Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION

Claims 1-20 are pending in this office action.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Sovio et al. (U.S. Patent Pub. No. 2011/0239270).

Regarding claims 1 and 8, Sovio et al. teaches a method, comprising: one or more memories (fig. 9, ref. num 905); and one or more processors communicatively coupled to the one or more memories (fig. 9, ref. num 903); receiving, by a device and from a user equipment (UE), authentication data that includes user information associated with a user of the UE (paragraph 0027); determining, by the device and based on the user information, whether the user is authorized to make requests to a service by an application programming interface (API) (paragraph 0030 and 0062); granting, by the device and based on whether the user is authorized to make requests to the service, access to the user to make requests to the service (paragraph 0064); receiving, by the device and from the UE, a request that is intended for the service, wherein the request relates to an action that is to be performed by the service (paragraph 

Regarding claim 2, Sovio et al. teaches wherein the service is located on a server device that is accessible according to the API (paragraph 0030).

Regarding claim 3, Sovio et al. teaches wherein determining whether the user is authorized to make requests to the service is further based on whether an address associated with the UE corresponds to an address assigned to the user (paragraph 0071).

Regarding claim 4, Sovio et al. teaches wherein determining whether the user is authorized to make requests to the service comprises: determining that the user is not authorized to make requests to the service and determining to deny access to the user to make requests to the service (paragraph 0042).

Regarding claim 5, Sovio et al. teaches wherein the request is received by the device and the response is provided to the UE via a first secure connection between the UE and the device, and wherein the request is provided by the device and the response is received by the service via a second secure connection between the service and the device (paragraph 0089).

claim 6, Sovio et al. teaches wherein determining whether the user has permission to request the action comprises: determining whether a type of the action of the request corresponds to a permissible type of action associated with the user (paragraph 0036).

Regarding claim 7, Sovio et al. teaches wherein determining whether the user has permission to request the action comprises: determining that the user does not have permission to request the action and discarding the request prior to providing the request to the service (paragraph 0042).

Regarding claim 9, Sovio et al. teaches wherein the device is a reverse proxy server associated with the server (paragraph 0022).

Regarding claim 10, Sovio et al. teaches wherein the one or more processors are further to: determine that the request is not formatted for processing by the server; and discard the request prior to providing the request to the server (paragraph 0042).

Regarding claim 11, Sovio et al. teaches wherein the one or more processors, when determining whether the user has permission to request the action, are to: determine that the user does not have permission to request the action and discard the request prior to providing the request to the server (paragraph 0042).

Regarding claim 12, Sovio et al. teaches wherein the request is received from the UE and the response is provided by the device via a first secure connection between the UE and the device, and wherein the request is provided from the device and the response is received by the server via a second secure connection between the device and the server (paragraph 0089).
claim 13, Sovio et al. teaches wherein the request from the UE is encrypted when received, and wherein the one or more processors are further to: perform decryption of the request in order to determine whether the type of the action of the request corresponds to the permissible type of action associated with the user (paragraph 0088).

Regarding claim 14, Sovio et al. teaches wherein the authentication data is a public key certificate (paragraph 0068).

Regarding claim 15, Sovio et al. teaches a non-transitory computer-readable medium storing instructions, the instructions comprising: one or more instructions that, when executed by one or more processors, cause the one or more processors to: receive, from a user equipment (UE) via a first secure connection, a request that is intended for a service, wherein the request relates to an action that is to be performed by the service (paragraph 0027, 0030, and 0062); determine, based on the request, whether a user associated with the UE has permission to request the action (paragraph 0036); provide, via a second secure connection and based on whether the user has permission to request the action, the request to the service (paragraph 0036); receive, from the service via the second secure connection, a response to the request (paragraph 0041); and provide, to the UE via the first secure connection, the response (paragraph 0065).

Regarding claim 16, Sovio et al. teaches wherein the one or more instructions, when executed by the one or more processors, further cause the one or more processors to: determine, before determining whether the user has permission to request the action, whether the request is in accordance with a web services description language associated with the service (paragraph 0022-0023).

claim 17, Sovio et al. teaches wherein the one or more instructions, that cause the one or more processors to determine whether the user has permission to request the action, cause the one or more processors to: determine whether a type of the action of the request corresponds to a permissible type of action associated with the user (paragraph 0076).

Regarding claim 18, Sovio et al. teaches wherein the one or more instructions, that cause the one or more processors to determine whether the user has permission to request the action, cause the one or more processors to: determine that the user does not have permission to request the action and discard the request prior to providing the request to the service (paragraph 0042).

Regarding claim 19, Sovio et al. teaches wherein the service is accessible according to an application programming interface (paragraph 0030).

Regarding claim 20, Sovio et al. teaches wherein the service is a service capability exposure function or a network exposure function of a network (paragraph 0002).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to BRANDON S HOFFMAN whose telephone number is (571)272-3863.  The examiner can normally be reached on Monday-Friday 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/BRANDON S HOFFMAN/Primary Examiner, Art Unit 2433