Office Action Predictor
Last updated: April 16, 2026
Application No. 18/849,466

CPU AND METHOD ASSOCIATED WITH A SECURITY ASSOCIATION

Non-Final OA §103
Filed
Sep 20, 2024
Examiner
BROWN, CHRISTOPHER J
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
Telefonaktiebolaget Lm Ericsson (PUBL)
OA Round
1 (Non-Final)
75%
Grant Probability
Favorable
1-2
OA Rounds
3y 5m
To Grant
99%
With Interview

Examiner Intelligence

Grants 75% — above average
75%
Career Allow Rate
533 granted / 707 resolved
+17.4% vs TC avg
Strong +24% interview lift
Without
With
+24.4%
Interview Lift
resolved cases with interview
Typical timeline
3y 5m
Avg Prosecution
36 currently pending
Career history
743
Total Applications
across all art units

Statute-Specific Performance

§101
12.7%
-27.3% vs TC avg
§103
54.6%
+14.6% vs TC avg
§102
10.4%
-29.6% vs TC avg
§112
11.1%
-28.9% vs TC avg
Black line = Tech Center average estimate • Based on career data from 707 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claim(s) 1-10, 30-38, 60 is/are rejected under 35 U.S.C. 103 as being unpatentable over Khanna US 2009/0158417 in view of Liedes US 2019/297533. As per claim 1, (Currently Amended) Khanna teaches A method associated with a Security Association (SA) performed by a Central Processing Unit(CPU), comprising multiple cores, the method comprising: [0019][0048] (SA using multiple cores) Khanna teaches replacing an anti-replay window for the SA with at least two sub anti-replay windows wherein each of the sub anti-replay windows is assigned a sub anti-replay window identifier; receiving a first packet and a second packet, each of the first packet and the second packet comprising an integrity protected part; [0019][0021][0027][0031][0032][0040]-[0046] (teaches separating the anti-replay into separate windows on per DSCP basis, resulting in multiple anti-replay windows; teaches the DSCP anti-replay windows are subsets of a global anti-replay window, teaches authentication of packets) Khanna teaches performing a lookup for a respective sub anti-replay window, using the derived sub anti-replay window identifier, for each of the first packet and the second packet against the sub anti-replay window identifier of each of the sub anti-replay windows; [0019][0041] (identifies DSCP header and anti-replay window to lookup the window parameters) Khanna teaches distributing each of the first packet and the second packet, using the derived sub anti-replay identifier, to a sub anti-replay window of the sub anti-replay windows; and performing a service, wherein the service uses the derived sub anti-replay window identifiers for each of the first packet and the second packet accept the first packet and reject the second packet if a sequence number of the first packet and the second packet are same; and accept the first packet and the second packet if a sequence number of the first packet and the second packet are different. [0037][0039] (teaches if the sequence numbers are stored and if a second packet sequence matches a first sequence packet number then the packet is discarded) [0040]-[0046] (teaches identification of a DSCP anti-replay window and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers) Khanna teaches authentication but does not explicitly teach packet hash integrity. Liedes teaches computing a hash value for each of the first packet and the second packet, wherein each of the hash value is based on an integrity protected part of the first packet and the second packet, respectively, to produce a derived sub anti-replay window identifier for each of the first packet and the second packet; [0006][0049][0087][0091] (teaches ESP protocol which inherently involves a hash for integrity check, teaches using ESP identifier as SPI) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Liedes with the prior art because it provides an additional security check that the integrity of the data is intact. As per claim 2, (Original) the method of claim 1, Khanna teaches wherein the service is an anti-replay service. [0004][0019] Liedes teaches wherein the service is an anti-replay service. [0004][0006][0048] (teaches anti-replay service and processing packets) As per claim 3, (Currently Amended) the method of claim 1, Khanna fails to teach the following limitations. Liedes teaches receiving the first packet and the second packet, one each at two of the multiple cores. [0058]-[0060] [0065]-[0072] (teaches parallel processing of packets in a replay window where the packets are distributed to different cores) As per claim 4, (Currently Amended) the method of claim 1, Khanna fails to teach the following limitations. Liedes teaches receiving the first packet and the second packet at one of the multiple cores. [0058]-[0060] [0065]-[0072] (teaches parallel processing of packets in a replay window where the packets are distributed to different cores) As per claim 5, (Currently Amended) the method of claim 1, Khanna teaches wherein a number of sub anti-replay windows is less than or equal to 2^[length of data bits]. [0030] Figure 2 (teaches a global anti-replay window, and a plurality of sub-windows that are less than a certain number of bits by design choice) As per claim 6, (Currently Amended) the method of claim 1, Khanna teaches distributing, using the derived sub anti-replay identifier, the first packet and the second packet to a same sub anti-replay window if the sequence number of the first packet and the sequence number of the second packet are equal. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) As per claim 7, (Currently Amended) the method of claim 1, Khanna teaches receiving a third packet comprising an integrity protected part, and distributing, using the derived sub anti-replay identifier, the third packet to a same sub anti-replay window as the first packet if sequence number of the third packet is same as the sequence number of the first packet. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) As per claim 8, (Currently Amended) the method of claim 1 Khanna teaches receiving a third packet comprising an integrity protected part and distributing, using the derived sub anti-replay identifier, the third packet to a same sub anti-replay window as the second packet if sequence number of the third packet is same as the sequence number of the second packet. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) As per claim 9, (Currently Amended) the method of claim 1 distributing, Khanna teaches using the derived sub anti-replay identifier, the first packet and the second packet to different sub anti-replay windows if the sequence number of the first packet and the second packet are different. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) As per claim 10, (Currently Amended) the method of claim 1, Khanna teaches discarding the second packet if the sequence number of the first packet is greater than or equal to the sequence number of the second packet; or discarding the second packet if the sequence number of the first packet is lesser than or equal to the sequence number of the second packet. [0037][0039] (teaches if the sequence numbers are stored and if a second packet sequence matches a first sequence packet number then the packet is discarded) 11-29. (Cancelled) As per claim 30. (Currently Amended) Khanna teaches A Central Processing Unit (CPU) comprising multiple cores, the CPU configured to: [0019][0048] (SA using multiple cores) Khanna teaches replace an anti-replay window for a Security Association (SA) with at least two sub anti-replay windows wherein each of the sub anti-replay windows is assigned a sub anti-replay window identifier; receive a first packet and a second packet, each of the first packet and the second packet comprising an integrity protected part; [0019][0021][0027][0031] [0032][0040]-[0046] (teaches separating the anti-replay into separate windows on per DSCP basis, resulting in multiple anti-replay windows; teaches the DSCP anti-replay windows are subsets of a global anti-replay window, teaches authentication of packets) Khanna teaches perform a lookup for a respective sub anti-replay window, using the derived sub anti- replay window identifier, for each of the first