RESPONSE TO AMENDMENT
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims Status
Claims 1–6, 8–13, 15–17, 19 and 21–23 are pending in this application.
Claims 7, 14, 18 and 20 are canceled.
Claims 21–23 are new.
Claims 1–6, 8–13, 15–17, 19 and 21–23 are rejected.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 7/28/2020 and 10/27/2020 are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.
Response to Arguments
Applicant's arguments filed 10/27/2020 have been fully considered but they are not persuasive.

The Applicant argues that Upp et al. (9,516,620) in view of Cha et al. (2013/0174241) fails to teach the particular limitation of claim 1 where the limitation reads “in response to the first message, receiving, at the UE, a second message that includes the authentication configuration information, wherein the authentication configuration information comprises a public identity assigned by the management server and a private identity assigned by the management server” because step 528 of Fig. 5A of Upp discloses receiving of private and public See Remarks on 10/27/2020 at 6-7.
The Examiner respectfully disagrees. private and public identities of mobile device 102 is indeed relayed to user subscription database 132 at step 528 of Fig. 5A in Upp. However, for purposes of registering, step 534 as shown in Fig. 5B includes message for deregistering “old private and public identities” by notifying using SIP NOTIFY message. Upp at col. 11 ll. 34-41. These identities can, in turn, be used to re-register with IMS 120, and in particular, with CSCF 124 with the same private and public identities using IMS registration techniques. Id. at col. 12 ll. 9-20.

The Applicant further argues that Upp’s disclosure regarding maintenance of private and public identities within the user subscription database 132 in col. 7 ll. 49-67 and col. 8 line 1 does not in fact teach the claim limitations “wherein the authentication configuration information comprises a public identity assigned by the management server and a private identity assigned by the management server.” Remarks at 7-8.
The Examiner must respectfully disagree. The Shared device provisioning server and user subscription database is indeed used to keep records of private and public identities that are associated with a particular user and/or a mobile device as shown in Fig. 5A to 5C of Upp. One of the ways which the “maintained” public identity, such as an IP public identity, may be “pre-provisioned by the operator or services network 130 into each of user subscription database 132…” Upp at col. 9 ll. 2–22. Although maintenance is one functionality, the ability to pre-provision as conducted by an operator is another functionality disclosed by the prior art.
Upp includes the ability to handle private identities the same way. For example, “the private and public identities may be pre-provisioned into Shared Device Provisioning Server 136 by an operator of services network 130.” Upp at col. 8 ll. 11-14.
create the public and private identities as claimed. The act of associating is also encompassed by the claimed language “assigned by the management server”. Upp clearly performs the act of associating of public and private identities as shown in Figs. 5A to 5C.

The Applicant further argues that the office action “fails to cite any passages in Upp teaching or suggesting that the management server sends a public identity and a private identity to the UE as recited in claim 1.” Remarks  at 8. However, at least the claim 1 does not require that management server send a public identity and a private identity to the UE. The relevant claim limitation in claim 1 reads:

“transmitting, from a user equipment (UE) to a first network node, a first message… and the first network node is a management server;
in response to the first message, receiving, at the UE, a second message that includes the authentication configuration information, wherein the authentication configuration information comprises a public identity assigned by the management server and a private identity assigned by the management server;”

Here, UE must transmit to a first network node, where the first network node is a management server; however, the act of receiving at the UE does not impart any limitation regarding the entity from which the message is explicitly sent. Public identity and private identities must be assigned by the management server, but originating messages to be received at the UE from the management server is not claimed in the limitations.

.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5, 8-12, 21 and 22 are rejected under 35 U.S.C. § 103 as being unpatentable over Upp et al. (9,516,620) in view of Cha et al. (2013/0174241).
Regarding claims 1 and 8, Upp substantially teaches a method, comprising:
transmitting, from a user equipment (UE) to a first network node, a first message requesting authentication configuration information (Fig. 1; col. 4 line 38, user 104 has mobile device 102; Fig. 5A; col. 9 ll. 46-67, mobile device 102, after authentication step 510, uses shared service authorization access token to initiate retrieval [via step 516] of its public and private identities as known in the shared device provisioning server 136; see col. 5 ll. 53-60, shared device provisioning server 136 can be an "identity management server"; col. 10 line 4, a particular method of authorization token used includes OAuth 2.0 token),

