DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 120 as follows:
The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA  35 U.S.C. 112, except for the best mode requirement.  See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994).
Applicant claims the benefit of the prior-filed application, U.S. application Ser.  No. 16/033,555, filed Jul.  12, 2018, which is a continuation-in-part of, and claims priority to and the benefit of, U.S.  application Ser.  No. 15/982,448, filed May 17, 2018, which is a nonprovisional application of, and claims priority to and the benefit of, U.S.  Patent Application No. 62/634,374, filed Feb.  23, 2018.
The disclosure of the prior-filed applications, Application No. 15/982,448 fail to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA  35 U.S.C. 112, first paragraph for claims 1-20 of this application:




Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:

A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.


Claims 1, 6, 12, 13, and 20 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by NORRMAN (US 20190007376 A1)

Re: Claim 1
NORRMAN discloses a method comprising: 
receiving, by a first network node associated with a home network (See NORRMAN Fig. 2, [0050] a home network 3 controlled by a home-operator) and from a second network node associated with an access network (See NORRMAN Fig. 2, [0050] a serving network 2 controlled by a serving operator), identity data indicating at least one of a subscriber identifier (SID) and a terminal identifier (TID); (See NORRMAN Fig. 2,  [0095] the first identifier comprises a long-term identity associated with a subscription used by the 
(See NORRMAN Fig. 4, [0063]: The MME 14 then sends (arrow 2) the AV request to the HSS 15, the request comprising the pseudonym PSE or the encrypted IMSI).
NOTE: Also See Fig. 3, [0057]
determining, by the first network node, a first tied key using a tying key derivation function (TKDF) based on the identity data; 
(See NORRMAN Fig. 4, [0064]: the HSS 15 may generate the pseudonym by inputting the IMSI and a time dependent parameter into . . . a key derivation function)
NOTE: Also See Fig. 3, [0057]
determining, by the first network node, a confirmation message based on the first tied key; and 
 (See NORRMAN Fig. 4, [0063]: The response may comprise the conventional AV response message comprising information elements AUTN and RAND, KASME, XRES, with the new information element pseudonym PSE added)
NOTE: Also See Fig. 3, [0058]
transmitting, by the first network node, the confirmation message to the second network node.  
(See NORRMAN Fig. 4, [0063]: The HSS 15 sends in response (arrow 3), to the MME 1, the AV response and include in this response a new information element: the pseudonym PSE)
NOTE: Also See Fig. 3, [0058] and Fig. 6, [0083]

Re: Claim 6
NORRMAN discloses one or more non-transitory computer-readable media comprising instructions that, when executed by one or more processors (See NORRMAN Fig. 7, [0102] a central processing unit (CPU), cause the one or more processors to perform first operations, by a first network node associated with a home network (See NORRMAN Figs. 1, 2 and Fig. 7, [0102] The first network node 5, 15 comprises . . .), comprising:
(See NORRMAN Fig. 7, [0106] The computer programs 32 comprises computer program code, which, when executed on at least one processor 30 on the first network node 5, 15 causes the first network node 5, 15 to perform the method 20 according to any of the described embodiments thereof)
receiving, from a second network node associated with an access network, identity data indicating at least one of a subscriber identifier (SID) and a terminal identifier (TID); 
determining a first tied key using a tying key derivation function (TKDF) based on the identity data; 
determining a confirmation message based on the first tied key; and 
transmitting the confirmation message to the second network node.  
NOTE: See the rejection of Claim 1.

Re: Claims 12 and 20 
NORRMAN discloses 
determining a second tied key using the TKDF based on second identity data provisioned at the network terminal.  
(See NORRMAN Fig. 4, [0057]: the PSE or the encrypted IMSI as sent by the UE 16. [0063]: When the UE 16, at arrow 1, attaches to the MME 14 of a serving network 12 it may use the pseudonym PSE)
	NOTE: the pseudonym PSE is derived from a key derivation function as mentioned in the rejection of Claim 1. 
NOTE: Also See [0095] preferably encrypted IMSI or a third (old) pseudonym previously generated for the mobile entity 6, 16.

Re: Claim 13
NORRMAN discloses a system (See NORRMAN Figs. 1 and 2)
comprising: 
a first network node (See NORRMAN Figs. 1, 2 and Fig. 7, [0102] The first network node 5, 15) associated with a home network, the first network node configured to perform first operations comprising: 
(See NORRMAN Fig. 7, [0106] The computer programs 32 comprises computer program code, which, when executed on at least one processor 30 on the first network node 5, 15 causes the first network node 5, 15 to perform the method 20 according to any of the described embodiments thereof)
receiving, from a second network node associated with an access network, identity data indicating at least one of a subscriber identifier (SID) and a terminal identifier (TID); 
determining a first tied key using a tying key derivation function (TKDF) based on the identity data; 
determining a confirmation message based on the first tied key; and 
transmitting the confirmation message to the second network node.  
NOTE: See the rejection of Claim 1.

 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this 


Claims 2-4, 7-8, and 14-15 are rejected under 35 U.S.C. 103 as being unpatentable over NORRMAN as applied to Claims 1, 6, and 13 above, and further in view of HE (US 20200396711 A1).

