. Based upon consideration of all of the relevant factors with respect to the claim as a whole, claims 1-20 are determined to be directed to an abstract idea. The rationale for this determination is explained below:
The claims 1-20 are directed to the abstract idea, an idea of itself. The claim 1-20 recite receiving request for an authorization for transmission of sensing data and after successful verification of the authorization certification, the transmission of sensing data is authorized. Limitations in claim herein can be related to different situations like collecting new information and comparing new and stored information. Claim 1 recites receiving request data, comparing the authorization certificate and find out if they match and authorizing transmission of sensing data. Thus all of these concepts relate to comparing new and stored information and using rules to identify option. The steps can also be related to collecting information, analyzing it, and displaying certain results of the collection and analysis (Electric Power Group, LLC v. Alstom S.A. (Fed. Cir. 2016)). The claims do not require the use of a machine and may simply be performed mentally or with a pen and paper. A person can do the calculations and make the decisions without the assistance of a computer. The limitations, under broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components. That is, other than recited memory/processing circuitry, non-transitory medium, nothing in the claim elements precludes the step from practically being performed in the mind (or with a pen and paper). For example, but for the generically claimed hardware language, the steps amount to a user manually reviewing the entitlements of user currently has and using this data to perform a corrective action. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “mental process” grouping of abstract ideas. Therefore the claims are abstract. The machines claimed to implement the abstract idea are merely generic computer components, including the processor, modules, computing system and computer readable medium. There is nothing present in the claims to indicate that these computing elements differ from any standard computer setup that can execute code with instructions as detailed in the claims.
Furthermore, with respect to the claimed details towards implementing security model towards a terminal device, these do not provide a practical application nor significantly more than abstract idea. The security model amounts to automating steps previously performed by a human (where a human can generate prompts e,g. questions related to the entitlements).
Claims can be directed to an abstract idea that stands alone without technical implementation required to execute it to be considered abstract. Even if the steps of collecting data, comparing data, updating data and sending the updated data back are implemented via computer instructions, the step of “a user pressing a button to initiate the process” is directed to a conventional human activity that is irrelevant to the patentable features of the instant claim(s) (mayo v. prometheus). The claims do not recite additional elements that are sufficient to amount to significantly more than the judicial exception because the limitations are merely instructions to implement the abstract idea on a computer and require no more than a generic computer to perform generic computer functions that are well-understood, routine and conventional activities previously known to the industry.
Viewed as a whole, these additional claim elements do not provide meaningful limitations to transform the abstract idea into a patent eligible application of the abstract idea such that the claims amount to significantly more than the abstract idea itself. Therefore, the claims are rejected under 35 U.S.C. 101 as being directed to non-statutory subject matter. See Alice Corporation Pty. Ltd. v. CLS Bank International.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Zhang (US Patent Application Publication No 2021/0165885 A1) in view of Castellanos (International Publication No WO 2018/202284 A1).
Regarding Claim 1, Zhang discloses a method for implementing security, applicable to a terminal device, the method comprising:
receiving first request information, wherein the first request information is configured to request an authorization from the terminal device for transmission of sensing data, and the first request information comprises an authorization certification for a first network element (Zhang, ¶[0006], the first network element obtains a B-TID and the key lifetime to a terminal, so that the terminal performs EAP-based GBA AKA authentication with the first network element. ¶[0008], the first network element generates the B-TID based on a RAND and a BSF server name. ¶[0010], the first network element receives a RES and a MAC that are sent by the terminal and performs verification on the RES and the MAC. If the verification succeeds, the first network element generates a key and sends an EAP success message to the terminal to complete the EAP-based GBA AKA authentication); and
authorizing the transmission of the sensing data in response to a successful verification on the authorization certification (Zhang, ¶[0115]- ¶[0125], EAP server receives the RES and the MAC and performs verification and generates a key if the verification succeeds. The peer receives the EAP success message and GBA AKA authentication is completed).
Zhang does not explicitly teach the following limitation that Castellanos teaches:
transmission of sensing data (Castellanos, page 12, line 30, -35, the UDM downloads the access profile to the AMF. The UDM downloads the access profile to the AMF in an update location response. Page 13, line 5-10, the SMF generates and transmits a service profile request to the UDM)
Zhang in view of Castellanos are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “authorizing access to user data in wireless communication. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Zhang in view of Castellanos to include the idea of authorization of subscription profile management as a result of access authorization to wireless communication (Castellanos, page 2, line 10-15).
