DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The following is a Final Office action in response to communications received on 02/22/2021. 

Response to Amendment
Claims 1-7 have been cancelled.
Claims 8-22 have been newly filed and have been examined. 

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 8-22 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-8 of U.S. Patent No. 10,594,679 in view of US 20150350881 to Weiss et al (hereinafter Weiss). 


U.S. Patent No. 10,594,679
8. (New) A computer system comprising:(a) one or more processors; and (b) one or more non-transitory computer-readable media operatively connected to the one or more processors and having stored thereon instructions that, when executed by the one or more processors, cause the computer system to perform a method of: 







































































(1) receiving, by the computer system from a mobile device, (i) an eUICC identity and (ii) an eUICC public key; (2) generating, by the computer system, an eUICC subscription manager private key and an eUICC subscription manager public key; 












(3) deriving, by the computer system, a profile key using an elliptic curve Diffie Hellman (ECDH) key exchange with the eUICC subscription manager private key and the eUICC public key; 





















(4) encrypting, by the computer system with the profile key, a first portion of an eUICC profile; 



(5) encrypting, by the computer system with a symmetric key, a second portion of the eUICC profile comprising a subscriber identity and a key K, wherein the second portion is distinct from the first portion; 



(6) sending, by the computer system to the mobile device, (i) the encrypted first portion of the eUICC profile and (ii) the encrypted second portion of the eUICC profile; and 
(7) after authenticating a user associated with the mobile device, sending, by the computer system to the mobile device, the symmetric key.




(6) receiving, by the computer system using the subscription manager system from the embedded universal integrated circuit card a fourth message comprising: (A) an eUICC public key corresponding to an eUICC private key stored at the embedded universal integrated circuit card; and (B) a third digital signature which was generated by the embedded universal integrated circuit card using the same digital signature algorithm as stored in the memory operatively connected to the subscription manager; (7) confirming, by the computer system using the subscription manager system, that the third digital signature was signed by the embedded universal integrated circuit card using the digital signature algorithm; 
(8) generating, by the computer system using the subscription manager system, an eUICC subscription manager public key and a corresponding eUICC subscription manager private key, using elliptic curve cryptography; (9) generating, by the computer system using the subscription manager system, a second key that is a mutually derived shared key using Elliptical Curve Diffie-Hellman based on at least: (A) the eUICC public key; and (B) the eUICC subscription manager private key; wherein the mutually derived shared key is configured to be derived by the embedded universal integrated circuit card based on at least: (i) the eUICC private key associated with the eUICC public key; and (ii) the eUICC subscription manager public key associated with the eUICC subscription manager private key; (10) generating, by the computer system using the subscription manager system, a third key that is a profile key using the second key that is the mutually derived shared key; (11) encrypting, by the computer system using the subscription manager system, the profile using: (A) the profile ciphering algorithm; and (B) the third key that is the profile key; 




(14) sending, by the computer system from the subscription manager system to the embedded universal integrated circuit card, the encrypted profile.

(2) recording, by the computer system in the memory operatively connected to the subscription manager system, a profile for the embedded universal integrated circuit card comprising: (A) a key K; and (B) a network module identity, wherein the profile has been encrypted using a first key that is a symmetric key;

(12) authenticating, by the computer system using the subscription manager system, a user associated with the embedded universal integrated circuit card; (13) sending, by the computer system using the subscription manager system to the embedded universal integrated circuit card, the symmetric key, after the user associated with the embedded universal integrated circuit card is authenticated;


U.S. Patent No. 10,594,679 teaches encrypting the eUICC profile with the symmetric key but does not explicitly teach: encrypting, by the computer system with the profile key, a first portion of an eUICC profile; (5) encrypting, by the computer system with a symmetric key, a second portion of the eUICC profile comprising a subscriber identity and a key K, wherein the second portion is distinct from the first portion. However, Weiss teaches: 
encrypting, by the computer system with the profile key, a first portion of an eUICC profile; (5) encrypting, by the computer system with a symmetric key, a second portion of the eUICC profile comprising a subscriber identity and a key K, wherein the second portion is distinct from the first portion (Weiss: [0058] In step 10 of FIG. 2 the subscription management server 42 requests from the subscription provisioning server 44 the hardware specific portion of the subscription profile SUB selected by the user of the mobile terminal 12 in step S9 of FIG. 2. The subscription provisioning server 44 compiles and preferably encrypts this hardware related data using the secure element key Kse, comprising in particular at least parts of a secure element operating system OS and/or one or more applications APPS that depend upon the hardware configuration HWconf of the secure element 20 and/or the new operating system OS thereof. [0056]: The network specific portion of the subscription profile SUB refers to any components of the subscription profile that are related to the details of the PLMN 30 (or a different PLMN associated with the subscription profile SUB) and preferably comprises subscription credentials (referred to in FIG. 2 as subscription credentials CREDS), such as an International Mobile Subscriber Identity (IMSI) and/or an authentication key Ki. [0060] Preferably, the subscription management server 42 encrypts the network specific portion of the subscription profile SUB including the subscription credentials CREDS using the configuration key Kconf.).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Weiss in the invention of U.S. Patent No. 10,594,679 to include the above limitations. The motivation to do so would be to provide the secure element of a mobile terminal over-the-air with a subscription profile (Weiss: [0005]).