in response to the first message, receiving, at the UE, a second message that includes the authentication configuration information, wherein the authentication configuration information comprises a public identity assigned by the management server and a private identity assigned by the management server (Fig. 5A, shared device provisioning server 136 can transmit private and public identities of mobile device 102 as well as user's public identity to user subscription database 132; Fig. 5B; col. 12 ll. 9-20, mobile device 102 can register with CSCF [or re-register with CSCF] within the IMS system 120 [Fig. 1] using both the private identity and public identity as known by the mobile device 102; the relevant citation reads "mobile device 102 conveys (542), to IMS 120 and in particular to CSCF 124, a first registration message, for example, a SIP REGISTER message, that includes the mobile device's contact information, that is, the private identity and public identity of mobile device" which appears to suggest that the mobile device has the ability to transmit the authentication configuration information including both the private and the public identities associated with the particular mobile device which was received from either the shared device provisioning server 136 or user subscription database 132 or both),
transmitting, from the UE to a second network node, a third message that includes authentication information based upon the received authentication configuration information, wherein the third message is formatted according to a second protocol, and the third message comprises the public identity and the private identity received in the second message (Fig. 5B; col. 12 ll. 9-20, mobile device 102 can convey to CSCF SIP REGISTER message including both the private and public identities);
receiving, from the second network node, an authentication challenge request that is formatted according to the second protocol; and in response to receiving the authentication challenge request, transmitting an authentication response to the second network node (Fig. 5C; for example, authentication challenge can be completed between CSCF 124 and User 
However, Upp does not explicitly teach wherein the first message is formatted according to a first protocol, and
Cha from the same field of endeavor teaches wherein the first message is formatted according to a first protocol (¶¶77-78, for example, OAuth authentication can use HTTP protocols), and
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon Upp using Cha to use well-known protocols for authenticating using OAuth methods such as the http protocols, as using such known protocol would have resulted in ubiquitous and readily usable implementations of the underlying technology.

Regarding claims 2 and 9, Upp and Cha teach the limitations of claims 1 and 8 respectively. Upp further teaches wherein the first network node performs identity mapping for Mission Critical Push to Talk (MCPTT) users (col. 1 line 40, MCPTT communications as part of IMS telecommunications systems is disclosed; col. 3 ll. 18-39, ability to map public identity of a user to a mobile device to bind a private identity and public identity is disclosed).

Regarding claims 3 and 10, Upp and Cha teach the limitations of claims 1 and 8 respectively. Upp further teaches wherein the second network node comprises a Session Initiation Protocol (SIP) core (col. 5 ll. 4-42, IMS network 120, including the CSCF implementing SIP signaling protocols is disclosed).

Regarding claims 4 and 11, Upp and Cha teach the limitations of claims 1 and 8 respectively. Cha further teaches wherein the first protocol is at least one of a Hypertext Transfer 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon Upp using Cha to use well-known protocols for authenticating using OAuth methods such as the http protocols, as using such known protocol would have resulted in ubiquitous and readily usable implementations of the underlying technology.

Regarding claims 5 and 12, Upp and Cha teach the limitations of claims 1 and 8 respectively. Upp further teaches wherein the second protocol is a Session Initiation Protocol (SIP) (Fig. 5B; col. 12 ll. 9-20, mobile device 102 can convey to CSCF SIP REGISTER message including both the private and public identities).

Regarding claims 21 and 22, Upp and Cha teach the limitations of claims 1 and 8. Upp further teaches wherein the management server is an identity management server or a configuration management server (col. 5 ll. 53-60, shared device provisioning server 136 can be an "identity management server").

Claims 6 and 13 are rejected under 35 U.S.C. § 103 as being unpatentable over Upp et al. (9,516,620) in view of Cha et al. (2013/0174241), and further in view of Leis et al. (2018/0131730).
Regarding claims 6 and 13, Upp and Cha teach the limitations of claims 1 and 8 respectively. However, the combined teachings do not explicitly teach wherein the first message 
Leis from the same field of endeavor teaches wherein the first message comprises a first user identifier (ID) associated with a first Mission Critical Push to Talk (MCPTT) system, and the authentication information comprises a second user ID associated with a second MCPTT system (¶¶57-58, identities handled by the IMS systems can include IMS public user identity as well as MCPTT public user identity; both network identity [IMS public user identity] and application identity [MCPTT public user identity] can be forwarded to MCPTT AS).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon the teachings using Leis to to provide flexibility for an IMS provider in case the provider is not allowed to correlate MCPTT identity with a user and track Public Safety users (Leis at ¶54).

