DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(d):
(d) REFERENCE IN DEPENDENT FORMS.—Subject to subsection (e), a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

The following is a quotation of pre-AIA  35 U.S.C. 112, fourth paragraph:
Subject to the following paragraph [i.e., the fifth paragraph of pre-AIA  35 U.S.C. 112], a claim in dependent form shall contain a reference to a claim previously set forth and then specify a further limitation of the subject matter claimed. A claim in dependent form shall be construed to incorporate by reference all the limitations of the claim to which it refers.

Claim 28 is rejected under 35 U.S.C. 112(d) or pre-AIA  35 U.S.C. 112, 4th paragraph, as being of improper dependent form for failing to further limit the subject matter of the claim upon which it depends, or for failing to include all the limitations of the claim upon which it depends.  Claim 28 is dependent on claim 10 without further limiting claim 10, merely changing the embodiment to a local service center to perform the method of claim 10.  Applicant may cancel the claim(s), amend the claim(s) to place the claim(s) in proper dependent form, rewrite the claim(s) in independent form, or present a sufficient showing that the dependent claim(s) complies with the statutory requirements.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 9, 10, 19 and 28 are rejected under 35 U.S.C. 103 as being unpatentable over Miller et al., (US Publication No. 2016/0198521), hereinafter “Miller”, and further in view of Minamisawa, (US Publication No. 2004/0249977).

Regarding claim 1, Miller discloses
a method for joining an access points group [Miller, paragraphs 6 and 15, mutual authentication, access point], the method comprising: 
performing, by an access point, network-layer mutual authentication with a local service center upon determining that the access point is going to join Miller, paragraphs 43-44, figure 6, authorization request and response]; and 
performing, by the access point, network configuration according to configuration information in a network configuration message sent by the local service center, upon reception of the network configuration message [Miller, paragraphs 50-51, figures 7-8, configuring eNB 30 retrieves operating parameters after successfully authenticating]; 
Miller, paragraphs 44, 50-51, figures 6-8, configuring eNB 30 retrieves operating parameters after successfully authenticating].  

Miller does not specifically disclose an access point group, however Minamisawa teaches a group identifier of which an access point belongs [Minamisawa, paragraph 57 and figure 7].
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to include a group id in order to assign the access point to the correct group to ensure the security of the overall system.

Regarding claim 2, Miller-Minamisawa further discloses
wherein performing, by the access point, network-layer mutual authentication with the local service center comprises: authenticating, by the access point, a network side according to an access points group identifier corresponding to the access points group, and a network-layer authentication parameter, which are sent by the local service center [Miller, paragraphs 43-44, 50-51, figures 6-8, configuring eNB 30 retrieves operating parameters after successfully authenticating]; and 
returning, by the access point, a network-layer authentication response message comprising the access points group identifier [Minamisawa, paragraph 57 and figure 7] to the local service center after authentication on the network side is passed, so that the local service center authenticates the access point according to the network-layer Miller, paragraphs 43-44, 50-51, figures 6-8, including the identities of the respective EPC/aGW and the identities of the eNB-Ids].  

Regarding claim 3, Miller-Minamisawa further discloses
wherein authenticating, by the access point, the network side according to the access points group identifier corresponding to the access points group [Minamisawa, paragraph 57 and figure 7], and the network-layer authentication parameter, which are sent by the local service center comprises: 
determining, by the access point, a second authentication token according to a random number in the network-layer authentication parameter [Miller, paragraphs 43-46, figures 6-7]; and 
determining, by the access point, that authentication on the network side is passed if the second authentication token is same as a first authentication token in the network-layer authentication parameter [Miller, paragraphs 43-46, figures 6-7].  

Regarding claim 4, Miller-Minamisawa further discloses
wherein returning, by the access point, the network-layer authentication response message comprising the access points group identifier to the local service center after authentication is passed comprises: determining, by the access point, an authentication response parameter according to a random number in the network-layer authentication parameter, after authentication on the network side is passed [Miller, paragraphs 43-46, figures 6-7]; and 
Minamisawa, paragraph 57 and figure 7] and the authentication response parameter [Miller, paragraphs 43-46, figures 6-7].  

Regarding claim 5, Miller-Minamisawa further discloses
wherein determining, by the access point, that the access point is going to join the access points group, comprises: determining, by the access point, that the access point is going to join the access points group [Minamisawa, paragraph 57 and figure 7], upon satisfying a joining condition [Miller, paragraphs 43-46, figures 6-7]; 
wherein the joining condition comprises a part or all of: 
a new user equipment in a coverage area is detected; or 
an access instruction message sent by the local service center is received [Miller, paragraphs 34, 43-46, figures 6-7].  

