DETAILED ACTION

1.           This office action is a response to the Application/Control Number: 16/288,121 filed 02/28/2019.

Claims Status
2.	This office action is based upon claims received on 05/05/2021, which replace all prior or other submitted versions of the claims.
	- Claims 5-6 and 12-13 are canceled.
-Claims 1-4, 7-11, 14 are pending.

Notice of Pre-AIA  or AIA  Status
3.            The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Priority
4.            Acknowledgment is made of a continuation of PCT/CN2017/080375 filed 04/13/2017.

5.            Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d).  Receipt is acknowledged of certified copies of papers submitted under 35 U.S.C. 119(a)-(d), which papers have been placed of record in the file.

Statement of Substance of Interview
“whether the Diameter request message is received through a roaming interface comprises:” in claim 2 and claim 9, to the roaming interface. 
The Examiner’s amendment also includes corrections to drawing FIG. 6 as noted in the Examiner’s amendment’s section below.
Applicant's attorney/representative Fei Shen, (Reg. No. 68,520) approved the changes referenced herein via Examiner's amendment during follow-up calls with examiner on May 21, 2021 and May 22, 2021.

Examiner’s Amendment
7.	An examiner's amendment to the record appears below. Should the changes and/oradditions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR1.312. To ensure consideration of such an amendment, it MUST be submitted no later than thepayment of the issue fee. 
	Pursuant to the Examiner initiated interview conducted on May/12/ 2020 and further followed up on May 21, 2021 and May 22, 2021, Applicant's attorney/representative Applicant's 

8.	The following changes to the drawings have been approved by the examiner and agreed upon by applicant: In FIG. 6 of applicant’s drawing filed 02/28/2019, label 607 is corrected/amended now to 606, and label 606 is corrected/amended now to 607. In order to avoid abandonment of the application, applicant must make these above agreed upon drawing changes. NOTE:  Accordingly, applicant has made the agreed upon changes and submits the corrected drawing as part of the examiner amendment as noted – See replacement sheet for FIG. 6 supplied by applicant in attachment to the Examiner Initiated Interview Summary and also referenced below.

    PNG
    media_image1.png
    884
    627
    media_image1.png
    Greyscale


    PNG
    media_image2.png
    877
    627
    media_image2.png
    Greyscale


9. 	The application has been amended in Claims 1, 2, 8, 9, 11, 14, to incorporate further amendments (shown below as underlined) to applicant’s amendments submitted on 05/05/2021. The claims as amended via examiners amendment are as follows below, and this listing of claims will replace all prior versions, and listings of claims in the application.
Listing of Claims:
1. (Currently Amended) A signaling attack prevention method, wherein the method comprises:
receiving, by a receiving node, Diameter request message sent by a mobility management entity (MME) or a serving general packet radio service (GPRS) support node (SGSN);
determining whether the Diameter request message is received through a roaming interface, wherein the roaming interface is an interface between the receiving node, [[ ]]and[[,]] the MME or the GPRS SGSN such that the receiving node and, [[or ]]the MME, or  the GPRS SGSN belong to different operators;
when the Diameter request message is received from the roaming interface, determining whether a characteristic parameter of the Diameter request message is valid; and
if the characteristic parameter of the Diameter request message is invalid, discarding the Diameter request message or returning, to the MME or the SGSN, a Diameter response message carrying an error code; and, wherein the characteristic parameter comprises a visited public land mobile network (PLMN) ID and a mobility management entity origin realm name; and, wherein [[
]]determining whether the characteristic parameter of the Diameter request message is valid comprises:
determining whether the visited PLMN ID belongs to a preset visited PLMN ID set; and
determining whether the mobility management entity origin realm name belongs to a preset mobility management entity origin realm name set; and, wherein
when the visited PLMN ID does not belong to the preset visited PLMN ID set, determining that the visited PLMN ID in the Diameter request message is invalid; and
when the mobility management entity origin realm name does not belong to the preset mobility management entity origin realm name set, determining that the mobility management entity origin realm name in the Diameter request message is invalid; and, wherein
determined to be valid, before [[the ]]discarding the Diameter request message, [[ ]]or returning, to the MME or the SGSN, a Diameter response message carrying an error code, the method further comprises: determining whether the mobility management entity origin realm name matches the visited PLMN ID; and
when the mobility management entity origin realm name does not match the visited PLMN ID, performing , or returning, to the MME, a Diameter response message carrying an error code.
2. (Currently Amended) The method according to claim 1, wherein the characteristic parameter comprises a source Internet Protocol (IP) address of the MME or the SGSN; and
determining whether the Diameter request message is received through the roaming interface comprises:
determining whether the source IP address, and an IP address of a home subscriber server (HSS) or an edge node that receives the Diameter request message belong to a same network segment; and 
when the source IP address, and the IP address of the HSS or the edge node that receives the Diameter request message do not belong to a same network segment, determining that the Diameter request message is received from the roaming interface; or
determining whether the source IP address belongs to an IP address set authorized by an operator to which an HSS or an edge node belongs; and when the source IP address does not belong to the IP address set authorized by the operator to which the HSS or the edge node belongs, determining that the Diameter request message is received from the roaming interface.
3. (Canceled)
4. (Original) The method according to claim 1, wherein the characteristic parameter comprises a mobility management entity origin host name; and, wherein
determining whether the characteristic parameter of the Diameter request message is valid comprises:
determining whether the mobility management entity origin host name belongs to a preset mobility management entity origin host name set; and