Claims 15, 16, 19 and 23 are rejected under 35 U.S.C. § 103 as being unpatentable over Upp et al. (9,516,620) in view of Leis et al. (2018/0131730).
Regarding claim 15, Upp teaches a method, comprising:
receiving, at a first network node, a first authentication request (Fig. 1; col. 4 line 38, user 104 has mobile device 102; Fig. 5A; col. 9 ll. 46-67, mobile device 102, after authentication step 510, uses shared service authorization access token to initiate retrieval [via step 516] of its public and private identities as known in the shared device provisioning server 136; see col. 5 ll. 53-60, shared device provisioning server 136 can be an "identity management server"; col. 10 line 4, a particular method of authorization token used includes OAuth 2.0 token),
wherein the first authentication request includes a first user identifier (ID) associated with a first Mission Critical Push to Talk (MCPTT) system (col. 1 line 40, MCPTT communications as part of IMS telecommunications systems is disclosed; col. 3 ll. 18-39, ability 
the first network node is a management server (col. 5 ll. 53-60, shared device provisioning server 136 can be an "identity management server");
determining that the first user ID is mapped to a second user ID (col. 1 line 40, MCPTT communications as part of IMS telecommunications systems is disclosed; col. 3 ll. 18-39, ability to map public identity of a user to a mobile device to bind a private identity and public identity is disclosed)
transmitting, from the first network node to a user equipment (UE), authentication configuration information, wherein the authentication configuration information includes the second user ID and a third user ID, the second user ID comprises a private user identity assigned by the management server, and the third user ID comprises a public user identity assigned by the management server (Fig. 5A, shared device provisioning server 136 can transmit private and public identities of mobile device 102 as well as user's public identity to user subscription database 132; Fig. 5B; col. 12 ll. 9-20, mobile device 102 can register with CSCF [or re-register with CSCF] within the IMS system 120 [Fig. 1] using both the private identity and public identity as known by the mobile device 102; the relevant citation reads "mobile device 102 conveys (542), to IMS 120 and in particular to CSCF 124, a first registration message, for example, a SIP REGISTER message, that includes the mobile device's contact information, that is, the private identity and public identity of mobile device" which appears to suggest that the mobile device has the ability to transmit the authentication configuration information including both the private and the public identities associated with the particular mobile device which was received from either the shared device provisioning server 136 or user subscription database 132 or both),

in response to the second authentication request, receiving a first authentication response including an authentication response vector; and in response to receiving the first authentication response, transmitting a second authentication response including the authentication response vector (Fig. 5C; for example, authentication challenge can be completed between CSCF 124 and User subscription database 132 via step 552, making sure that the registration/subscription attempt by the mobile device 102 and CSCF 124 is in fact proper; receipt of the authentication response can be received by the CSCF 124 during step 552, which the response can then be relayed to mobile device 102 via step 554 to perform additional processing).
However, Upp does not explicitly teach that is associated with a second Mission Critical Push to Talk (MCPTT) system;
Leis from the same field of endeavor teaches that is associated with a second Mission Critical Push to Talk (MCPTT) system (¶¶57-58, mapping table between group identity of group and the application identity or identities comprised in the group that binds network identity and application identity per user is disclosed for the MCPTT identities and IMS public user identities; though authentication component is not explicitly disclosed, the reference mentions that the authentication can be performed according to the prior art [i.e. ¶73], indication of obviousness to one ordinarily skilled in the art that the disclosed mapping system would be used for authenticating either or both identities simultaneously);
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon the teachings using Leis to provide flexibility for an IMS 

Regarding claim 16, Upp and Leis teach the limitations of claim 15. Upp further teaches wherein the first network node performs identity mapping for MCPTT users (col. 1 line 40, MCPTT communications as part of IMS telecommunications systems is disclosed; col. 3 ll. 18-39, ability to map public identity of a user to a mobile device to bind a private identity and public identity is disclosed).

Regarding claim 19, Upp and Leis teach the limitations of claim 15. Upp further teaches wherein the authentication response vector is generated based on the second user ID (Fig. 5C; for example, authentication challenge can be completed between CSCF 124 and User subscription database 132 via step 552, making sure that the registration/subscription attempt by the mobile device 102 and CSCF 124 is in fact proper; receipt of the authentication response can be received by the CSCF 124 during step 552, which the response can then be relayed to mobile device 102 via step 554 to perform additional processing; the response can be based on authentication of either or both of public or private identities).

Regarding claim 23, Upp and Leis teach the limitations of claim 15. Upp further teaches wherein the management server is an identity management server or a configuration management server (col. 5 ll. 53-60, shared device provisioning server 136 can be an "identity management server").

Claims 17 are rejected under 35 U.S.C. § 103 as being unpatentable over Upp et al. (9,516,620) in view of Leis et al. (2018/0131730), and further in view of Stojanovski et al. (2016/0344726).

Stojanovski from the same field of endeavor teaches wherein the first network node is part of a common services core (Fig. 2; ¶39, key service management is disclosed).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the invention to improve upon the teachings using Stojanovski to separate functions such as an actual management of authentication parameters such as the key service management so that the processor intensive operations can be parallelized for faster operations.
Conclusion
THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAE KIM whose telephone number is (571)270-0621. The examiner can normally be reached on Monday-Friday 8AM-5PM EST.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kevin Bates can be reached on (571) 272-3980. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/DAE KIM/
Examiner, Art Unit 2458                                                                                                    
/KEVIN T BATES/              Supervisory Patent Examiner, Art Unit 2458