Regarding Claim 2, Zhang in view of Castellanos discloses the method according to claim 1, wherein the first request information further comprises a sensing service type, and the method further comprises:
generating verification information based on a sensing service key and the sensing service type (Zhang, ¶[0121], the EAP server performs verification on the RES and the MAC and the EAP server generates a key if the verification succeeds. ¶[0130], Ks is a key generated by an EAP server in an authentication process); and
determining that the authorization certification is verified successfully in a case that the verification information is consistent with the authorization certification (Zhang, ¶[0279]-¶[0281], the EAP server receives the RES and MAC and performs verification and generates a key, a B-TID and a key lifetime if the verification succeeds. The EAP server sends an EAP success message to the authenticator).
Regarding Claim 3, Zhang in view of Castellanos discloses the method according to claim 2, wherein prior to generating the verification information based on the sensing service key and the sensing service type, the method further comprises:
generating the sensing service key based on a first key, wherein the first key is a key shared by the terminal device and the first network element (Zhang, ¶[0105]-¶[0108], the EAP server executes an AKA algorithm to generate a RAND, an AUTN and a MAC and generates a B-TID and a key lifetime. The key lifetime represents a lifetime of subsequently generated key Ks).
Regarding Claim 4, Zhang in view of Castellanos discloses the method according to claim 3, wherein the first network element is a network element in a generic bootstrapping architecture (GBA), and the first key is a network application function (NAF) key Ks_NAF (Zhang, ¶[0159]-¶[0161], the derivation formula may include UE ID, a session ID, an uplink or downlink counter, a sequence number, a nonce. ¶[0351]-¶[0353]); and
generating the sensing service key based on the first key comprises:
generating the sensing service key based on the NAF key Ks_NAF, the sensing service type, and first network parameters, wherein the first network parameters comprise a random number (NONCE) and/or a count value (COUNT) (Zhang, ¶[0159]-¶[0161], the derivation formula may include UE ID, a session ID, an uplink or downlink counter, a sequence number, a nonce. ¶[0351]-¶[0353]).
Regarding Claim 5, Zhang in view of Castellanos the method according to claim 3, wherein the first network element is a network element in an authentication and key management for applications (AKMA) architecture, and the first key is an application function (AF) key KAF; and
generating the sensing service key based on the first key comprises: generating the sensing service key based on the AF key KAF, the sensing service type, AKMA key identification information, and second network parameters, wherein the second network parameters comprise a random number (NONCE) and/or a count value (COUNT) (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE).
Regarding Claim 6, Zhang in view of Castellanos discloses the method according to claim 4, wherein generating the sensing service key based on the first key comprises:
generating the sensing service key based on the first key in a case that the terminal device supports the sensing service type (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE).
Regarding Claim 7, Zhang in view of Castellanos discloses the method according to claim 3, wherein the first network element is a network element in an authentication and key agreement (AKA) architecture or an extensible authentication protocol-authentication and key agreement (EAP-AKA) architecture, and the first key is an access and mobility management function (AMF) key KAMF or a security anchor function (SEAF) key KSEAF (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE); and
generating the sensing service key based on the first key comprises:
generating the sensing service key based on the AMF key KAMF, the sensing service type, and third network parameters (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE); or
generating the sensing service key based on the SEAF key KSEAF, the sensing service type, and third network parameters; wherein the third network parameters comprise a random number (NONCE) and/or a count value (COUNT) (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE).
Regarding Claim 8, Zhang in view of Castellanos discloses the method according to claim 7, wherein
generating the sensing service key based on the AMF key KAMF, the sensing service type, and the third network parameters comprises:
generating a first immediate key KAMF' based on the AMF key KAMF (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE);
and
generating the sensing service key based on the first immediate key KAMF', the sensing service type, and the third network parameters (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE); and
generating the sensing service key based on the SEAF key KSEAF, the sensing service type, and the third network parameters comprises:
generating a second immediate key KSEAF' based on the SEAF key KSEAF; and generating the sensing service key based on the second immediate key KSEAF', the sensing service type, and the third network parameters (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE).