Regarding claim 6, Miller-Minamisawa further discloses
wherein the joining condition comprises that the new user equipment in the coverage area is detected [Miller, paragraphs 34, 41-46, figures 6-7]; and 
after the access point determines that the access point is going to join the access points group, and before the access point performs network-layer mutual authentication with the local service center, the method further comprises: sending, by the access point, a Miller, paragraphs 34, 41-46, figures 6-7]; and 
receiving, by the access point, a network-layer authentication request message comprising an access points group identifier corresponding to the access points group [Minamisawa, paragraph 57 and figure 7], and the network-layer authentication parameter [Miller, paragraphs 34, 41-46, figures 6-7].  

Regarding claim 9, Miller-Minamisawa further discloses
receiving, by the access point, a first key and a second key sent by the local service center [Miller, paragraphs 34, 41-46, figures 6-7]; and determining, by the access point, a communication key for encrypted communication with the user equipment according to the first key, and determining a communication key for encrypted communication with another access point [Miller, paragraphs 34, 41-46, figures 6-7] in the access points group [Minamisawa, paragraph 57 and figure 7] according to the second key [Miller, paragraphs 34, 41-46, figures 6-7].  

Regarding claim 10, Miller-Minamisawa further discloses
a method for joining an access points group, the method comprising: performing, by a local service center, network-layer mutual authentication with an access point [Miller, paragraphs 6, 15, 43-44, 50-51, figures 6-8, configuring eNB 30 retrieves operating parameters after successfully authenticating] upon determining that the access point Minamisawa, paragraph 57 and figure 7]; and sending, by the local service center, a network configuration message to the access point upon determining that network-layer mutual authentication is passed, so that the access point is configured according to configuration information in the network configuration message [Miller, paragraphs 6, 15, 43-44, 50-51, figures 6-8, configuring eNB 30 retrieves operating parameters after successfully authenticating].  

Regarding claim 19, Miller-Minamisawa further discloses
an access point, comprising at least one processor and a memory [Miller, paragraph17]; 
wherein the memory is configured to store readable program codes, and the at least one processor is configured to execute the readable program codes to: 
perform network-layer mutual authentication with a local service center [Miller, paragraphs 6, 15, 43-44, 50-51, figures 6-8, configuring eNB 30 retrieves operating parameters after successfully authenticating] upon determining that the access point is going to join an access points group [Minamisawa, paragraph 57 and figure 7]; and 
perform network configuration, upon reception of a network configuration message sent by the local service center, according to configuration information in the network configuration message, wherein the network configuration message is sent by the local service center upon determining that network-layer mutual authentication is passed Miller, paragraphs 6, 15, 43-44, 50-51, figures 6-8, configuring eNB 30 retrieves operating parameters after successfully authenticating].  


Regarding claim 28, Miller-Minamisawa further discloses
a local service center, comprising at least one processor and a memory: 
wherein the memory is configured to store readable program codes, and the at least one processor is configured to execute the readable program codes to perform the method according to claim 10 [Miller, paragraphs 6, 15, 43-44, 50-51, figures 6-8, configuring eNB 30 retrieves operating parameters after successfully authenticating] and  [Minamisawa, paragraph 57 and figure 7].   

Claims 7 and 11-17 are rejected under 35 U.S.C. 103 as being unpatentable over Miller-Minamisawa as applied to claims 5 and 10 above, and further in view of Koyama, (US Publication No. 2001/0027101).
Regarding claim 7, Miller-Minamisawa further discloses
wherein the access instruction message comprises an access points group identifier corresponding to the access points group [Minamisawa, paragraph 57 and figure 7], and a network-layer authentication parameter [Miller, paragraphs 34, 41-46, figures 6-7]. 

Miller-Minamisawa does not specifically disclose, however Koyama teaches
Koyama, paragraph 71, mobile terminal sends registration request to base station which sends request to home station on home network, home network responds back to base station]. 
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to send a request for authentication to the home network when the mobile device is outside the user’s home network and receive authentication from the home network in order to authenticate the user and allow the user to use a network outside the user’s home network securely.

Regarding claim 11, Miller-Minamisawa-Koyama further discloses
wherein performing, by the local service center, network-layer mutual authentication with the access point comprises: performing, by the local service center, network-layer mutual authentication [Miller, paragraphs 6, 15, 43-44, 50-51, figures 6-8] with the access point according to an access points group identifier corresponding to the access points group [Minamisawa, paragraph 57 and figure 7], and a network-layer authentication parameter; wherein the network-layer authentication parameter is obtained by the local service center from a network service center [Koyama, paragraph 71, mobile terminal sends registration request to base station which sends request to home station on home network, home network responds back to base station].  

Regarding claim 12, Miller-Minamisawa-Koyama further discloses

sending, by the local service center, the access points group identifier corresponding to the access points group [Minamisawa, paragraph 57 and figure 7], and the network-layer authentication parameter to the access point so that the access point authenticates a network side according to the access points group identifier and the network-layer authentication parameter [Miller, paragraphs 43-44, 50-51, figures 6-8]; and 
authenticating, by the local service center, the access point according to a network-layer authentication response message comprising the access points group identifier, returned by the access point [Minamisawa, paragraph 57 and figure 7], upon determining that the network-layer authentication response message is received by the local service center [Miller, paragraphs 43-44, 50-51, figures 6-8].  