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 8, 12, 13, 15, 17-20 and 22 are rejected under 35 U.S.C. 103 as being unpatentable over US 20150350881 to Weiss et al (hereinafter Weiss), US 20140235210 to Park et al (hereinafter Park), US 20140082358 to Nakhjiri et al (hereinafter Nakhjiri) and US 7957532 to Chen et al (hereinafter Chen).
As per claim 8, Weiss teaches:
A computer system comprising: 
(a) one or more processors; and (b) one or more non-transitory computer-readable media operatively connected to the one or more processors and having stored thereon instructions that, when executed by the one or more processors (Fig. 1 and [0040]: the mobile terminal 12 can communicate via the PLMN 30 with the subscription management server 42 and the subscription provisioning server 44 that are part of the subscription management backend system 40. It was well known to one of ordinary skill in the art before the filing date of the claimed invention that a server comprises of processors and memory), cause the computer system to perform a method of: 
(1) receiving, by the computer system from a mobile device, (i) an eUICC identity (Weiss: [0032] According to preferred embodiments of the invention the secure element 20 is configured as an eUICC or UICC with a SIM application running thereon, i.e. a secure element that can be mounted in the mobile terminal 12. [0037]: an identification element IDse for uniquely identifying the secure element 20. The identification element IDse could be, for instance, the ICCID (integrated circuit card identity) of the secure element 20. [0047] In step S5 of FIG. 2 the identification element IDse of the secure element 20 stored within the first portion 26a of the memory 26 of the secure element 20 is sent preferably together with the hardware configuration HWconf determined in step S3 and the session key Kses created in step S4 of FIG. 2 to the subscription management server 42);
(4) encrypting, by the computer system with the profile key, a first portion of an eUICC profile (Weiss: [0058] In step 10 of FIG. 2 the subscription management server 42 requests from the subscription provisioning server 44 the hardware specific portion of the subscription profile SUB selected by the user of the mobile terminal 12 in step S9 of FIG. 2. The subscription provisioning server 44 compiles and preferably encrypts this hardware related data using the secure element key Kse, comprising in particular at least parts of a secure element operating system OS and/or one or more applications APPS that depend upon the hardware configuration HWconf of the secure element 20 and/or the new operating system OS thereof); 
(5) encrypting, by the computer system with a symmetric key, a second portion of the eUICC profile comprising a subscriber identity and a key K, wherein the second portion is distinct from the first portion (Weiss: [0056]: The network specific portion of the subscription profile SUB refers to any components of the subscription profile that are related to the details of the PLMN 30 (or a different PLMN associated with the subscription profile SUB) and preferably comprises subscription credentials (referred to in FIG. 2 as subscription credentials CREDS), such as an International Mobile Subscriber Identity (IMSI) and/or an authentication key Ki. [0060] Preferably, the subscription management server 42 encrypts the network specific portion of the subscription profile SUB including the subscription credentials CREDS using the configuration key Kconf.); 
(6) sending, by the computer system to the mobile device, (i) the encrypted first portion of the eUICC profile and (ii) the encrypted second portion of the eUICC profile (Weiss: [0059] The subscription management server 42 preferably concatenates the encrypted data elements provided by the subscription provisioning server 44 in step S10 of FIG. 2, i.e. ENC(OS||CS(OS), Kse) and ENC(APPS||CS(APPS), Kse), with the network specific portion of the subscription profile SUB provided by the subscription management server 42 or the database 43 in communication therewith. [0061] Preferably, the message M resulting from the concatenation of the encrypted data elements, …, is, in turn, encrypted by the subscription management server 42 using the session key Kses. [0063] In step S11 of FIG. 2 the subscription management server 42 transmits the encrypted version of the message M to the secure element 20 via the mobile terminal 12); 
