Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This Office Action is in response to the application 18/868,701 filed on 11/22/2024.
Claims 1-2, 4-10, 12-13, 15-17, 19-21 and 33-35 have been examined and are pending in this application.
Information Disclosure Statement
The information disclosure statement (IDS), submitted on 11/22/2024, is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
The following is a quotation of 35 U.S.C. 112 (pre-AIA ), fourth paragraph:
Subject to the [fifth paragraph of 35 U.S.C. 112 (pre-AIA )], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.
Claims 33-35 are rejected under 35 U.S.C. 112(d) or pre-AIA 35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.
Regarding claims 33-35; claims 33-35 rejected under 35 U.S.C. 112(d) or pre-AIA 35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends. “[A] proper dependent claim must be narrower than the claim upon which it depends and must not be broader in any respect.” D. Chisum, Chisum on Patents § 8.06[5] (2011) (citing Pfizer Inc. v. Ranbaxy Laboratories Ltd., 457 F3d 1284 (Fed. Cir. 2006) (claim held invalid for failing to comply with 35 U.S.C. 112(d)). Communication device claims 33-35 relied on method claims 1, 12 and 19 respectively. However, claims 33-35 fail to specify a further limitation of the subject matter of the claims 1, 12 and 19 to which they refer, because is complete outside the scope of claims 1, 12 and 19. Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C.
102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-2, 4, 12-13, 15-17, 19, 21 and 33-35 are rejected under 35 U.S.C. 103 as being unpatentable over Tiwari (US 2023/0067830) and in view of Irimie (WO 2019/108631).
Regarding claim 1, Tiwari discloses a re-authentication-authorization method for an artificial intelligence (AI) network function (Tiwari par. 0011; The method further includes receiving, by the node of the plurality of nodes, a re-authentication and re-authorization request message for the at least one NSSAI comprising the at least one S-NSSAI from the AAA-S for the UE) comprising:
receiving a re-authentication-authorization request sent by an authentication and authorization server (AAA-S) network element, wherein the re-authentication-authorization request comprises a first identifier used for identifying a user equipment (UE) served by the AI network function (Tiwari par. 0310; The method may further comprise: receiving, by the node of the plurality of nodes, a re-authentication and re-authorization request message for the at least one NSSAI comprising the at least one S-NSSAI from the AAA-S 600 for the UE 300, wherein the UE 300 is identified by a generic public subscription identifier (GPSI) in the re-authentication and re-authorization request message; requesting, by the node, an AMF controller identity (ID) to which the UE 300 is registered from the UDM controller 500, wherein the node requests by sending the GPSI of the UE 300) ; and
performing, by a network slice-specific authentication and authorization function (NSSAAF) network element, re-authentication-authorization on the first identifier (Tiwari par. 0317; The NSSAA controller further configured to: receive the indication that one of re-authentication and re-authorization, and revocation is required for the at least one S-NSSAI from the node of the plurality of nodes when the UE 300 is re-registered; determine that one of the re-authentication and re-authorization, and revocation is required for the at least one S-NSSAI; and perform one of: the NSSAA procedure for the at least one S-NSSAI, in response to determining that the re-authentication and the re-authorization is required, and reject the at least one S-NSSAI present in the requested NSSAI, in response to determining that the revocation of the S-NSSAI is required).
Tiwari3KhanKhanKkk teaches3 receiving a re-authentication-authorization request and performing, by a network slice-specific authentication and authorization function (NSSAAF) network element, re-authentication-authorization on the first identifier (Tiwari par. 0310 and 0317). However, Tiwari does not explicitly teach wherein the re-authentication-authorization request comprises AI function selection assistance information (AIFSAI) and performing re-authentication-authorization on the AI network function based on the AIFSAI and the first identifier.
However, in an analogous field, Irimie teaches wherein the re-authentication-authorization request comprises AI function selection assistance information (AIFSAI) and performing, re-authentication-authorization on the AI network function based on the AIFSAI and the first identifier (Irimie par. 0080; an AIDA system is capable of performing risk analysis of users, groups of users, or a company. For example, an AIDA system may be able to perform a risk profile of a user with respect to wire transfer fraud, or IP theft. In some embodiments, an AIDA system can track events in a company and/or for a user in a company to identify one or more risk points. In some embodiments, an AIDA system can track information that a given user is exposed to in order to identify a risk point. For example, employees in a company that regularly deal with wire transfers may be likely to be at a higher risk for wire transfer fraud, and people that are exposed to sensitive information may be at a higher risk for leaking intellectual property. See also par. 0018 and 0082).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teaching of Tiwari as taught by Irimie in order to apply artificial intelligence driven security awareness systems for performing simulated phishing attacks (Irimie par. 0002).7
Regarding claim 2, Tiwari and Irimie disclose the method of claim 1,
Tiwari further discloses wherein receiving the re-authentication- authorization request sent by the AAA-S network element comprises: receiving an authentication and authorization (AAA) re-authentication-authorization request sent by the AAA-S network element, wherein the AAA re-authentication-authorization request comprises the AIFSAI and the first identifier; or receiving an AAA re-authentication-authorization request transparently transmitted by the AAA-S network element through an authentication and authorization proxy (AAA-P) network element, wherein the AAA re-authentication-authorization request comprises the AIFSAI and the first identifier (Tiwari par. 0310; The method may further comprise: receiving, by the node of the plurality of nodes, a re-authentication and re-authorization request message for the at least one NSSAI comprising the at least one S-NSSAI from the AAA-S 600 for the UE 300, wherein the UE 300 is identified by a generic public subscription identifier (GPSI) in the re-authentication and re-authorization request message; requesting, by the node, an AMF controller identity (ID) to which the UE 300 is registered from the UDM controller 500, wherein the node requests by sending the GPSI of the UE 300).