Re: Claims 2, 7, and 14
NORRMAN does not appear to explicitly disclose determining an indirectly-tied key based on the first tied key; and determining the confirmation message comprising the indirectly-tied key.  
In a similar endeavor, HE discloses
determining an indirectly-tied key based on the first tied key; (See HE [0460]: Kausf=KDF(CK.parallel.IK, location information-gNB 1, .  . . ) or CK'.parallel.IK'=KDF(CK.parallel.IK, location information-gNB 1, .  . . ))
(See HE Figs. 15A and 15B. [0458]: Kseaf=KDF(Kausf, location information-gNB 1, .  . . ) or Kseaf=KDF(CK'.parallel.IK', location information-gNB 1, .  . . ) [0295]: KDF( ) represents a key derivation function)
determining the confirmation message comprising the indirectly-tied key.  
(See HE Figs. 15A and 15B. [0458]: the AUSF sends Kseaf to the SEAF/AMF)
Note, NORRMAN and HE are analogous art because both are directed to authentication procedure for wireless communication (See NORRMAN Abstract and HE TABLE-US-00003 TABLE 3). 
NORRMAN invention by employing the teaching as taught by HE to provide the limitation.  The motivation for the combination is given by HE which improves wireless communication with enhanced encryption and higher degree of privacy protection.

Re: Claims 3, 8, and 15
NORRMAN discloses wherein: the identity data indicates the SID; 
(See NORRMAN Fig. 2, [0095] the first identifier comprises a long-term identity associated with a subscription used by the mobile entity 6, 16, such as the IMSI of the mobile entity 6, 16)
NORRMAN does not appear to explicitly disclose the first tied key is a 3GPP 5G KAUSF key; the indirectly-tied key is a 3GPP 5G KSEAF key; the first network node implements an Authentication Server Function (AUSF); and the second network node implements a Security Anchor Function (SEAF).  
In a similar endeavor, HE discloses
the first tied key is a 3GPP 5G KAUSF key;
(See HE Figs. 15A and 15B. [0426]: The terminal device location determining method provided in this embodiment can be applied to a 5G communications system [0460]: Kausf=KDF(CK.parallel.IK, location information-gNB 1, .  . . ) or CK'.parallel.IK'=KDF(CK.parallel.IK, location information-gNB 1, .  . . ))
the indirectly-tied key is a 3GPP 5G KSEAF key; 
(See HE Figs. 15A and 15B. [0458]: Kseaf=KDF(Kausf, location information-gNB 1, .  . . ) or Kseaf=KDF(CK'.parallel.IK', location information-gNB 1, .  . . ))
the first network node implements an Authentication Server Function (AUSF); and
(See He [0460]: the AUSF generates Kseaf based on Kausf, and the AUSF sends Kseaf to the SEAF/AMF)
the second network node implements a Security Anchor Function (SEAF).  
(See He [0460]: the AUSF generates Kseaf based on Kausf, and the AUSF sends Kseaf to the SEAF/AMF)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the NORRMAN invention by employing the teaching as taught by HE to provide the limitation.  The motivation for the combination is given by HE which extends applicability of the authentication procedure to 5G network.

Re: Claim 4
NORRMAN in view of He discloses 
determining, by a network terminal, a second tied key using the TKDF based on second identity data provisioned at the network terminal.  
(See NORRMAN Fig. 4, [0057]: the PSE or the encrypted IMSI as sent by the UE 16. [0063]: When the UE 16, at arrow 1, attaches to the MME 14 of a serving network 12 it may use the pseudonym PSE)
	NOTE: the pseudonym PSE is derived from a key derivation function as mentioned in the rejection  of Claim 1. 
NOTE: Also See [0095] preferably encrypted IMSI or a third (old) pseudonym previously generated for the mobile entity 6, 16.





Allowable Subject Matter
Claims 5, 9-11 and 16-19 are objected to as being dependent upon the rejected base claims, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is an examiner’s statement of reasons for allowance: NORRMAN in view of Xu (US 20120331298 A1) and Wang (US 20180331829 A1) is considered as the most relevant document in the prior art, which discloses determining, by the first network node, the confirmation message (See NORRMAN Fig. 4, [0063]) receiving, by the second network node which is associated with a serving network and from the first network node, the confirmation message; (See NORRMAN Fig. 4, [0063]) determining, the at least some of the identity data, a third tied key; and (See Xu; [0073] [0068]) preparing an authentication request based on first security data, the preparing comprising at least one of: (See NORRMAN Fig. 4, [0063]) encrypting the first security data to provide the authentication request; or (See NORRMAN [0098]) marking the first security data to provide the authentication request, the marking comprising: determining a first message authentication code (MAC) and the first security data; and (See Wang; Fig. 4, 406. [0054]) providing the authentication request comprising the first security data and the MAC; and (Wang; Fig. 4, 407. [0055]) transmitting the authentication request to a network terminal.  (See NORRMAN Fig. 4, [0063]).
NORRMAN in view of Xu and Wang does not discloses the technical features in Claims 5, 9 and 16 of the confirmation message comprising at least some of the identity data; determining, based on the indirectly-tied key . . . a third tied key; and
encrypting the first security data based on the third tied key to provide the authentication request; or determining a first message authentication code (MAC) based on the third tied key and the first security data; (Emphasis added).



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MINJUNG KIM whose telephone number is (408) 918-7693.  The examiner can normally be reached on Monday-Friday 9am to 2pm PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wang-Hurst, Kathy can be reached on (571) 270-5371.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/MINJUNG KIM/
Examiner, Art Unit 2644