Weiss teaches encrypting the first portion of the eUICC profile with key Kse but does not teach: (1) receiving, by the computer system from a mobile device, (ii) an eUICC public key; (2) generating, by the computer system, an eUICC subscription manager private key and an eUICC subscription manager public key; (3) deriving, by the computer system, a profile key using an elliptic curve Diffie Hellman (ECDH) key exchange with the eUICC subscription manager private key and the eUICC public key; and (7) after authenticating a user associated with the mobile device, sending, by the computer system to the mobile device, the symmetric key. However, Park teaches:
(1) receiving, by the computer system from a mobile device, (ii) an eUICC public key (Park: [0090] In the provisioning procedure, an eUICC may transmit an activation request including device identification information (such as IMEI, etc.) and eUICC identification information (such as eICCid, etc.) to an MNO (at S310). Then, a request of an eUICC status and request/confirmation of a technical capability control are performed (at S320). [0091] Also, although not illustrated in FIG. 3, a step, in which the eUICC provides its public key (PK) to a corresponding MNO system or a SM-SR, may be included in the step S320). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Park in the invention of Weiss to include the above limitation. The motivation to do so would be to provide a method of provisioning performed in an embedded universal integrated circuit card (eUICC) (Park: [0014]).
Weiss in view of Park does not teach the rest of the limitations. However, Nakhjiri teaches:
(2) generating, by the computer system, an eUICC subscription manager private key and an eUICC subscription manager public key (Nakhjiri: [0033]: As part of this process the SM-DP generates its own ECC private, public key pair (denoted MNO_ECC_PVKOP and MNO_ECC_PLKOP, respectively)); 
(3) deriving, by the computer system, a profile key using an elliptic curve Diffie Hellman (ECDH) key exchange with the eUICC subscription manager private key and the eUICC public key (Nakhjiri: [0033] To be able to establish a profile encryption key (PEK) using ECC, a key agreement exchange may take place between the MNO SM-DP and each UICC. One example of a key exchange algorithm that may be employed is a Diffie-Hellman exchange (ECDH) algorithm. The SM-DP will then use its own ECC private key (MNO_ECC_PVKOP) and the UICC public key (MNO_ECC_PLKDEV), which is provided by the public key list from UICC manufacturer or vender, to perform a local ECDH key agreement 410 and create the PEK 430 from a shared ECDH secret 420);
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Nakhjiri in the invention of Weiss in view of Park to include the above limitations. The motivation to do so would be to perform a symmetric key encryption process to encrypt the profile for the UICC (Nakhjiri: [0033]).
Wiess in view of Park and Nakhjiri does not teach: (7) after authenticating a user associated with the mobile device, sending, by the computer system to the mobile device, the symmetric key. However, Chen teaches:
(7) after authenticating a user associated with the mobile device, sending, by the computer system to the mobile device, the symmetric key (Chen: column 13, lines 13-17 and 35-53: Thus, process 600 may begin by obtaining a user-entered password at the mobile device (task 602). Eventually, the mobile device communicates the password (or data indicative of the password) to the key server for authentication of the user. In this regard, the key server may extract the password from the authentication request message and process the password to determine its validity. If the key server authenticates the user (query task 614), then the key server will transmit one or more keys to the mobile device (task 618). A transmitted key may be, for example, a decryption key such as KEYdatauser).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Chen in the invention of Weiss in view of Park and Nakhjiri to include the above limitations. The motivation to do so would be so that the data key is communicated to the mobile device on an as-needed basis, and the data key is not permanently stored by the mobile device, thus protecting the encrypted information even if the mobile device is lost or stolen (Chen: column 1, line 50-54).