Regarding claim 4, Tiwari and Irimie disclose the method of claim 1,
Irimie further discloses wherein the AIFSAI comprises a second identifier used for identifying the AI network function (Irimie par. 0080; an AIDA system is capable of performing risk analysis of users, groups of users, or a company. For example, an AIDA system may be able to perform a risk profile of a user with respect to wire transfer fraud, or IP theft. In some embodiments, an AIDA system can track events in a company and/or for a user in a company to identify one or more risk points. In some embodiments, an AIDA system can track information that a given user is exposed to in order to identify a risk point. For example, employees in a company that regularly deal with wire transfers may be likely to be at a higher risk for wire transfer fraud, and people that are exposed to sensitive information may be at a higher risk for leaking intellectual property. See also par. 0018 and 0082).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teaching of Tiwari as taught by Irimie in order to apply artificial intelligence driven security awareness systems for performing simulated phishing attacks (Irimie par. 0002).7
Regarding claim 12, Tiwari discloses a re-authentication-authorization method for an artificial intelligence (AI) network function (Tiwari par. 0011; The method further includes receiving, by the node of the plurality of nodes, a re-authentication and re-authorization request message for the at least one NSSAI comprising the at least one S-NSSAI from the AAA-S for the UE) comprising:
sending a re-authentication-authorization request to a network slice-specific authentication and authorization function (NSSAAF) network element, wherein the re-authentication- authorization request comprises a first identifier used for identifying a user equipment (UE) served by the Al network function (Tiwari par. 0310; The method may further comprise: receiving, by the node of the plurality of nodes, a re-authentication and re-authorization request message for the at least one NSSAI comprising the at least one S-NSSAI from the AAA-S 600 for the UE 300, wherein the UE 300 is identified by a generic public subscription identifier (GPSI) in the re-authentication and re-authorization request message; requesting, by the node, an AMF controller identity (ID) to which the UE 300 is registered from the UDM controller 500, wherein the node requests by sending the GPSI of the UE 300).
Tiwari3KhanKhanKkk teaches3 receiving a re-authentication-authorization request and performing, by a network slice-specific authentication and authorization function (NSSAAF) network element, re-authentication-authorization on the first identifier (Tiwari par. 0310 and 0317). However, Tiwari does not explicitly teach wherein the re-authentication-authorization request comprises AI function selection assistance information (AIFSAI) and performing re-authentication-authorization on the AI network function based on the AIFSAI and the first identifier.
However, in an analogous field, Irimie teaches wherein the re-authentication-authorization request comprises AI function selection assistance information (AIFSAI) and performing, re-authentication-authorization on the AI network function based on the AIFSAI and the first identifier (Irimie par. 0080; an AIDA system is capable of performing risk analysis of users, groups of users, or a company. For example, an AIDA system may be able to perform a risk profile of a user with respect to wire transfer fraud, or IP theft. In some embodiments, an AIDA system can track events in a company and/or for a user in a company to identify one or more risk points. In some embodiments, an AIDA system can track information that a given user is exposed to in order to identify a risk point. For example, employees in a company that regularly deal with wire transfers may be likely to be at a higher risk for wire transfer fraud, and people that are exposed to sensitive information may be at a higher risk for leaking intellectual property. See also par. 0018 and 0082).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teaching of Tiwari as taught by Irimie in order to apply artificial intelligence driven security awareness systems for performing simulated phishing attacks (Irimie par. 0002).7
Regarding claims 13 and 15; claims 13 and 15 are directed to a method associated with the method claimed in claims 2 and 4 respectively. Claims 13 and 15 are similar in scope to claims 2 and 4 respectively, and are therefore rejected under similar rationale respectively.
Regarding claim 16, Tiwari and Irimie disclose the method of claim 12,
Tiwari further discloses further comprising: receiving a re-authentication-authorization response sent by the NSSAAF network element, wherein the re-authentication-authorization response is indicative of whether the NSSAAF network element performs the re-authentication-authorization on the Al network function (Tiwari par. 0317; The NSSAA controller further configured to: receive the indication that one of re-authentication and re-authorization, and revocation is required for the at least one S-NSSAI from the node of the plurality of nodes when the UE 300 is re-registered; determine that one of the re-authentication and re-authorization, and revocation is required for the at least one S-NSSAI; and perform one of: the NSSAA procedure for the at least one S-NSSAI, in response to determining that the re-authentication and the re-authorization is required, and reject the at least one S-NSSAI present in the requested NSSAI, in response to determining that the revocation of the S-NSSAI is required).
