DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Amendments
This is a Final office action in response to applicant’s amendment filed on 3/27/2026.
Claims 1-2, 5, 15, 19 are amended. Claim 16 is cancelled. Claims 1-15, 17-20 are pending and considered.
The objections to claims 1, 5-6, 12-15, 18-20 due to informalities has been withdrawn in light of applicant’s amendment to the claims.
The rejections of claims 7-8 under 35 USC 112(b) as being indefinite has been withdrawn in light of applicant’s amendment to the claim 1.
Response to Arguments
Applicant’s argument, see page 11-12 of the Remarks filed 3/27/2026 with respect to claims rejected under 35 USC 102 over prior arts of record has been fully considered and are persuasive in view of applicant’s amendment to the claims 1, 15 respectively. Therefore, the rejection of claims under 35 USC 102 has been withdrawn.
However, upon updated search, prior arts, e.g., Katmor is found to teach the amended limitation(s). Examiner asserts combination of Lehtovirta and Katmor teaches all limitations recited in the amended independent claims. See the updated Claim Rejections under 35 USC 103 below.
Applicant is encouraged to include innovative features into the independent claims to advance the case.
Examiner Notes
Examiner cites particular paragraphs, columns and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirety as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-12, 15-20 are rejected under 35 U.S.C. 103 as being unpatentable over Lehtovirta et al (US20220394473A1, hereinafter, “Lehtovirta”), in view of Katmor et al (US20220210173A1, hereinafter, “Katmor”).
Regarding claim 1, similarly claim 15, Lehtovirta teaches:
An apparatus for performing a first network function (NF), A method of performing a first network function (NF) (Lehtovirta, discloses method performed by a network equipment of a communication network to dynamically provide trust information to a communication device registered or being registered to the communication network, see [Abstract]), the apparatus/method comprising: at least one memory; and at least one processor (Fig. 9, Processor and Memory) coupled with the at least one memory and configured to cause the apparatus to:
receive a first request message from a second NF, wherein the first request message comprises a trust service subscription request message corresponding to a trust service subscription, wherein the second NF comprises a trust service consumer function (Refer to Fig. 4, and [0066] 1) The UE (i.e., second NF) initiates (block 401) registration by sending Registration Request message to the VPLMN AMF. Further see [0067-0070], in particular, [0070] 7) The UDM decides (407) to send the Trust Information with Steering Information, and obtains the Steering Information list as described in TS 23.122 v.16.3.0. The UDM associates a Trust Information to each PLMN/access technology combination. This Trust Information indicates whether a PLMN/access technology combination is considered trusted. Examiner notes, Lehtovirta’s registration request message (i.e., first request message) can be interpreted as trust service subscription request message. Examiner further notes, since UE receives the trust information from UDM, therefore UE comprises a trust service consumer function. In addition, the claim does not define what the trust service consumer function is);
collect inference data [comprising security event data] (Refer to Fig. 11, [0167] FIG. 11 is a block diagram illustrating further operations of network equipment (900) for determining (1001) the trust information for each of the one or more access networks. In block 1101, the processing circuitry 903 obtains (1101) a list of the one or more access networks. In block 1103, the processing circuitry 903 associates (1103) the trust information to each of the one or more of the access networks in the list of the one or more access networks resulting in a trust information list (i.e., inference data). In block 1103, the processing circuitry 903 protects (1105) the trust information list with a key shared with the communication device to obtain a protected trust information list); (see Katmor below for teaching of limitation in bracket)
perform a trust evaluation service corresponding to the trust service subscription to produce trust evaluation data, wherein the trust evaluation service is performed based at least in part on the collected inference data ([0163] FIG. 10 is a flow chart illustrating a method performed by a network equipment (900) of a communication network to dynamically provide trust information to a communication device (800). In block 1001, the processing circuitry 903 may determine (1001) a trust information for each of one or more access networks. The trust information indicates whether each of the one or more access networks is trusted);