packet and the second packet against the sub anti-replay window identifier of each of the sub anti-replay windows; [0019][0041] (identifies DSCP header and anti-replay window to lookup the window parameters) Khanna teaches distribute each of the first packet and the second packet, using the derived sub anti-replay identifier, to a sub anti-replay window of the sub anti-replay windows; and perform a service, wherein the service uses the derived sub anti-replay window identifiers for each of the first packet and the second packet to; accept the first packet and reject the second packet if a sequence number of the second first packet and the first second packet are the same; and accept the first packet and the second packet if a sequence number of the first packet and the second packet are different. [0037][0039] (teaches if the sequence numbers are stored and if a second packet sequence matches a first sequence packet number then the packet is discarded) [0040]-[0046] (teaches identification of a DSCP anti-replay window and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers) Khanna teaches authentication but does not explicitly teach packet hash integrity. Liedes teaches compute a hash value for each of the first packet and the second packet, wherein each of the hash value is based on an integrity protected part of the first packet and the second packet, respectively, to produce a derived sub anti-replay window identifier for each of the first packet and the second packet; [0006][0049][0087][0091] (teaches ESP protocol which inherently involves a hash for integrity check, teaches using ESP identifier as SPI) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Liedes with the prior art because it provides an additional security check that the integrity of the data is intact. As per claim 31. (Original) The CPU of claim 30, Khanna teaches wherein the service is an anti-replay service. [0004][0019] Liedes teaches wherein the service is an anti-replay service. [0004][0006][0048] (teaches anti-replay service and processing packets) As per claim 32. (Currently Amended) the CPU of claim 30, Khanna fails to teach the following limitations. Liedes teaches further to receive the first packet and the second packet, one each at two of the multiple cores. [0058]-[0060] [0065]-[0072] (teaches parallel processing of packets in a replay window where the packets are distributed to different cores) As per claim 33. (Currently Amended) The CPU claim 30, Khanna fails to teach the following limitations. Liedes teaches further to receive the first packet and the second packet at one of the multiple cores. [0058]-[0060] [0065]-[0072] (teaches parallel processing of packets in a replay window where the packets are distributed to different cores) As per claim 34. (Currently Amended) The CPU of claim 30, Khanna teaches wherein a number of sub anti-replay windows is less than or equal to 2^[length of data bits]. [0030] Figure 2 (teaches a global anti-replay window, and a plurality of sub-windows that are less than a certain number of bits by design choice) As per claim 35. (Currently Amended) The CPU of claim 30, Khanna teaches further to distribute, using the derived sub anti-replay identifier, the first packet and the second packet to a same sub anti-replay window if the sequence number of the first packet and the sequence number of the second packet are same. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) As per claim 36. (Currently Amended) The CPU of claim 30, Khanna teaches further to receive a third packet comprising an integrity protected part and distributing, using the derived sub anti-replay identifier, the third packet to a same sub anti-replay window as the first packet if sequence number of the third packet is same as the sequence number of the first packet. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) As per claim 37. (Currently Amended) The CPU of claim 30, Khanna teaches further to receive a third packet comprising an integrity protected part and distributing, using the derived sub anti-replay identifier, the third packet to a same sub anti-replay window as the second packet if sequence number of the third packet is same as the sequence number of the second packet. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) As per claim 38. (Currently Amended) The CPU of claim 30, Khanna teaches further to distribute, using the derived sub anti-replay identifier, the first packet and the second packet to different sub anti-replay windows if the sequence number of the first packet and the second packet are different. [0039]-[0046] (teaches identification of a DSCP anti-replay window, directing, packets to that window, and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers, direction of the packets to the anti-replay windows is not subject to sequence numbering) 39-59. (Cancelled) As per claim 60. (Currently Amended) Khanna teaches A non-transitory computer readable storage medium having thereon a computer program comprising instructions which, when executed on a Central Processing Unit (CPU) with multiple cores, [0019][0048] (SA using multiple cores) Khanna teaches perform operations comprising: replacing an anti-replay window for a Security Association (SA) with at least two sub anti-replay windows wherein each of the sub anti-replay windows is assigned a sub anti-replay window identifier; receiving a first packet and a second packet, each of the first packet and the second packet comprising an integrity protected part; [0019][0021][0027][0031] [0032][0040]-[0046] (teaches separating the anti-replay into separate windows on per DSCP basis, resulting in multiple anti-replay windows; teaches the DSCP anti-replay windows are subsets of a global anti-replay window, teaches authentication of packets) Khanna teaches performing a lookup for a respective sub anti-replay window, using the derived sub anti- replay window identifier, for each of the first packet and the second packet against the sub anti-replay window identifier of each of the sub anti-replay windows; [0019][0041] (identifies DSCP header and anti-replay window to lookup the window parameters) Khanna teaches distributing each of the first packet and the second packet, using the derived sub anti- replay identifier, to a sub anti-replay window of the sub anti-replay windows; and performing a service, wherein the service uses the derived sub anti-replay window identifiers for each of the first packet and the second packet to: accept the first packet and reject the second packet if a sequence number of the first packet and the second packet are same; and accept the first packet and the second packet if a sequence number of the first packet and the second packet are different. [0037][0039] (teaches if the sequence numbers are stored and if a second packet sequence matches a first sequence packet number then the packet is discarded) [0040]-[0046] (teaches identification of a DSCP anti-replay window and preventing replay attacks by comparing to these sub-windows to received packet sequence numbers) Khanna teaches authentication but does not explicitly teach packet hash integrity. Liedes teaches computing a hash value for each of the first packet and the second packet, wherein each of the hash value is based on an integrity protected part of the first packet and the second packet, respectively, to produce a derived sub anti-replay window identifier for each of the first packet and the second packet; [0006][0049][0087][0091] (teaches ESP protocol which inherently involves a hash for integrity check, teaches using ESP identifier as SPI) It would have been obvious to one of ordinary skill in the art at the time the invention was filed to use the teaching of Liedes with the prior art because it provides an additional security check that the integrity of the data is intact. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to CHRISTOPHER BROWN whose telephone number is (571)272-3833. The examiner can normally be reached M-F 8-5. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached at (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /CHRISTOPHER J BROWN/Primary Examiner, Art Unit 2439
Read full office action

