Prosecution Insights
Last updated: July 17, 2026
Application No. 19/022,644

SECURITY PROTECTION METHOD AND APPARATUS, AND ACCESS NETWORK DEVICE

Non-Final OA §103
Filed
Jan 15, 2025
Priority
Feb 11, 2018 — CN 201810143062.6 +2 more
Examiner
SCOTT, RANDY A
Art Unit
2439
Tech Center
2400 — Computer Networks
Assignee
Huawei Technologies Co., Ltd.
OA Round
2 (Non-Final)
85%
Grant Probability
Favorable
2-3
OA Rounds
1y 4m
Est. Remaining
82%
With Interview

Examiner Intelligence

Grants 85% — above average
85%
Career Allowance Rate
803 granted / 949 resolved
+26.6% vs TC avg
Minimal -2% lift
Without
With
+-2.1%
Interview Lift
resolved cases with interview
Typical timeline
2y 10m
Avg Prosecution
21 currently pending
Career history
976
Total Applications
across all art units

Statute-Specific Performance

§101
2.6%
-37.4% vs TC avg
§103
88.5%
+48.5% vs TC avg
§102
2.8%
-37.2% vs TC avg
§112
3.6%
-36.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 949 resolved cases

Office Action

§103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Detailed Action 1. This Office Action is responsive to the communication filed 6/11/2026. Claim Rejections – 35 USC 103 2. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office Action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. 3. Claims 1-20 are rejected under 35 USC 103 as being unpatentable over Wifvesson et al (US 12,022,293) in view of He (US 2009/0275309). Regarding claim 1, Wifvesson et al teaches a security protection method applied in a scenario of dual connectivity (col. 17, lines 18-20, which discloses applying integrity protection in a dual connectivity environment), comprising: establishing, by an apparatus, a radio resource control (RRC) connection between the apparatus and a master station (col. 39, lines 4-5, “UE in the handover command…RRC Connection Reconfiguration”); receiving, by the apparatus, an RRC connection reconfiguration request message from the master station (col. 4, lines 6-8, “RRC Reconfiguration Request”), wherein the RRC connection reconfiguration request message comprises a user plane security algorithm (col. 39, lines 28-32, which discloses implementing security algorithm selection in a RRC Connection handover command); and enabling, by the apparatus, the type of user plane security protection based on the user plane security algorithm (col. 21, lines 14-17, which discloses an indication disclosing security capabilities and supported integrity algorithms for integrity protection of data for user equipment nodes). Wifvesson et al doesn’t explicitly teach an indication indicating a type of user plane security protection enabled by a secondary station. However, He teaches an indication indicating a type of user plane security protection enabled by a secondary station (par [0011] & par [0028], lines 6-9, which disclose determining the security capability and user plane protection supported by a second network device). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al in order to provide the predictive result of improving ensuring secure protection for nodes communicating in a network by allocating security capabilities for communicating nodes based on security capability requirements (as disclosed in par [0013] of He) because this feature would guarantee that communicating nodes are updated with required compatible security parameters for continue protection during handover. Regarding claim 2, Wifvesson et al does not explicitly teach wherein user plane data to be sent from a core network element to the apparatus via the secondary station is security protected by the secondary station based on the type of user plane security protection. However, He teaches wherein user plane data to be sent from a core network element to the apparatus via the secondary station is security protected by the secondary station based on the type of user plane security protection (par [0055], lines 1-5, “NAS algorithm protection is implemented between the UE and the MME”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 1. Regarding claim 3, Wifvesson et al does not explicitly teach wherein the type of user plane security protection is determined by the secondary station. However, He teaches wherein the type of user plane security protection is determined by the secondary station (par [0019], lines 1-20, “selects a corresponding security capability”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 1. Regarding claim 4, Wifvesson et al teaches wherein the security capability includes at least a security algorithm supported by the apparatus (col. 4, lines 60-63, “algorithm for Integrity Protection”), and wherein the user plane security policy indicates whether user plane encryption protection (col. 18, lines 5-9, “ encryption relating to Integrity Protection”) and user plane integrity protection are enabled (col. 16, lines 45-48, “UP integrity has been enabled”). Wifvesson et al does not explicitly teach wherein the type of user plane security protection is determined by the secondary station based on a user plane security policy of the apparatus and a security capability of the apparatus However, He teaches wherein the type of user plane security protection is determined by the secondary station based on a user plane security policy of the apparatus (par [0042], “selects a NAS algorithm (encryption algorithm and integrity protection algorithm)”) and a security capability of the apparatus (par [0019], “selects a corresponding security capability”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 1. Regarding claim 5, Wifvesson et al and He teach the limitations of claim 1. Wifvesson et al further teaches wherein the type of user plane security protection is one of the following: enabling user plane encryption protection (col. 2, lines 46-47, “secondary eNB encryption/decryption activation”) and enabling user plane integrity protection (col. 24, lines 63-67, “enabled the IPUP mode”); not enabling user plane encryption protection but enabling user plane integrity protection; or enabling user plane encryption protection and not enabling user plane integrity protection. Regarding claim 6, Wifvesson et al and He teach the limitations of claim 1. Wifvesson et al further teaches in response to the RRC connection reconfiguration request message, sending, by the apparatus, an RRC connection reconfiguration complete message to the master station (col. 36, lines 15-19). Regarding claim 7, Wifvesson et al and He teach the limitations of claim 1. Wifvesson et al further teaches wherein both the master station and secondary station are 5th generation (5G) base station (col. 23, lines 9-11). Regarding claim 8, Wifvesson et al and He teach the limitations of claim 1. Wifvesson et al further teaches wherein the apparatus is a terminal device (fig. 12-13) or a chip in the terminal device. Regarding claim 9, Wifvesson et al teaches an apparatus comprising: at least one processor (col. 8, line 64); and a memory coupled to the at least one processor and having program instructions stored thereon which, when executed by the at least one processor (col. 8, line 65), cause the apparatus to: establish a radio resource control (RRC) connection between the apparatus and a master station (col. 39, lines 4-5, “UE in the handover command…RRC Connection Reconfiguration”); receive an RRC connection reconfiguration request message from the master station (col. 4, lines 6-8, “RRC Reconfiguration Request”), wherein the RRC connection reconfiguration request message comprises a user plane security algorithm (col. 39, lines 28-32, which discloses implementing security algorithm selection in a RRC Connection handover command); and enable the type of user plane security protection based on the user plane security algorithm (col. 21, lines 14-17, which discloses an indication disclosing security capabilities and supported integrity algorithms for integrity protection of data for user equipment nodes). Wifvesson et al doesn’t explicitly teach an indication indicating a type of user plane security protection enabled by a secondary station. However, He teaches an indication indicating a type of user plane security protection enabled by a secondary station (par [0011] & par [0028], lines 6-9, which disclose determining the security capability and user plane protection supported by a second network device). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al in order to provide the predictive result of improving ensuring secure protection for nodes communicating in a network by allocating security capabilities for communicating nodes based on security capability requirements (as disclosed in par [0013] of He) because this feature would guarantee that communicating nodes are updated with required compatible security parameters for continue protection during handover. Regarding claim 10, Wifvesson et al does not explicitly teach wherein user plane data to be sent from a core network element to the apparatus via the secondary station is security protected by the secondary station based on the type of user plane security protection. However, He teaches wherein user plane data to be sent from a core network element to the apparatus via the secondary station is security protected by the secondary station based on the type of user plane security protection (par [0055], lines 1-5, “NAS algorithm protection is implemented between the UE and the MME”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 9. Regarding claim 11, Wifvesson et al does not explicitly teach wherein the type of user plane security protection is determined by the secondary station. However, He teaches wherein the type of user plane security protection is determined by the secondary station (par [0019], lines 1-20, “selects a corresponding security capability”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 9. Regarding claim 12, Wifvesson et al teaches wherein the security capability includes at least a security algorithm supported by the apparatus (col. 4, lines 60-63, “algorithm for Integrity Protection”), and wherein the user plane security policy indicates whether user plane encryption protection (col. 18, lines 5-9, “ encryption relating to Integrity Protection”) and user plane integrity protection are enabled (col. 16, lines 45-48, “UP integrity has been enabled”). Wifvesson et al does not explicitly teach wherein the type of user plane security protection is determined by the secondary station based on a user plane security policy of the apparatus and a security capability of the apparatus However, He teaches wherein the type of user plane security protection is determined by the secondary station based on a user plane security policy of the apparatus (par [0042], “selects a NAS algorithm (encryption algorithm and integrity protection algorithm)”) and a security capability of the apparatus (par [0019], “selects a corresponding security capability”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 9. Regarding claim 13, Wifvesson et al and He teach the limitations of claim 9. Wifvesson et al further teaches teaches wherein the type of user plane security protection is one of the following: enabling user plane encryption protection (col. 2, lines 46-47, “secondary eNB encryption/decryption activation”) and enabling user plane integrity protection (col. 24, lines 63-67, “enabled the IPUP mode”); not enabling user plane encryption protection but enabling user plane integrity protection; or enabling user plane encryption protection and not enabling user plane integrity protection. Regarding claim 14, Wifvesson et al and He teach the limitations of claim 9. Wifvesson et al further teaches teaches in response to the RRC connection reconfiguration request message, sending, by the apparatus, an RRC connection reconfiguration complete message to the master station (col. 36, lines 15-19). Regarding claim 15, Wifvesson et al and He teach the limitations of claim 9. Wifvesson et al further teaches wherein both the master station and secondary station are 5th generation (5G) base station (col. 23, lines 9-11). Regarding claim 16, Wifvesson et al and He teach the limitations of claim 9. Wifvesson et al further teaches wherein the apparatus is a terminal device (fig. 12-13) or a chip in the terminal device. Regarding claim 17, Wifvesson et al teaches a non-transitory computer-readable storage medium (col. 8, lines 44-45) configured to store instructions, which when executed by a processor of an apparatus (col. 8, line 64), cause the apparatus to: establish a radio resource control (RRC) connection between the apparatus and a master station (col. 39, lines 4-5, “UE in the handover command…RRC Connection Reconfiguration”); receive an RRC connection reconfiguration request message from the master station (col. 4, lines 6-8, “RRC Reconfiguration Request”), wherein the RRC connection reconfiguration request message comprises a user plane security algorithm (col. 39, lines 28-32, which discloses implementing security algorithm selection in a RRC Connection handover command); and enable the type of user plane security protection based on the user plane security algorithm (col. 21, lines 14-17, which discloses an indication disclosing security capabilities and supported integrity algorithms for integrity protection of data for user equipment nodes). Wifvesson et al doesn’t explicitly teach an indication indicating a type of user plane security protection enabled by a secondary station. However, He teaches an indication indicating a type of user plane security protection enabled by a secondary station (par [0011] & par [0028], lines 6-9, which disclose determining the security capability and user plane protection supported by a second network device). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al in order to provide the predictive result of improving ensuring secure protection for nodes communicating in a network by allocating security capabilities for communicating nodes based on security capability requirements (as disclosed in par [0013] of He) because this feature would guarantee that communicating nodes are updated with required compatible security parameters for continue protection during handover. Regarding claim 18, Wifvesson et al does not explicitly teach wherein user plane data to be sent from a core network element to the apparatus via the secondary station is security protected by the secondary station based on the type of user plane security protection. However, He teaches wherein user plane data to be sent from a core network element to the apparatus via the secondary station is security protected by the secondary station based on the type of user plane security protection (par [0055], lines 1-5, “NAS algorithm protection is implemented between the UE and the MME”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 17. Regarding claim 19, Wifvesson et al teaches wherein the security capability includes at least a security algorithm supported by the apparatus (col. 4, lines 60-63, “algorithm for Integrity Protection”), and wherein the user plane security policy indicates whether user plane encryption protection (col. 18, lines 5-9, “ encryption relating to Integrity Protection”) and user plane integrity protection are enabled (col. 16, lines 45-48, “UP integrity has been enabled”). Wifvesson et al does not explicitly teach wherein the type of user plane security protection is determined by the secondary station based on a user plane security policy of the apparatus and a security capability of the apparatus. However, He teaches wherein the type of user plane security protection is determined by the secondary station based on a user plane security policy of the apparatus (par [0042], “selects a NAS algorithm (encryption algorithm and integrity protection algorithm)”) and a security capability of the apparatus (par [0019], “selects a corresponding security capability”). It would have been obvious to one of ordinary skill in the art before the effective date of the claimed invention to be motivated to combine the teachings of He within the disclosure of Wifvesson et al according to the motivation disclosed regarding claim 17. Regarding claim 20, Wifvesson et al and He teach the limitations of claim 17. Wifvesson et al further teaches wherein the type of user plane security protection is one of the following: enabling user plane encryption protection (col. 2, lines 46-47, “secondary eNB encryption/decryption activation”) and enabling user plane integrity protection (col. 24, lines 63-67, “enabled the IPUP mode”); not enabling user plane encryption protection but enabling user plane integrity protection; or enabling user plane encryption protection and not enabling user plane integrity protection. Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to Randy A. Scott whose telephone number is (571) 272-3797. The examiner can normally be reached on Monday-Thursday 7:30 am-5:00 pm, second Fridays 7:30 am-4pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Luu Pham can be reached on (571) 270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /RANDY A SCOTT/Primary Examiner, Art Unit 2439 20260629
Read full office action