As per claim 12, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the computer system performs step (5) before step (4) (Weiss: [0060] Preferably, the subscription management server 42 encrypts the network specific portion of the subscription profile SUB including the subscription credentials CREDS using the configuration key Kconf. [0058]: The subscription provisioning server 44 compiles and preferably encrypts this hardware related data using the secure element key Kse, comprising in particular at least parts of a secure element operating system OS and/or one or more applications APPS that depend upon the hardware configuration HWconf of the secure element 20 and/or the new operating system OS thereof).

As per claim 13, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the computer system communicates with the mobile device using a wireless network comprising a collection of base stations and licensed radio spectrum (Weiss: [0033] As already mentioned above, the mobile terminal 12 is configured to communicate via the air interface (or radio link) with a cellular communications network or public land mobile network (PLMN) 30, preferably operated by a mobile network operator (MNO) according to the GSM standard, as well as other mobile terminals connected therewith. [0034] As is well known to the person skilled in the art, a PLMN configured according to the GSM standard generally comprises a base station subsystem consisting of one or more base transceiver stations that define respective cells of the PLMN and are connected to a base station controller).

As per claim 15, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the eUICC profile comprises the first portion and the second portion (Weiss: [0056] According to the present invention the selected subscription profile SUB generally includes a hardware specific portion as well as a cellular communications network specific portion), and wherein the eUICC profile is sent as datagrams using transport layer security (TLS) (Chen: column 9, lines 5-7: For example, SSL/TSL could be used to secure communication link 204).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Chen in the invention of Weiss in view of Park and Nakhjiri to include the above limitations. The motivation to do so would be provide added protection (Chen: column 9, lines 3-4).

As per claim 17, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the subscriber identity comprises an International Mobile Subscriber Identity (IMSI) (Weiss: [0056]: The network specific portion of the subscription profile SUB refers to any components of the subscription profile that are related to the details of the PLMN 30 (or a different PLMN associated with the subscription profile SUB) and preferably comprises subscription credentials (referred to in FIG. 2 as subscription credentials CREDS), such as an International Mobile Subscriber Identity (IMSI) and/or an authentication key Ki).

As per claim 18, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the mobile device comprises at least one of a wireless handset, a cellular phone, a smartphone, a tablet computer, a laptop, a tracking device, and a circuit board with a radio (Weiss: [0024]: Preferably, the mobile terminal is implemented in form of a smart phone, a tablet PC, a notebook, a PDA, or the like).

As per claim 19, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the method further comprises sending, by the computer system, the symmetric key before sending the encrypted second portion of the eUICC profile (Chen: column 13, lines 35-53: If the key server authenticates the user (query task 614), then the key server will transmit one or more keys to the mobile device (task 618). A transmitted key may be, for example, a decryption key such as KEYdatauser. Sending the decryption key prior to sending the encrypted data was well known to one of ordinary skill in the art before the filing date of the claimed invention).

As per claim 20, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the computer system authenticates the user by (i) storing identification information for the user in a database, and (ii) verifying the identification information received from the user (Chen: column 13, lines 13-17 and 35-53: Thus, process 600 may begin by obtaining a user-entered password at the mobile device (task 602). Eventually, the mobile device communicates the password (or data indicative of the password) to the key server for authentication of the user. In this regard, the key server may extract the password from the authentication request message and process the password to determine its validity. Using a database to store user identification information such as passwords and verifying validity of the extracted password based on the identification information stored in the database was well known to one of ordinary skill in the art before the filing date of the claimed invention).

As per claim 22, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, wherein the mobile device (i) downloads the eUICC subscription manager public key and (ii) mutually derives the profile key using the ECDH key exchange with the eUICC subscription manager public key and an eUICC private key (Nakhjiri: [0034]: The UICC then creates the PEK to perform decryption. To create the PEK, the UICC uses the device ECC private key for this particular MNO (MNO_ECC_PVKDEV) and the MNO ECC public key (MNO_ECC_PLKOP) to perform a local DH key agreement process 520. As discussed above in connection with FIG. 3, the UICC can obtain the MNO ECC public key (MNO_ECC_PLKOP) from the MNO along with the encrypted data. [0035] The local ECDH key agreement process 520 creates the PEK 530 from a shared ECDH secret 540).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Nakhjiri in the invention of Weiss in view of Park to include the above limitations. The motivation to do so would be to perform a symmetric key decryption process 560 to decrypt the profile (Nakhjiri: [0035]).