Regarding Claim 9, Zhang in view of Castellanos discloses the method according to claim 7, wherein
prior to generating the sensing service key based on the first key, the method further comprises:
receiving second request information, wherein the second request information is configured to request the sensing service key (Zhang, ¶[0006], the first network element obtains a B-TID and the key lifetime to a terminal, so that the terminal performs EAP-based GBA AKA authentication with the first network element. ¶[0008], the first network element generates the B-TID based on a RAND and a BSF server name. ¶[0010], the first network element receives a RES and a MAC that are sent by the terminal and performs verification on the RES and the MAC. If the verification succeeds, the first network element generates a key and sends an EAP success message to the terminal to complete the EAP-based GBA AKA authentication); and
upon generating the sensing service key based on the first key, the method further comprises:
confirmation information to a second network element, wherein the confirmation information is configured to instruct the second network element to transmit the sensing service key to the first network element (Zhang, ¶[0006], the first network element obtains a B-TID and the key lifetime to a terminal, so that the terminal performs EAP-based GBA AKA authentication with the first network element. ¶[0008], the first network element generates the B-TID based on a RAND and a BSF server name. ¶[0010], the first network element receives a RES and a MAC that are sent by the terminal and performs verification on the RES and the MAC. If the verification succeeds, the first network element generates a key and sends an EAP success message to the terminal to complete the EAP-based GBA AKA authentication).
Regarding Claim 10, Zhang in view of Castellanos discloses the method according to claim 9, wherein the confirmation information further comprises a verification parameter, wherein the verification parameter is configured for the second network element to verify the sensing service type (Zhang, ¶[0115]- ¶[0125], EAP server receives the RES and the MAC and performs verification and generates a key if the verification succeeds. The peer receives the EAP success message and GBA AKA authentication is completed).
Regarding Claim 11, Zhang in view of Castellanos discloses the method according to claim 1, wherein the first request information comprises a sensing service type, and the method further comprises:
transmitting sensing data matched with the sensing service type to a third network element, wherein integrity protection and/or encryption of the first request information and/or the sensing data is performed based on a sensing service key (Zhang, ¶[0115]- ¶[0125], EAP server receives the RES and the MAC and performs verification and generates a key if the verification succeeds. The peer receives the EAP success message and GBA AKA authentication is completed).
Regarding Claim 12, Zhang discloses a terminal device, comprising: a processor and a memory storing one or more computer programs, wherein the processor, when loading and running the one or more computer programs in the memory, is caused to perform:
receiving first request information, wherein the first request information is configured to request an authorization from the terminal device for transmission of sensing data, and the first request information comprises an authorization certification for a first network element (Zhang, ¶[0006], the first network element obtains a B-TID and the key lifetime to a terminal, so that the terminal performs EAP-based GBA AKA authentication with the first network element. ¶[0008], the first network element generates the B-TID based on a RAND and a BSF server name. ¶[0010], the first network element receives a RES and a MAC that are sent by the terminal and performs verification on the RES and the MAC. If the verification succeeds, the first network element generates a key and sends an EAP success message to the terminal to complete the EAP-based GBA AKA authentication); and
authorizing the transmission of the sensing data in response to a successful verification on the authorization certification (Zhang, ¶[0115]- ¶[0125], EAP server receives the RES and the MAC and performs verification and generates a key if the verification succeeds. The peer receives the EAP success message and GBA AKA authentication is completed).
Zhang does not explicitly teach the following limitation that Castellanos teaches:
transmission of sensing data (Castellanos, page 12, line 30, -35, the UDM downloads the access profile to the AMF. The UDM downloads the access profile to the AMF in an update location response. Page 13, line 5-10, the SMF generates and transmits a service profile request to the UDM)
Zhang in view of Castellanos are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “authorizing access to user data in wireless communication. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Zhang in view of Castellanos to include the idea of authorization of subscription profile management as a result of access authorization to wireless communication (Castellanos, page 2, line 10-15).
Regarding Claim 13, Zhang discloses a first network element, comprising: a processor and a memory storing one or more computer programs, wherein the processor, when loading and running the one or more computer programs in the memory, is caused to perform:
transmitting first request information, wherein the first request information is configured to request an authorization from a terminal device for transmission of sensing data (Zhang, ¶[0006], the first network element obtains a B-TID and the key lifetime to a terminal, so that the terminal performs EAP-based GBA AKA authentication with the first network element. ¶[0008], the first network element generates the B-TID based on a RAND and a BSF server name. ¶[0010], the first network element receives a RES and a MAC that are sent by the terminal and performs verification on the RES and the MAC. If the verification succeeds, the first network element generates a key and sends an EAP success message to the terminal to complete the EAP-based GBA AKA authentication), and
the first request information comprises an authorization certification for the first network element, wherein the authorization certification is configured for the terminal device to verify an authorization of the first network element (Zhang, ¶[0115]- ¶[0125], EAP server receives the RES and the MAC and performs verification and generates a key if the verification succeeds. The peer receives the EAP success message and GBA AKA authentication is completed).