5 - 6. (Canceled)
7. (Previously Presented) The method according to claim 1, wherein determining whether the mobility management entity origin realm name matches the visited PLMN ID comprises:
determining whether the mobility management entity origin realm name and the visited PLMN ID have a mapping relationship in a mapping set of preset peer parameters, wherein the preset peer parameters comprise the mobility management entity origin realm name and the visited PLMN ID; and
when the mobility management entity origin realm name and the visited PLMN ID have no mapping relationship in the mapping set of the preset peer parameters, determining that the mobility management entity origin realm name does not match the visited PLMN ID.
8. (Currently Amended) A signaling attack prevention apparatus, wherein the apparatus comprises:
a receiver, configured to receive a Diameter request message sent by a mobility management entity (MME) or a serving general packet radio service (GPRS) support node (SGSN); and
a processor configured to:
determine whether the Diameter request message is received through a roaming interface, wherein the roaming interface is an interface between the signaling attack prevention apparatus[[ ]], and[[,]] the MME or the GPRS SGSN such that the signaling attack prevention apparatus and, [[or ]]the MME or the GPRS SGSN belong to  different operators;
when the Diameter request message is received from the roaming interface, determine whether a characteristic parameter of the Diameter request message is valid; and
if the characteristic parameter of the Diameter request message is invalid, discarding the Diameter request message or returning, to the MME or the SGSN, a Diameter response message carrying an error code; and, wherein the characteristic parameter comprises a visited public land mobile network (PLMN) ID and a mobility management entity origin realm name; and, wherein [[
]]determining whether the characteristic parameter of the Diameter request message is valid comprises:
determining whether the visited PLMN ID belongs to a preset visited PLMN ID set; and
determining whether the mobility management entity origin realm name belongs to a preset mobility management entity origin realm name set; and, wherein
when the visited PLMN ID does not belong to the preset visited PLMN ID set, determining that the visited PLMN ID in the Diameter request message is invalid; and
when the mobility management entity origin realm name does not belong to the preset mobility management entity origin realm name set, determining that the mobility management entity origin realm name in the Diameter request message is invalid; and, wherein
when the mobility management entity origin realm name and the visited PLMN ID are determined to be valid, before [[the ]]discarding the Diameter request message, [[ ]]or returning, to the MME or the SGSN, a Diameter response message carrying an error code, the processor is further configured to: determine whether the mobility management entity origin realm name matches the visited PLMN ID; and
when the mobility management entity origin realm name does not match the visited PLMN ID, perform , or return, to the MME, a Diameter response message carrying an error code.
9. (Currently Amended) The apparatus according to claim 8, wherein the characteristic parameter comprises a source Internet Protocol (IP) address of the MME or the SGSN; and
determining, by the processor  the roaming interface comprises: determining whether the source IP address， and an IP address of a home subscriber server (HSS) or an edge node that receives the Diameter request message belong to a same network segment; and 
when the source IP address and the IP address of the HSS or the edge node that receives the Diameter request message do not belong to a same network segment, determining that the Diameter request message is received from the roaming interface; or
determining whether the source IP address belongs to an IP address set authorized by an operator to which the HSS or the edge node belongs; and when the source IP address does not belong to the IP address set authorized by the operator to which the HSS or the edge node belongs, determining that the Diameter request message is received from the roaming interface.
10. (Canceled) 