and transmit a first response message to the second NF, wherein the first response message comprises information corresponding to the trust evaluation data (Refer to Fig. 7, at 705, and [0129] 5. The UDM obtains (block 705) the Trust Information related to the PLMN/access technology combination where authentication was performed and associates the trust info to the PLMN/ access technology combination. This Trust Information indicates whether a PLMN/access technology combination is considered trusted. And [0130] 6. The UDM protects the Trust info and sends (i.e., transmit) it to the UE… And [0163] In block 1003, the processing circuitry 903 may indicate (1003) to the communication device (800) whether the one or more access networks is trusted for a current session or a later session);
While Lehtovirta teaches the main concept of the claimed invention as shown above, but does not specifically teach the following, in the same field of endeavor Katmor teaches:
[collect inference data] comprising security event data (Katmor, discloses systems and methods for enabling context-aware zero-trust network access using security posture insights, see [Abstract]. And e.g., [0036] For example, the system 106 (i.e., first NF) may collect security posture information through endpoint agents (e.g., endpoint agent 110a, endpoint agent 110b, and endpoint agent 110n) running on client devices, network devices, and protected resources);
and a trust evaluation and enabler service function and/or framework (TESF) comprising a security related events collecting entity (Refer to Fig. 3, Continuous Trust Evaluation 308, enable adaptive access control 310, and enable context-aware access control 312 (i.e., TESF). And [0049] a ZTNA system 302 (representing a non-limiting example of systems 106 and 202) (i.e., the first NF) may implement an identity-based schema 304, provide resource security access 306, perform continuous trust evaluation 308, enable adaptive access control 310, and enable context-aware access control 312).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Katmor in the dynamically providing trust information to a communication device of Lehtovirta by implementing Zero-Trust Network Access System using security posture insights. This would have been obvious because the person having ordinary skill in the art would have been motivated to determine to grant access request based on context-aware zero-trust network access and security posture information (Katmor, [Abstract]).
Regarding claim 2, Lehtovirta-Katmor combination teaches the apparatus of claim 1,
Lehtovirta further teaches: wherein the apparatus comprises a security monitoring and evaluation function ([0165] the network equipment (900) is: (1) a unified data management, UDM, equipment, (2) an authentication server function, AUSF, equipment, … [0166] the network equipment (900) is: (1) a security anchor function, SEAF, equipment, (2) an access management function, AMF, equipment), network data analytics function, or a combination thereof ([0106] 1) The UDM decides (block 601) to perform the UE Parameters Update (UPU) using the control plane procedure while the UE is registered to the 5G system. If the final consumer of any of the UE parameters to be updated (e.g., the updated Routing ID Data) is the USIM, the UDM shall protect these parameters using a secured packet mechanism (see 3GPP TS 31.115 v.15.0.0) to update the parameters stored on the USIM).
Regarding claim 3, similarly claim 17, Lehtovirta-Katmor combination teaches the apparatus of claim 1, the method of claim 15,
Lehtovirta further teaches: wherein the first request message further comprises trust service consumer information, evaluation target information, or a combination thereof (Fig. 4 at 401-402, UE initiates (block 401) registration and authentication of UE suggests the trust service consumer information).
Regarding claim 4, similarly claim 18, Lehtovirta-Katmor combination teaches the apparatus of claim 3, the method of claim 17,
Lehtovirta further teaches: wherein the trust service consumer information comprises a NF identifier (ID), an NF type, an NF fingerprint, a container fingerprint, an NF software configuration, release information, or a combination thereof (Fig. 4 at 401-402, UE initiates (block 401) registration and authentication of UE suggests the trust service consumer information and in this case UE’s identifier is the trust service consumer information. It is well known in the arts that authentication of the UE requires UE’s identifier).
Regarding claim 5, similarly claim 19, Lehtovirta-Katmor combination teaches the apparatus of claim 3, the method of claim 17,
Lehtovirta further teaches: wherein the first request message further comprises a list of trust service related service codes, configuration issue information, an attack alert, a threat alert, a malfunction alert, an overload alert, a flooding alert, a critical location alert, software issue information, a target of trust service reporting, the evaluation target information, a notification of a target address, a subscription correlation identifier, a trust service target period, a reporting mode, a trust level specific cause code required indication, or a combination thereof ([0066] 1) The UE initiates (block 401) registration by sending Registration Request message to the VPLMN AMF. And [0067] As part of the registration procedure, the VPLMN AMF executes (block 402) primary authentication of the UE and then initiates (block 403) the non-access stratum (NAS) security mode command (SMC) procedure (i.e., trust service related service codes)).