Zhang does not explicitly teach the following limitation that Castellanos teaches:
transmission of sensing data (Castellanos, page 12, line 30, -35, the UDM downloads the access profile to the AMF. The UDM downloads the access profile to the AMF in an update location response. Page 13, line 5-10, the SMF generates and transmits a service profile request to the UDM)
Zhang in view of Castellanos are analogous art because they are from the “same field of endeavor” and are from the same “problem solving area”. Namely, they pertain to the field of “authorizing access to user data in wireless communication. It would have been obvious to a person of ordinary skill in the art before the effective filing date of the invention to modify the invention of Zhang in view of Castellanos to include the idea of authorization of subscription profile management as a result of access authorization to wireless communication (Castellanos, page 2, line 10-15).
Regarding Claim 14, Zhang in view of Castellanos discloses the first network element according to claim 13, wherein the processor, when loading and running the one or more computer programs in the memory, is further caused to perform:
generating the authorization certification based on a sensing service type and a sensing service key (Zhang, ¶[0121], the EAP server performs verification on the RES and the MAC and the EAP server generates a key if the verification succeeds. ¶[0130], Ks is a key generated by an EAP server in an authentication process).
Regarding Claim 15, Zhang in view of Castellanos discloses the first network element according to claim 14, wherein the sensing service key is generated based a first key, wherein the first key is a key shared by the terminal device and the first network element (Zhang, ¶[0105]-¶[0108], the EAP server executes an AKA algorithm to generate a RAND, an AUTN and a MAC and generates a B-TID and a key lifetime. The key lifetime represents a lifetime of subsequently generated key Ks).
Regarding Claim 16, Zhang in view of Castellanos discloses the first network element according to claim 13, wherein the first network element is a network element in a generic bootstrapping architecture (GBA), and the first key is a network application function (NAF) key Ks_NAF; and
the processor, when loading and running the one or more computer programs in the memory, is further caused to perform:
generating the sensing service key based on the NAF key Ks_NAF, the sensing service type, and first network parameters, wherein the first network parameters comprise a random number (NONCE) and/or a count value (COUNT) (Zhang, ¶[0159]-¶[0161], the derivation formula may include UE ID, a session ID, an uplink or downlink counter, a sequence number, a nonce. ¶[0351]-¶[0353]).
Regarding Claim 17, Zhang in view of Castellanos discloses the first network element according to claim 15, wherein the first network element is a network element in an authentication and key management for applications (AKMA) architecture, and the first key is an application function (AF) key KAF; and
the processor, when loading and running the one or more computer programs in the memory, is further caused to perform:
generating the sensing service key based on the AF key KAF, the sensing service type, AKMA key identification information, and second network parameters, wherein the second network parameters comprise a random number (NONCE) and/or a count value (COUNT) (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE).
Regarding Claim 18, Zhang in view of Castellanos discloses the first network element according to claim 15, wherein the first network element is a network element in an authentication and key agreement (AKA) architecture or an extensible authentication protocol-authentication and key agreement (EAP-AKA) architecture, and the first key is an access and mobility management function (AMF) key KAMF or a security anchor function (SEAF) key KSEAF; and
the processor, when loading and running the one or more computer programs in the memory, is further caused to perform:
transmitting second request information to a second network element, wherein the second request information is configured to request the sensing service key, the sensing service key being generated by the second network element based on the AMF key KAMF or the SEAF key KSEAF (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE); and
receiving the sensing service key from the second network element (Zhang, ¶[0138], if the foregoing parameters are owned by the EAP server, the parameters need to sent to the peer for example, the session ID, the EAP server ID, the authenticator ID, the uplink or downlink counter, the sequence number or the nonce. ¶[0351], if the nonce is a parameter selected by an authenticator, the authenticator needs to send the nonce to the UE).
Regarding Claim 19, Zhang in view of Castellanos discloses the first network element according to claim 13, wherein integrity protection and/or encryption the first request information is performed based on a sensing service key (Zhang, ¶[0115]- ¶[0125], EAP server receives the RES and the MAC and performs verification and generates a key if the verification succeeds. The peer receives the EAP success message and GBA AKA authentication is completed).
Regarding Claim 20, Zhang in view of Castellanos discloses a chip, comprising: a processor, wherein the processor, when loading and running one or more computer programs in a memory, causes a device equipped with the chip to perform the method as defined in claim 1 (see claim mapping of claim 1).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure (see PTO-Form 892).
Any inquiry concerning this communication or earlier communications from the examiner should be directed to WASIKA NIPA whose telephone number is (571)272-8923. The examiner can normally be reached on M-F, 8 am to 5 pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on 571-272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/WASIKA NIPA/ Primary Examiner, Art Unit 2433