Regarding claim 13, Miller-Minamisawa-Koyama further discloses
wherein authenticating, by the local service center, the access point according to the network-layer authentication response message comprises: determining, by the local service center, that authentication on the access point is passed, if an authentication response parameter in the network-layer authentication response message is same as an expected response parameter in the network-layer authentication parameter [Miller, paragraphs 43-44, 50-51, figures 6-8].  

Regarding claim 14, Miller-Minamisawa-Koyama further discloses
wherein determining, by the local service center, that the access point is going to join the access points group comprises: determining, by the local service center, that the access point is going to join the access points group, upon reception of a joining request message sent by the access point; and/or  determining, by the local service center, that the access point is going to join the access points group, according to scheduling information [Miller, paragraphs 43-44, 50-51, figures 6-8].  

Regarding claim 15, Miller-Minamisawa-Koyama further discloses
wherein if the local service center determines that the access point is going to join the access points group [Minamisawa, paragraph 57 and figure 7], upon reception of the joining request message sent by the access point, then the local service center sends a network-layer authentication request message comprising the access points group identifier corresponding to the access points group [Minamisawa, paragraph 57 and figure 7], and the network-layer authentication parameter to the access point so that the access point authenticates the network side according to the network-layer authentication request message [Miller, paragraphs 43-44, 50-51, figures 6-8]; and 
if the local service center determines that the access point is going to join the access points group, according to the scheduling information, then the local service center sends an access instruction message comprising the access points group identifier corresponding to the access points group [Minamisawa, paragraph 57 and figure 7], and the network-layer authentication parameter to the access point so that the access Miller, paragraphs 43-44, 50-51, figures 6-8].  

Regarding claim 16, Miller-Minamisawa-Koyama further discloses
wherein the network-layer authentication parameter comprises a temporary key [Miller, paragraphs 34, 41-46, figures 6-7]; and 
after the local service center determines that network-layer mutual authentication is passed, the method further comprises: determining, by the local service center, a first key and a second key corresponding to the access point according to the temporary key, and sending the first key and the second key to the access point, so that the access point determines a communication key for encrypted communication with a user equipment according to the first key, and determines a communication key for encrypted communication with another access point in the access points group according to the second key [Miller, paragraphs 34, 41-46, figures 6-7].  

Regarding claim 17, Miller-Minamisawa-Koyama further discloses
wherein determining, by the local service center, the first key and the second key corresponding to the access point, relative to another access point in the access points group, according to the temporary key comprises: 
determining, by the local service center, an intermediate key corresponding to the access points group according to the temporary key [Miller, paragraphs 34, 41-46, figures 6-7] and the access points group identifier [Minamisawa, paragraph 57 and figure 7]; and   
Miller, paragraphs 34, 41-46, figures 6-7] and the access points group identifier [Minamisawa, paragraph 57 and figure 7].  

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Miller-Minamisawa as applied to claim 1 above, and further in view of Krishnamurthi et al., (US Publication No. 2001/0001089), hereinafter “Krishnamurthi”.

Regarding claim 8, Miller-Minamisawa does not specifically disclose, however Krishnamurthi teaches
wherein the method further comprises: reporting, by the access point, to the local service center a quit from the access points group upon determining that the access point is going to quit the access points group [Krishnamurthi, Abstract]; and 
determining, by the access point, that the access point is going to quit an access points group corresponding to a user equipment comprises: determining, by the access point, that the access point is going to quit the access points group, when no target user equipment is detected in a coverage area, wherein the target user equipment is a user equipment which previously is able to be detected in the coverage area of the access point; and/or determining, by the access point, that the access point is going to quit the access points group, when the access point is going to be powered off [Krishnamurthi, Abstract].  
.

Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Miller-Minamisawa-Koyama as applied to claim 17 above, and further in view of Krishnamurthi.

Regarding claim 18, Miller-Minamisawa-Koyama does not specifically disclose, however Krishnamurthi teaches
wherein after the local service center sends the network configuration message to the access point, the method further comprises: determining, by the local service center, that the access point has quitted an access points group corresponding to a user equipment, and deleting the temporary key, the intermediate key, the first key and the second key, upon reception of a report of the access point that the access point has quitted the access points group corresponding to the user equipment [Krishnamurthi, Abstract].  
It would have been obvious to one having ordinary skill in the art before the effective filing date of the claimed invention to end the association and connection to the access point when the user roam’s out of the current service area into a new service area 


Conclusion

Any inquiry concerning this communication or earlier communications from the examiner should be directed to WILLIAM J GOODCHILD whose telephone number is (571)270-1589.  The examiner can normally be reached on M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeff Pwu can be reached on 571-272-6798.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/William J. Goodchild/Primary Examiner, Art Unit 2433