Regarding claim 6, similarly claim 20, Lehtovirta-Katmor combination teaches the apparatus of claim 5, the method of claim 19,
Lehtovirta further teaches: wherein the evaluation target information comprises a user equipment (UE) ID, a NF ID having NF type information, an application function (AF) ID having AF information, or a combination thereof (Fig. 4 at 401-402, UE initiates (block 401) registration and authentication of UE suggests the evaluation target information and in this case UE’s identifier is the UE ID. It is well known in the arts that authentication of the UE requires UE’s identifier).
Regarding claim 7, Lehtovirta-Katmor combination teaches the apparatus of claim 1,
Lehtovirta further teaches: wherein the inference data comprises: data from evaluation targets, a malformed message, a signed NF information, a container image, a package, NF deployed location and platform information, a software configuration information change alert, a malicious activity alert, malicious behavior information, a trigger and/or alert related to an unintended configuration and/or an operational change, a message exceeding a configured limit per time instance, repeated authentication failure information, a network generated location mismatch, a UE generated location mismatch, radio resource control (RRC) overflow information related to any UE ID, non-access stratum (NAS) overflow information related to any UE ID, malicious subscription data request overflow for any UE ID at a unified data management (UDM), malicious traffic information for local user plane functions (UPFs) from the UE, malicious signaling to the local UPFs from a radio access network (RAN), or a combination thereof (e.g., [0137] properties of the access node are: [0138] type of access node (e.g., WLAN, Bluetooth, Zigbee, trusted non-3GPP access point (TNAP), Laser, optical fiber, copper cable, etc.); [0139] type of radio access technology (e.g., narrowband internet of things (NB-IOT), long term evolution for machines (LTE-M), new radio (NR), etc.); [0140] location of the access node (e.g., cinema hall, latitude, longitude, altitude, behind concrete wall, etc.) (i.e., data from evaluation targets)).
Regarding claim 8, Lehtovirta-Katmor combination teaches the apparatus of claim 1,
Lehtovirta further teaches: wherein the inference data is collected from evaluation targets using another NF or a management function (e.g., [0145] properties of the access node are determined based on information obtained from VPLMN/serving public land mobile network (SPLMN) or from HPLMN or from external source (e.g., 3rd party file)).
Regarding claim 9, Lehtovirta-Katmor combination teaches the apparatus of claim 1,
Lehtovirta further teaches: wherein the at least one processor is configured to cause the apparatus to receive a second request message from the second NF, and the second request message comprises a trust evaluation request message corresponding to the trust service subscription (Lehtovirta teaches the first request message from the second NF as shown in claim 1, therefore, similarly teaches the second request message from the second NF).
Regarding claim 10, Lehtovirta-Katmor combination teaches the apparatus of claim 1,
Lehtovirta further teaches: wherein the at least one processor is configured to cause the apparatus to receive a third request message from the second NF, and the third request message comprises a trust service unsubscription request message corresponding to the trust service subscription (Lehtovirta teaches receive the first request message from the second NF as shown in claim 1, similarly can teaches receive the third request message from the second NF. Examiner notes it is well known in the arts that unsubscription is opposite to subscription and the claim does not further positively recite the unsubscription).
Regarding claim 11, Lehtovirta-Katmor combination teaches the apparatus of claim 1,
Lehtovirta further teaches: wherein the first response message further comprises trust information, a root cause code, a recommended action to ensure seamless network service, or a combination thereof (e.g., Fig. 10, and [0163] The trust information (i.e., response message comprises trust information) indicates whether each of the one or more access networks is trusted. In block 1003, the processing circuitry 903 may indicate (1003) to the communication device (800) whether the one or more access networks is trusted for a current session or a later session).