determining, by the processor 
determining whether the mobility management entity origin host name belongs to a preset mobility management entity origin host name set; and
when the mobility management entity origin host name does not belong to the preset mobility management entity origin host name set, determining that the mobility management entity origin host name in the Diameter request message is invalid.
12 – 13. (Canceled)
14. (Currently Amended) The apparatus according to claim 8, wherein determining, by the processor 
determining whether the mobility management entity origin realm name and the visited PLMN ID have a mapping relationship in a mapping set of preset peer parameters, wherein the preset peer parameters comprise the mobility management entity origin realm name and the visited PLMN ID; and
when the mobility management entity origin realm name and the visited PLMN ID have no mapping relationship in the mapping set of the preset peer parameters, determining that the mobility management entity origin realm name does not match the visited PLMN ID.

Information Disclosure Statement
10.            The information disclosure statement (IDS) submitted on 05/16/2021 is/are in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.


Response to Remarks/Arguments
Remarks, Arguments have been acknowledged.

12.	Applicant's remarks & arguments, see page 8, filed on 05/05/2021, with respect to Claim Interpretation have been fully considered and acknowledged, and noted for the record, as furthermore reflected in applicant’s amendments to the claims submitted 05/05/2021 which are further amended via examiners amendment.

13.	Applicant's remarks & arguments, see page 8-9, filed on 05/05/2021, with respect to Claim Reiections - 35 USC§ 112, have been fully considered and are persuasive in consideration of applicant’s amendment(s) of independent claims 1, 8, and Claims 2, 9, and as amended via examiners amendment.  The 35 USC§ 112 rejections of Claim 1, 2, 8, 9 and dependent claims 3-7,10-14 as applicable, have been withdrawn. 

14.	Applicant's remarks & arguments, see page 9, filed on 05/05/2021, with respect to Claim Reiections - 35 USC§ 103 have been fully considered and are persuasive in consideration of applicant’s amendment(s) of independent claims 1 and 8 as well as further amendments incorporated by applicant via examiner’s amendment.  The rejections of Claims 1-4, 7-11, 14 as applicable, have been withdrawn in light of applicant’s amendments, as noted.
The allowable subject matter is set forth below according to the amended claims (see Office Action).

Allowable Subject Matter
s 1 and 8 (renumbered 1 and 5), and via dependency Claims 2, 4, 7, 9, 11, 14 (renumbered 2-4 and 6-8), are allowed.
The following is an examiner's statement of reasons for allowance: A search has been performed and no priori art search has been found that solely, or in any reasonable combination, reads on the claims as recited, ie.,
For Claim 1, in conjunction with other noted and recited Claim 1 limitations:  
and, wherein
when the mobility management entity origin realm name and the visited PLMN ID are determined to be valid, before [[the ]]discarding the Diameter request message, [[ ]]or returning, to the MME or the SGSN, a Diameter response message carrying an error code, the method further comprises: determining whether the mobility management entity origin realm name matches the visited PLMN ID; and
when the mobility management entity origin realm name does not match the visited PLMN ID, performing , or returning, to the MME, a Diameter response message carrying an error code.