Prosecution Timeline

Jan 15, 2025
Application Filed
Mar 19, 2026
Non-Final Rejection mailed — §103
Jun 11, 2026
Response Filed
Jul 02, 2026
Non-Final Rejection mailed — §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12682064
Method and Apparatus for Compiling Mirror Image, Nonvolatile Readable Storage Medium, and Electronic Device
1y 2m to grant Granted Jul 14, 2026
Patent 12670142
ASSURANCE OF SECURITY RULES IN A NETWORK
2y 8m to grant Granted Jun 30, 2026
Patent 12665881
LOAD BALANCING SECURE NETWORK TRAFFIC
2y 11m to grant Granted Jun 23, 2026
Patent 12657298
Automatic Binary Code Understanding
2y 8m to grant Granted Jun 16, 2026
Patent 12657315
METHODS, SYSTEMS, AND APPARATUSES FOR IMPROVING DATA ENCRYPTION
2y 8m to grant Granted Jun 16, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

Strategy Recommendation AI-generated — please review before filing

Get a prosecution strategy drawn from examiner precedents, rejection analysis, and claim mapping.
Typically takes 5-10 seconds — AI-generated, attorney review required before filing

Prosecution Projections

2-3
Expected OA Rounds
85%
Grant Probability
82%
With Interview (-2.1%)
2y 10m (~1y 4m remaining)
Median Time to Grant
Moderate
PTA Risk
Based on 949 resolved cases by this examiner. Grant probability derived from career allowance rate.

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month