Regarding claim 12, Lehtovirta-Katmor combination teaches the apparatus of claim 11,
Lehtovirta further teaches: wherein the trust information comprises values to represent a security state of an evaluation target NF, values to represent a reliability of the evaluation target NF, values to represent a trust worthiness of the evaluation target NF, or a combination thereof ([0171] ... transmitting the trust information list to an authentication server function, AUSF, and receiving a protected trust information list from the AUSF or a message authentication code, MAC, value for the protected trust information list).
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over Lehtovirta-Katmor as applied above to claim 11, further in view of Hariri et al (US20210367958A1, hereinafter, “Hariri”).
Regarding claim 13, Lehtovirta-Katmor combination teaches the apparatus of claim 11,
The combination of Lehtovirta-Katmor does not specifically teach, in the same field of endeavor Hariri teaches:
wherein the root cause code comprises a code corresponding to: man-in-the middle attack, denial of service (DoS) attack, distributed DoS (DDoS) attack, an injection attack, a flooding attack on a service based interface (SBI), a flooding attack on a security edge protection proxy (SEPP), a NF hijack, a NF compromise, internet protocol (IP) spoofing, a protocol or implementation flaw, an NF deployment location, a security threat, or a combination thereof (Hariri, discloses system and method of autonomic incident response system for securing a cyber system against known and unknown attacks, see [Abstract]. And [0007] The principal object of the present invention is therefore directed to providing an autonomic incident response to detected attacks and shows the current state, the root cause of the detected attacks, and explain the effectiveness of the suggested responses (i.e., root cause code)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Hariri in the dynamically providing trust information to a communication device of Lehtovirta-Katmor by providing incident responses system for providing an autonomic incident response with the root cause of the detected attacks. This would have been obvious because the person having ordinary skill in the art would have been motivated to provide an autonomic incident response to detected attacks (Hariri, [Abstract], [0007]).
Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Lehtovirta-Katmor as applied above to claim 11, further in view of Carroll et al (US20150150090A1, hereinafter, “Carroll”).
Regarding claim 14, Lehtovirta-Katmor combination teaches the apparatus of claim 11,
The combination of Lehtovirta-Katmor does not specifically teach, in the same field of endeavor Carroll teaches:
wherein the recommended action comprises information indicating: network slice selection enforcement based on a trust value, a network slice selection assistance information (NSSAI) configuration with a required trust value, security context sharing and/or usage policy enforcement information, a trigger for network slice reselection, an update to maintain a trust value per network slice within a time window, UE context sharing restrictions among NFs, service based interface (SBI) connection information, a trigger UE de-registration with a re-registration indication to a slice, a trigger radio resource control (RRC) connection release and assign back-off timer, to terminate a malicious relay node and/or reselect a relay node, a network triggered access and mobility management function (AMF) reallocation, a network triggered RAN reallocation, or a combination thereof (Carroll, discloses system and method for identity and reputation scores, see [Abstract]. And [0051] In some embodiments, the card 250 may include information or hints for how the user can improve their trust score 252… gamification techniques can be used to prompt users to improve their trust score. And [Claim 6] providing information to the user on how to improve their trust score, the information recommending that the user perform actions including providing a valid email address, linking an electronic signature service account associated with the user with a social network account associated with the user …; and in response to the user performing one of the recommended actions, increasing the user's trust score).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have employed the teachings of Carroll in the dynamically providing trust information to a communication device of Lehtovirta-Katmor by providing information to the user on how to improve their trust score. This would have been obvious because the person having ordinary skill in the art would have been motivated to use the trust score to recommend authentication mechanisms for user to electronic signature transactions (Carroll, [Abstract]).
Citation of References
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The following references are cited but not been replied upon for this office action:
Ullah et al (US20230308440A1) discloses methods and apparatus for establishing enhanced secure communication between two Network Entities.
Movva et al (US8015408B2) discloses method and system for performing trust evaluation for a mobile software agent on a trusted computing platform.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is
reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL M LEE whose telephone number is (571)272-1975. The examiner can normally be reached on M-F: 8:30AM - 5:30PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MICHAEL M LEE/Primary Examiner, Art Unit 2436
Prosecution Insights