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Weiss in view of Park, Nakhjiri and Chen as applied to claim 8 above, and further in view of US 20120263298 to Suh et al (hereinafter Suh).
As per claim 9, Weiss in view of Park, Nakhjiri and Chen teaches:
The computer system of claim 8, further comprising in step (6), sending, by the computer system, a plaintext for a profile identity, wherein the eUICC profile comprises (i) the encrypted first portion, (ii) the plaintext, and (iii) the encrypted second portion (Weiss: [0056] According to the present invention the selected subscription profile SUB generally includes a hardware specific portion as well as a cellular communications network specific portion. [0059] The subscription management server 42 preferably concatenates the encrypted data elements provided by the subscription provisioning server 44 in step S10 of FIG. 2, i.e. ENC(OS||CS(OS), Kse) and ENC(APPS||CS(APPS), Kse), with the network specific portion of the subscription profile SUB provided by the subscription management server 42 or the database 43 in communication therewith. [0060] Preferably, the subscription management server 42 encrypts the network specific portion of the subscription profile SUB including the subscription credentials CREDS using the configuration key Kconf).
Weiss in view of Park, Nakhjiri and Chen does not teach: sending, by the computer system, a plaintext for a profile identity, wherein the eUICC profile comprises (ii) the plaintext. However, Suh teaches:
sending, by the computer system, a plaintext for a profile identity, wherein the eUICC profile comprises (ii) the plaintext (Suh: [0011]: the MME for receiving an International Mobile Subscriber Identity (IMSI) and a security-related profile through a Home Subscriber Server (HSS), and transmitting an information provision response message including a Machine Identity (MID), the encrypted index of the security key, the IMSI, and the profile, to the UE. Also, [0068]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Suh in the invention of Weiss in view of Park, Nakhjiri and Chen to include the above limitations. The motivation to do so would be to provide a method and system in which a UE sets its subscriber information appropriate for a specific operator and a related security key to securely and efficiently support communication with a network in a process where the UE performs machine-type communication or communicates with the network in an evolved mobile communication system, including 3GPP EPS, which supports the NAS protocol and other security-related protocols (Suh: [0007]). 

Claims 10 and 11 rejected under 35 U.S.C. 103 as being unpatentable over Weiss in view of Park, Nakhjiri and Chen as applied to claim 8 above, and further in view of US 20080107083 to Shirota et al (hereinafter Shirota).
As per claim 10, Weiss in view of Park, Nakhjiri and Chen does not teach: wherein the first portion includes network parameters, and wherein the network parameters comprise a list of numbers associated with a wireless network. However, Shirota teaches: 
wherein the first portion includes network parameters, and wherein the network parameters comprise a list of numbers associated with a wireless network (Shirota: [0092]: an A10 connection can be established when the terminal powers on, and if authentication of the terminal is successful, terminal profile information is conveyed and an IP address is assigned to the terminal. Terminal profile information for reaching the dormant terminal is created. The terminal profile information may comprise NIDS Reachability Information (NRI) that comprises at least one of a wireless terminal Network Access Identifier (NAI), wireless terminal IP address, a PCF address, an Access Network ID (ANID), and a wireless terminal ID (MSID)).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Shirota in the invention of Weiss in view of Park, Nakhjiri and Chen to include the above limitations. The motivation to do so would be to conserve network resources in a network that can provide a push data service and that initiates such push data services by communicating push data to a dormant terminal (Shirota: [0053]).

As per claim 11, Weiss in view of Park, Nakhjiri and Chen does not teach: wherein the first portion includes network parameters, and wherein the network parameters comprise identification information for a wireless network. However, Shirota teaches:
wherein the first portion includes network parameters, and wherein the network parameters comprise identification information for a wireless network (Shirota: [0092]: an A10 connection can be established when the terminal powers on, and if authentication of the terminal is successful, terminal profile information is conveyed and an IP address is assigned to the terminal. Terminal profile information for reaching the dormant terminal is created. The terminal profile information may comprise NIDS Reachability Information (NRI) that comprises at least one of a wireless terminal Network Access Identifier (NAI), wireless terminal IP address, a PCF address, an Access Network ID (ANID), and a wireless terminal ID (MSID). The PCF address is an IP address of the Packet Control Function (PCF) that uniquely identifies a PCF. The Access Network ID (ANID) uniquely identifies a PCF serving area).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Shirota in the invention of Weiss in view of Park, Nakhjiri and Chen to include the above limitations. The motivation to do so would be to conserve network resources in a network that can provide a push data service and that initiates such push data services by communicating push data to a dormant terminal (Shirota: [0053]).

