Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s claims filed on 25 March 2019. Claims 1-26 remain pending. 

Information Disclosure Statement
4.	The Information Disclosure Statements respectfully submitted on 14 June 2019 and 01 October 2020 have been considered by the Examiner.

Claim Objections
5.	Claims 1 and 7 are objected to because of the following informalities:  Claims 1 and 7 recites an inactive memory. The memory should be recited for “storing executable instructions or instructions that cause the processor to perform steps…”. Appropriate correction is required.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 

Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform 
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –




Claims 1-16 and 18-26 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Liu et al. (Pub No. 2017/0195318).
Referring to the rejection of claim 1, Liu et al. discloses an apparatus, comprising: 
a memory; (See para. 48)
and a processor coupled to the memory, the processor configured to: (See para. 48)
receive an identity public key from an identity device, wherein the identity public key is received in response to providing, to the identity device, a request to modify content of the identity device; (See para. 92)
encrypt data corresponding to subscriber information using the identity public key; (See para. 92)
provide, to the identity device, the encrypted data to store the data in the identity device; (See para. 92)
and access a network operated by a network operator via the data stored in the identity device. (See para. 92)
Referring to the rejection of claim 2, Liu et al. discloses wherein the processor is configured to: receive, from a server operated by the network operator, a device secret along with the data corresponding to the subscriber information; (See para. 131-132)

and provide, to the identity device, the subscriber public key, wherein an identity of the apparatus is verified based at least on the subscriber public key. (See para. 131-132)
Referring to the rejection of claim 3, Liu et al. discloses wherein the identity public key is received from the identity device in response to the apparatus being verified based on the subscriber public key. (See para. 82-83)
Referring to the rejection of claim 4, Liu et al. discloses wherein the network operator is a first network operator, and wherein the request to modify the content of the identity device comprises at least one of: a request to switch a network operator from a second network operator to the first network operator; and request to add the first network operator. (See para. 58 and 99)
Referring to the rejection of claim 5, Liu et al. discloses wherein the subscriber information provided to the identity device comprises at least one of: an international mobile subscriber identity (IMSI); an international mobile equipment identity (IMEI); a personal identification number (PIN); a personal unblocking code (PUC); a personal unblocking key (PUK); and an authentication key. (See para. 110)

Referring to the rejection of claim 7, Liu et al. discloses an apparatus, comprising: 
a memory; (See para. 48)
and a processor coupled to the memory, the processor configured to: (See para. 48)
generate an identity public key and an identity private key in response receiving, from a subscriber device, a request to modify content of the memory; (See para. 108)
provide the identity public key to the subscriber device; (See para. 108)
receive, in response to providing the identity public key, data from the subscriber device, wherein the received data are encrypted, by the subscriber device, using the identity public key; (See para. 108)
decrypt the received data using the identity private key; (See para. 108)
and modify, based on the decrypted data, the content of the memory. (See para. 108)
Referring to the rejection of claim 8, Liu et al. discloses wherein a subscriber public key is received, from the subscriber device, along with the request to modify the content of the processor, and wherein the processor is configured to: verify, prior to generating identity public key and the identity private key, an identity of the subscriber device based at least on the subscriber public key; and generate, in response to 
Referring to the rejection of claim 9, Liu et al. discloses wherein the processor is configured to discard, in response to the subscriber device not being verified, the data received from the subscriber device. (See para. 227)
Referring to the rejection of claim 10, Liu et al. discloses wherein the processor is configured to: receive, from the subscriber device, a subscriber public identification and a subscriber certificate along with the subscriber public key; (See para. 83)
and compare, to verify the identity of the subscriber device, the subscriber public key to an output of a decryption component, wherein the subscriber public identification, the subscriber certificate, and the subscriber public key are input into the decryption component. (See para. 83 and 89)
Referring to the rejection of claim 11, Liu et al. discloses wherein the decryption component comprises a first decryptor and a second decryptor, and wherein: the subscriber public key and the subscriber certificate are input into the subscriber decryptor; and an output of the first decryptor and the subscriber public key are input into the second decryptor, wherein an output of the second decryptor is compared to the subscriber public key. (See para. 135-136)