Prosecution Timeline

Sep 20, 2024
Application Filed
Dec 04, 2025
Non-Final Rejection — §103
Mar 31, 2026
Response Filed

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12603822
SOFTWARE AS A SERVICE (SaaS) USER INTERFACE (UI) FOR DISPLAYING USER ACTIVITIES IN AN ARTIFICIAL INTELLIGENCE (AI)-BASED CYBER THREAT DEFENSE SYSTEM
2y 5m to grant Granted Apr 14, 2026
Patent 12574725
METHODS, APPARATUSES, COMPUTER PROGRAMS AND CARRIERS FOR SECURITY MANAGEMENT BEFORE HANDOVER FROM 5G TO 4G SYSTEM
2y 5m to grant Granted Mar 10, 2026
Patent 12563390
AUTHENTICATING A DEVICE IN A COMMUNICATION NETWORK OF AN AUTOMATION INSTALLATION
2y 5m to grant Granted Feb 24, 2026
Patent 12563056
SYSTEM AND METHOD FOR MONITORING AND MANAGING COMPUTING ENVIRONMENT
2y 5m to grant Granted Feb 24, 2026
Patent 12537828
ON-DEMAND SOFTWARE-DEFINED SECURITY SERVICE ORCHESTRATION FOR A 5G WIRELESS NETWORK
2y 5m to grant Granted Jan 27, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
75%
Grant Probability
99%
With Interview (+24.4%)
3y 5m
Median Time to Grant
Low
PTA Risk
Based on 707 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month