Regarding claim 17; claim 17 is directed to a method associated with the method claimed in claim 2 respectively. Claim 17 is similar in scope to claim 2 respectively, and is therefore rejected under similar rationale respectively.
Regarding claim 19, Tiwari discloses a re-authentication-authorization method for an artificial intelligence (AI) network function (Tiwari par. 0011; The method further includes receiving, by the node of the plurality of nodes, a re-authentication and re-authorization request message for the at least one NSSAI comprising the at least one S-NSSAI from the AAA-S for the UE) comprising:
receiving, by a unified data management function (UDM), a query request sent by a network slice-specific authentication and authorization function (NSSAAF) network element, wherein the query request comprises a first identifier used for identifying a user equipment (UE) served by the Al network function (Tiwari par. 0310; The method may further comprise: receiving, by the node of the plurality of nodes, a re-authentication and re-authorization request message for the at least one NSSAI comprising the at least one S-NSSAI from the AAA-S 600 for the UE 300, wherein the UE 300 is identified by a generic public subscription identifier (GPSI) in the re-authentication and re-authorization request message; requesting, by the node, an AMF controller identity (ID) to which the UE 300 is registered from the UDM controller 500, wherein the node requests by sending the GPSI of the UE 300) ; and
performing, by the UDM, a query based on the first identifier, and sending a query result to the NSSAAF network element (Tiwari par. 0317; The NSSAA controller further configured to: receive the indication that one of re-authentication and re-authorization, and revocation is required for the at least one S-NSSAI from the node of the plurality of nodes when the UE 300 is re-registered; determine that one of the re-authentication and re-authorization, and revocation is required for the at least one S-NSSAI; and perform one of: the NSSAA procedure for the at least one S-NSSAI, in response to determining that the re-authentication and the re-authorization is required, and reject the at least one S-NSSAI present in the requested NSSAI, in response to determining that the revocation of the S-NSSAI is required).
Tiwari3KhanKhanKkk teaches3 receiving a re-authentication-authorization request and performing, by a network slice-specific authentication and authorization function (NSSAAF) network element, re-authentication-authorization on the first identifier (Tiwari par. 0310 and 0317). However, Tiwari does not explicitly teach wherein the re-authentication-authorization request comprises AI function selection assistance information (AIFSAI) and performing re-authentication-authorization on the AI network function based on the AIFSAI and the first identifier.
However, in an analogous field, Irimie teaches wherein the re-authentication-authorization request comprises AI function selection assistance information (AIFSAI) and performing, re-authentication-authorization on the AI network function based on the AIFSAI and the first identifier (Irimie par. 0080; an AIDA system is capable of performing risk analysis of users, groups of users, or a company. For example, an AIDA system may be able to perform a risk profile of a user with respect to wire transfer fraud, or IP theft. In some embodiments, an AIDA system can track events in a company and/or for a user in a company to identify one or more risk points. In some embodiments, an AIDA system can track information that a given user is exposed to in order to identify a risk point. For example, employees in a company that regularly deal with wire transfers may be likely to be at a higher risk for wire transfer fraud, and people that are exposed to sensitive information may be at a higher risk for leaking intellectual property. See also par. 0018 and 0082).
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the claimed invention, to modify the teaching of Tiwari as taught by Irimie in order to apply artificial intelligence driven security awareness systems for performing simulated phishing attacks (Irimie par. 0002).7
Regarding claim 21, Tiwari and Irimie disclose the method of claim 19,
Tiwari further discloses wherein in response to the query result comprising an AMF ID, the method further comprises: receiving an authentication result sent by the NSSAAF network element, wherein the authentication result comprises parameter information after re-authentication-authorization of the AI network function; and updating a parameter of the AI network function based on the authentication result (Tiwari par. 0095; When the UDM 500 receives a sixth message indicating that the UE 300 is registered, then the UDM 500 transfer the stored indication and S-NSSAI to the first AMF controller 100a. (Steps 6 and 7 may take place in any order). The first AMF controller 100a determines that re-authentication and re-authorization is pending then the first AMF controller 100a performs the NSSAA procedure. If the revocation of the S-NSSAI is pending then the first AMF controller 100a rejects the S-NSSAI if present in the Requested NSSAI. After successful completion of the NSSAA procedure for the S-NSSAI, the first AMF controller 100a may update the UDM 500 that the re-authentication and re-authorization is successful).
Regarding claim 33-35; claims 33-35 is directed to a device associated with the method claimed in claims 1, 12 and 19 respectively. Claims 33-35 are similar in scope to claims 1, 12 and 19 respectively, and are therefore rejected under similar rationale respectively.
Allowable Subject Matter
Claims 5-10 and 20 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.7
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SANCHIT K SARKER whose telephone number is (571)270-7907. The examiner can normally be reached M-F 8:30 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, FARID HOMAYOUNMEHR can be reached at 571-272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/SANCHIT K SARKER/Primary Examiner, Art Unit 2495