Referring to the rejection of claim 13, Liu et al. discloses a method, comprising:
verifying, in response to receiving a request to modify content of an identity device and a subscriber public key from a subscriber device, an identity of the subscriber device based at least on the subscriber public key; (See para. 82-83)
generating, in response to verifying the identity of the subscriber device, an identity public key and an identity private key; (See para. 83-84)
receiving, in response to providing the identity public key to the subscriber device, data corresponding to subscriber information that are encrypted based on the identity public key; (See para. 84 and 86)
modifying, in response to decrypting the data using the identity private key, the content of the identity device based on the decrypted subscriber information. (See para. 89)
Referring to the rejection of claim 14, Liu et al. discloses wherein modifying the content of the identity device based on the decrypted subscriber information comprises: adding, to the identity device, a network operator associated with the decrypted subscriber information such that a network operated by the network operator is accessed, by the subscriber device, using the decrypted subscriber information stored 
Referring to the rejection of claim 15, Liu et al. discloses wherein the decrypted subscriber information corresponds to first network operator, and wherein modifying the content of the identity device based on the decrypted subscriber information comprises: switching a network operator from a second network operator to the first network operator. (See para. 58 and 99)
Referring to the rejection of claim 16, Liu et al. discloses wherein switching the network operator from the second network operator to the first network operator comprises deleting subscriber information associated with the second network operator and previously stored in the identity device. (See para. 62)
Referring to the rejection of claim 18, Liu et al. discloses further comprising not generating the identity public key and the identity private key in response to the subscriber device not being verified. (See para. 227)
Referring to the rejection of claim 19, Liu et al. discloses a system, comprising: 
a subscriber device configured to receive, from a server operated by a network operator, data corresponding to subscriber information; (See para. 92 and 111)
and a subscriber identity module (SIM) in communication wirelessly with the subscriber device, the SIM configured to: (See para. 92)

provide, in response to verifying an identity of the subscriber device, an identity public key to the subscriber device, wherein the identity of the subscriber device is verified based on the received subscriber public key; (See para. 82-83)
wherein the subscriber device is configured to: encrypt the data corresponding to the subscriber information based on the identity public key; (See para. 83-84)
provide, to the SIM, the encrypted data; (See para. 84 and 86)
wherein the SIM is configured to decrypt the data corresponding to the subscriber information such that the subscriber device is configured to access a network operated by the network operator via the subscriber information stored in the SIM. (See para. 89)
Referring to the rejection of claim 20, Liu et al. discloses wherein: the subscriber device is configured to: generate a subscriber public identification and a subscriber certificate along with the subscriber public key; (See para. 82-83)
and provide, to the SIM, the subscriber public identification, the subscriber certificate, and the subscriber public key; (See para. 92)
and the SIM is configured to perform, to verify the identity of the subscriber device, a comparison among the subscriber public identification, the subscriber certificate, and the subscriber public key. (See para. 96)


Referring to the rejection of claim 22, Liu et al. discloses wherein the SIM is configured to provide, back to the subscriber device, the identity public identification, the identity certificate, and the identity public key. (See para. 96)
Referring to the rejection of claim 23, Liu et al. discloses wherein the subscriber device comprises an asymmetric identification generator, and wherein the subscriber device is configured to: generate a private subscriber identification along with the public subscriber identification using the asymmetric identification generator. (See para. 91)
Referring to the rejection of claim 24, Liu et al. discloses wherein the subscriber device comprises an asymmetric key generator, and wherein the subscriber device is configured to: generate a subscriber private key along with the subscriber public key using the asymmetric key generator. (See para. 91 and 114)
Referring to the rejection of claim 25, Liu et al. discloses wherein the SIM is configured to: generate an identity private key along with the identity public key based on a device secret of the SIM; (See para. 131-132) and provide the identity public key to the subscriber device; (See para. 131-132) wherein the subscriber device is configured 
Referring to the rejection of claim 26, Liu et al. discloses wherein the subscriber device is further configured to encrypt, using the identity public key, and provide data corresponding to at least one of: contact information stored in the subscriber device; and information associated with text message. (See para. 83 and 79)

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Liu et al. (Pub No. 2017/0195318) in view of Mattoon (Implementing DICE). Liu et al. discloses the invention as disclosed above, however, Liu et al. does not explicitly disclose encrypting and decrypting subscriber information using a device identification composition engine (DICE)-robust internet of thing (RIOT) protocol. 
Mattoon discloses a publication for implementing platforms and devices that incorporates DICE technologies for device identity and attestation using the DICE-RIOT reference code.
Referring to the rejection of claim 17, Mattoon discloses further comprising encrypting and decrypting the subscriber information using a device identification composition engine (DICE)-robust internet of thing (RIOT) protocol. (See pages 1-9)
Therefore, it would have been obvious before the effective filing date of the invention, to combine Liu et al.’s method and system for automatic wireless network authentication in an internet of things (IoT) system modified with Mattoon’s publication for implementing platforms and devices that incorporates DICE technologies for device identity and attestation using the DICE-RIOT reference code. Motivation for such an implementation would enable a secure protocol for encryption/decryption using the DICE-RIOT for creating secret keys and derived secrets to enable security features that can be used by devices for authentication and attestation. (See Mattoon, page, 1)



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Chase Snyder (Five Reasons You Need to Decrypt Traffic for SecOps Analysis) discloses the benefits of utilizing various encryption and/or decryption protocols for implementing a more secure protocol on open network traffic.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871.  The examiner can normally be reached on IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private 






/COURTNEY D FIELDS/Examiner, Art Unit 2436                                                                                                                                                                                                        May 29, 2021

/KENDALL DOLLY/Primary Examiner, Art Unit 2436