Claims 14 and 21 rejected under 35 U.S.C. 103 as being unpatentable over Weiss in view of Park, Nakhjiri and Chen as applied to claim 8 above, and further in view of US 20130165075 to Rishy-Maharaj et al (hereinafter Maharaj).
As per claim 14, Weiss in view of Park, Nakhjiri and Chen does not teach: wherein the method further comprises receiving, by the computer system, a response value for authenticating the mobile device, wherein the response value is generated using the key K. However, Maharaj teaches:
wherein the method further comprises receiving, by the computer system, a response value for authenticating the mobile device, wherein the response value is generated using the key K (Maharaj: [0119]: Then the operator may generate a random number ("RAND") and signs it with the K associated with the IMSI computing a first signed response number ("SRES_1"). The operator network may send the RAND to the wireless device 102 or the SIM 124 of wireless device 102. The wireless device 102 or the SIM 124 may sign the RAND with a K producing a second signed response ("SRES_2") that is sent back to the local mobile server systems 106 with an encryption key).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Maharaj in the invention of Weiss in view of Park, Nakhjiri and Chen to include the above limitations. The motivation to do so would be to grant the wireless device access upon transmitting valid credentials on an account with a current subscription or that has sufficient funds or credits for use (Maharaj: [0119]).

As per claim 21, Weiss in view of Park, Nakhjiri, Chen and Maharaj teaches:
The computer system of claim 14, wherein the computer system generates the response value for an authentication vector with the key K (Maharaj: [0119]: Then the operator may generate a random number ("RAND") and signs it with the K associated with the IMSI computing a first signed response number ("SRES_1"). The operator network may send the RAND to the wireless device 102 or the SIM 124 of wireless device 102. The wireless device 102 or the SIM 124 may sign the RAND with a K producing a second signed response ("SRES_2") that is sent back to the local mobile server systems 106 with an encryption key. The local mobile server systems 106 compare the SRES_1 and SRES_2 received to information stored, and if the SER_1 and SER_2 are determined to be authentic, the wireless device 102 and/or its SIM 124 are authenticated).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Maharaj in the invention of Weiss in view of Park, Nakhjiri and Chen to include the above limitations. The motivation to do so would be to grant the wireless device access upon transmitting valid credentials on an account with a current subscription or that has sufficient funds or credits for use (Maharaj: [0119]).

Claim 16 is ejected under 35 U.S.C. 103 as being unpatentable over Weiss in view of Park, Nakhjiri and Chen as applied to claim 8 above, and further in view of Applied Cryptography by Bruce Schneier (hereinafter Schneier).
As per claim 16, Weiss in view of Park, Nakhjiri and Chen teaches sending the symmetric key to the mobile device but does not teach: wherein the method further comprises sending, by the computer system to the mobile device, a ciphertext for the symmetric key, wherein the computer system generates the ciphertext using at least the eUICC public key. However, Schneier teaches:
wherein the method further comprises sending, by the computer system to the mobile device, a ciphertext for the symmetric key, wherein the computer system generates the ciphertext using at least the eUICC public key (Page 52: Key Exchange with Public-Key Cryptography: (1) Alice gets Bob’s public key from the KDC. (2) Alice generates a random session key, encrypts it using Bob’s public key, and sends it to Bob. (3) Bob then decrypts Alice’s message using his private key).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to employ the teachings of Maharaj in the invention of Weiss in view of Park, Nakhjiri and Chen to include the above limitations. The motivation to do so would be to enable Alice to send a secure message to Bob even if he has never heard of her (Schneier: page 52: Exchange with Public-Key Cryptography).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure: 
Secure Profile Provisioning Architecture for Embedded UICC by Park et al: Embedded UICC (eUICC) is a new form of UICC, soldered into a device during manufacturing. On the contrary to the traditional UICC, the eUICC is not fully controlled by one specific MNO (Mobile Network Operator) since not removable physically from the device and not issued by the MNO. Thus, the profiles necessary for its operations should be provisioned remotely into the eUICC by new entity. For this remote provisioning, SM (Subscription Manager) is newly introduced by the standardization organization. However, this new ecosystem around eUICCs can cause tremendous security issues unless thorough consideration of security is accompanied during the standardization because the profiles usually include the security-sensitive information. In this paper, a novel secure profile provisioning architecture for eUICCs is proposed. Our architecture mainly defines the overall architecture of the secure profile provisioning for eUICCs.
	

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MADHURI R HERZOG whose telephone number is (571)270-3359.  The examiner can normally be reached on 8:30AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


MADHURI R. HERZOG
Primary Examiner
Art Unit 2438



/MADHURI R HERZOG/Primary Examiner, Art Unit 2438