DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
Amendments filed on 11/5/2020 are entered for prosecution. Claims 1-15 remain pending in the application.

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with David A. Grabelsky (Reg. No. 59,208) on 2/12/2021.

The application has been amended as follows: 

1.	(Currently amended) A system for receiving in a mobile communication network information that is encrypted, the system comprising:
- a communication interface; and
- at least one processor configured to:
	maintain a list of one or more devices associated with the system in a memory, wherein for each first device of the list which uses a second device of the list as a relay to the mobile 
	use the communication interface to receive the encrypted information from a given device,
	determine from the list whether the given device is used by a further device as a relay to the mobile communication network,
	use the communication interface to forward the encrypted information to the security endpoint associated with the further device upon determining that the given device is used by the further device as a relay to the mobile communication network and the security endpoint is not the system, and
	decrypt the encrypted information upon determining that the given device is not used by the further device as a relay to the mobile communication network.

2. 	(Currently amended) The system of claim 1, wherein the at least one processor is configured to decrypt the encrypted information upon determining that the given device is used by the further device as a relay to the mobile communication network and the system is associated as the security endpoint with the further device.

3. 	(Previously presented) The system of claim 1, wherein the at least one processor is configured to use the communication interface to connect to a particular second device which is used by a particular first device as a relay, the particular second device previously connecting to a further system, and to record in the list the further system as the security endpoint for the particular first device.

4.	(Previously presented) The system of claim 1, wherein the at least one processor is configured to use the communication interface to receive a notification that a particular first device is 

5.	(Previously presented) The system of claim 1, wherein the at least one processor is configured to use the communication interface to receive information identifying the security endpoint and to record the security endpoint for one or more devices associated with the system in the list.

6.	(Previously presented) The system of claim 5, wherein the security endpoint comprises a serving gateway.

7.	(Previously presented) The system of claim 6, wherein the at least one processor is configured to use the communication interface to receive information identifying a certain serving gateway for further devices that use a particular device as a relay to the mobile communication network from a mobility management function.

8.	(Currently amended) A method of receiving in a mobile communication network information that is encrypted, the method comprising:
- maintaining a list of one or more devices associated with a system of a mobile communication network, wherein for each first device of the list which uses a second device of the list as a relay to the mobile communication network, a relation between the first device and the second device is recorded in the list and a security endpoint is recorded for the first device in the list;
- receiving at the system the encrypted information from a given device;
given device is used by a further device as a relay to the mobile communication network;
- forwarding the encrypted information to the security endpoint associated with the further device upon determining that the given device is used by the further device as a relay to the mobile communication network and the security endpoint is not the system; and
- decrypting the encrypted information upon determining that the given device is not used by the further device as a relay to the mobile communication network.

9. 	(Currently amended) The method of claim 8, further comprising decrypting the encrypted information upon determining that the given device is used by the further device as a relay to the mobile communication network and the system is associated as the security endpoint with the further device.

10. 	(Previously presented) The method of claim 8, further comprising connecting to a particular second device which is used by a particular first device as a relay, the particular second device previously connecting to a further system, and recording in the list the further system as the security endpoint for the particular first device.

11.	(Previously presented) The method of claim 8, further comprising receiving a notification that a particular first device is using or wants to use a particular second device connected to the system as a relay and upon determining that the particular first device previously used a third device as a relay and the third device was connected to a further system, recording in the list the further system as the security endpoint for the particular first device.



13.	(Previously presented) The method of claim 12, wherein the security endpoint comprises a serving gateway.

14.	(Previously presented) The method of claim 13, further comprising receiving information identifying a certain serving gateway for further devices that use a particular device as a relay to the mobile communication network from a mobility management function.

15.	(Currently amended) A non-transitory computer-readable medium having instructions stored thereon for receiving in a mobile communication network information that is encrypted, wherein the instructions, when executed by one or more processors, cause the one or more processors to carry out operations including:
- maintaining a list of one or more devices associated with a system of a mobile communication network, wherein for each first device of the list which uses a second device of the list as a relay to the mobile communication network, a relation between the first device and the second device is recorded in the list and a security endpoint is recorded for the first device in the list;
- receiving at the system the encrypted information from a given device;
- determining from the list whether the given device is used by a further device as a relay to the mobile communication network;
given device is used by the further device as a relay to the mobile communication network and the security endpoint is not the system; and
- decrypting the encrypted information upon determining that the given device is not used by the further device as a relay to the mobile communication network.