For Claim 8 (renumbered 5), in conjunction with other noted and recited Claim 8 (renumbered 5) limitations:
and, wherein
when the mobility management entity origin realm name and the visited PLMN ID are determined to be valid, before [[the ]]discarding the Diameter request message, [[ ]]or returning, to the MME or the SGSN, a Diameter response message carrying an error code, the processor is further configured to: determine whether the mobility management entity origin realm name matches the visited PLMN ID; and
when the mobility management entity origin realm name does not match the visited PLMN ID, perform , or return, to the MME, a Diameter response message carrying an error code.

16.	The closest prior art found, is as follows:
(a) Mann et. al (US-20140068748-A1), which is directed generally to providing a firewall in DIAMETER networks including receiving a DIAMETER message, determining that the  DIAMETER message is not trusted, and rejecting the DIAMETER message, and discloses: 
a DIAMETER node or edge agent with a DIAMETER firewall module, that can apply filtering or determine rule based policy based upon Peer identity designating roaming partner, such that when a diameter request is from Roaming Partner, and an application identifier matches, then the firewall rejects the request and may send an error message, and if an application identifier does not match, the firewall may allow all diameter request messages (¶0017, ¶0018, FIG. 2 & ¶0025, FIG. 3 & ¶0026 ) ; 

(b) Jiang et. al. (US-20140378129-A1), which is directed towards to a method and system for redirecting roaming traffic to preferred operators across multiple telecommunication networks, involving observation of a registration process of a subscriber in a visited network, and discloses: 
 An MME that sends a diameter request message to NTR module, where furthermore NTR is a Traffic steering module that applies rules on received diameter messages or rejects, and sends a Diameter UL Answer that results in an error code (FIG. 1 & ¶0020-¶0022 , FIG. 5 & ¶0030);

(c) McCann et. al. (US-20110116382-A1), which is directed towards to methods and systems for communications in a Diameter network, particularly for providing a Diameter signaling router with integrated monitoring functionality, and discloses: 
A Diameter Router which receives diameter messages from an MME, performing firewall functions on the basis of diameter parameter including Visited -PLMN-Id, whereby if a received diameter message satisfies a relevant firewall policy such as determined by an IMSI value and/or other information including identified Visited -PLMN-Id, messages are routed towards an appropriate destination, and if a received Diameter message fails to satisfy a relevant firewall policy such as determined by an IMSI value and/or other information including Visited -PLMN-Id, diameter router performs mitigating actions on messages such as discarding or issuing an error response message (FIG.7 & ¶0089, ¶0093, ¶0094, ¶0097, ¶0099, ¶ 0100); 

(d) Carames et. al. (US-9060263-B1), which is directed towards to techniques and equipment to control the areas within a roaming LTE network in which an inbound roaming user can gain LTE data roaming services, and authenticating a mobile station subscribed to a home network, in a visited network, and discloses:
A device is authenticated on a visited network via the exchange of diameter messages between the visited diameter edge agent and the home diameter edge agent, wherein the authentication information includes an Origin Host, an Origin Realm, underlying MCC/MNC information, and determining device authorization is based upon this information (FIG. 3, Col 6 (lines 45-67), Col 7 (lines 1-4), Col 8 (lines 16-21), Col 8 (lines 62-67), Col 9 (lines 1-3)).
17.	However, none of these references, taken alone or in any reasonable combination, teach the independent claims as recited in conjunction with other limitations recited in the independent claims, and thus the claims are allowed over the prior art of record. 


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MALICK A SOHRAB whose telephone number is (571)272-4347.  The examiner can normally be reached on Mo - Fri 9:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Edan Orgad can be reached on (571) 272-7884.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.







/EDAN ORGAD/Supervisory Patent Examiner, Art Unit 2414