Allowable Subject Matter
Claims 1-15 are allowed.

The following is a statement of reasons for the indication of allowable subject matter:  No reasonable combination of prior art references were found to teach or suggest, along with other limitations, “maintaining a list of one or more devices associated with a system of a mobile communication network, wherein for each first device of the list which uses a second device of the list as a relay to the mobile communication network, a relation between the first device and the second device is recorded in the list and a security endpoint is recorded for the first device in the list; 	 receiving at the system the encrypted information from a given device; determining from the list whether the given device is used by a further device as a relay to the mobile communication network; forwarding the encrypted information to a security endpoint associated with the further device upon determining that the given device is used by the further device as a relay to the mobile communication network and the security endpoint is not the system; and decrypting the encrypted information upon determining that the given device is not used by a further device as a relay to the mobile communication network“ as recited in claims 1, 8 and 15. Listed below are the closet arts found:

Bienas et al. (US 20120230244 A1, hereafter Bienas) –  discloses “maintaining a list of one or more devices associated with a system of a mobile communication network, wherein for each first device of the list which uses a second device of the list as a relay to the mobile communication network, a relation between the first device and the second device is recorded in the list” as recited in claims 1, 8 and 15 (Bienas, [0042] The communication device may thus inform one or more communication terminals about the presence of relay communication terminals (for example of the presence of a relaying communication terminal of an opportunistic network and thus of the presence of the opportunistic network). [0043] The communication device 300 may further include a list generation circuit configured to generate a list of other communication devices operating as relay communication devices in the radio cell.). However, Bienas does not disclose “a security endpoint is recorded for the first device in the list, receiving at the system encrypted information from a device; determining from the list whether the given device is used by a further device as a relay to the mobile communication network; forwarding the encrypted information to a security endpoint associated with the further device upon determining that the given device is used by the further device as a relay to the mobile communication network and the security endpoint is not the system; and decrypting the encrypted information upon determining that the given device is not used by a further device as a relay to the mobile communication network” as required by claims 1, 8 and 15.

Agiwal et al. (US 20160205555 A1, hereafter Agiwal) –  discloses “receiving at the system encrypted information from a device; and decrypting the encrypted information upon determining that the given device is not used by a further device as a relay to the mobile communication network” as recited in claims 1, 8 and 15 (Agiwal, [0096] The PEK is then used for decrypting the packets received from the remote UE 702 and also to encrypt the packets is not determined to be used by a further device as a relay. See also Fig.1). However, Agiwal does not disclose “a security endpoint is recorded for the first device in the list, forwarding the encrypted information to a security endpoint associated with the further device upon determining that the given device is used by the further device as a relay to the mobile communication network and the security endpoint is not the system” as required by claims 1, 8 and 15.

Stojanovski et al. (US 20160344726 A1, hereafter Stojanovski) –  discloses “forwarding the encrypted information to a security endpoint associated with the further device” as recited in claims 1, 8 and 15 (Stojanovski, [0072] Relay module 522-3 may be executed by circuitry 520 to act as a TNA node between the network and the second UE to serve as a relay UE for the second UE to the network. Relay module 522-3 may be arranged to receive a first message (e.g., message 530) that includes encrypted critical communication content sent from the network via use of unicast or multicast delivery mode. Relay module 522-3 may also be arranged to send the encrypted critical communication content in a second message (e.g., message 540) over the direct link with the second UE, the second message to be sent from the first UE via use of unicast or multicast delivery modes.). However, Stojanovski does not disclose “a security endpoint is recorded for the first device in the list, the forwarding the encrypted information to a security endpoint associated with the further device is upon determining that the given device is used by the further device as a relay to the mobile communication network and the security endpoint is not the system” as required by claims 1, 8 and 15.

Conclusion
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOO JEONG whose telephone number is (571)272-9617.  The examiner can normally be reached on MON - FRI: 8AM-5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kwang Yao can be reached on (571)272-3182.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/MOO JEONG/
Primary Examiner, Art Unit 2473
2/12/2021