DETAILED ACTION

Currently pending claims are 1 – 19.


Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1 – 6, 8, 10 – 16 & 19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Merrien et al. (FOR – EP 2-461-613).  

As per claim 1, 10 & 11, Merrien teaches a method for securing credentials utilized by serverless functions, comprising: 
removing a first set of credentials from a serverless function, wherein the at least one first set of credentials is used to access a service (Merrien: Col. 1 Line 10 – 17, Co. 48 – 56, Col. 2 Line 35 – 48, Col. 5 Line 23 – 29, Col. 13 Line 11 – 14, Col. 3 Line 13 – 15 and Col. 2 Line 49 – 55: see below):
(a) a typical compute-typer service including “serverless code execution service” that can be implemented within a provider network by applications executed within a smart device of mobile terminals constitutes a serverless function; accordingly 
(b) a functional entity of a targeted secure element (SE) associated with a mobile terminal, such as an UICC (Universal Integrated Circuit Card) in a format of a smart card / security chip, that performs network authentication, security checking with an installed (entire) SIM application that contains personal data, secrets for a user banking account of e-banking mobile services (Col. 13 Line 11 – 14)) is qualified as one type of serverless functions (Merrien: Col. 2 Line 10 – 17 & Col. 3 Line 13 – 15); 
(c) when the SE (service element) moves from a 1st terminal (e.g. an exising (old) terminal) to a 2nd terminsl (e.g. a new terminal), the credentails (namely, the 1st set of credentials) is removed from the 1st terminal since the smart card of the secure element (SE) has been removed and is now inserted into the 2nd terminal (Merrien: see above & Col. 2 Line 3 – 7); 
(d) please note: a 1st terminal can also be a 2nd terminal (i.e. a same terminal) because Merrien discloses the SE (secure element) design has been be improved from fixed (soldered) into a removable part and thus the removed SE can be inserted back into a same 2nd terminal w.r.t. the 1st terminal as needed (Col. 2 Line 49 – 55); and 
replacing, in a request for the service, a second set of credentials with the first set of credentials, wherein the request is intercepted in-line between the serverless function and the service (Merrien: see above & Para [0010]: when the mobile user issues a request for an e-banking service from the 2nd terminal, the credentials, (e.g.) entry code (PIN) as a part of 2nd set of credentials of the 2nd terminal to authenticate himself for mobile operations (Col. 3 Line 22 – 25), is replaced with the retrieved 1st set of credentials (see above) w.r.t. the intended e-banking service request beause the original credentials will still have access to the user’s existing e-banking credentials (Merrien: see above & Col. 2 Line 5 – 7). 

As per claim(s) 2, 5 – 6, 12 and 16, the claims contain(s) similar limitations to claim(s) 1 and thus is/are rejected with the same rationale.

As per claim 3 and 13, Merrien teaches wherein authentication to the service succeeds when the authentication uses the first set of credentials (Merrien: see above & Col. 2 Line 5 – 7: beause the original credentials (i.e. the 1st set of credentials) will still have access to the user’s existing contacts and credentials), wherein authentication to the service fails when the authentication uses the second set of credentials (see above: any credentials other than the 1st set of credentials (including any of NULL, compromised, mismatched or non-appropriate credentails) constitutes a second set of credentials would fail the authentication).  

As per claim 4 and 14, Merrien teaches storing the first set of credentials in a credentials vault, wherein the serverless function is executed in a computing environment, wherein the credentials vault is deployed (stored) outside of the computing environment (Merrien: see above & Col. 3 Line 22 – 25 and Col. 4 Line 26 – 30: the credentials is stored in a secure vault of a distant (remote) site outside of the secure element (SE)).  

As per claim 8, Merrien teaches causing a software package to be loaded by the serverless function, wherein the loaded software package is configured to remove the first set of credentials (Merrien: see above & Col. 3 Line 11 – 15 and Col. 2 Line 5 – 7: a packaged SIM (software package) is download into the targeted secure elemet (SE) and the credentails (i.e. 1st set of credentials) is removed from the exising (old) terminal since the smart card of the secure element (SE) is moved (transferred) into a new mobile terminal).  

As per claim 15 and 19, Merrien teaches to retrieve the first set of credentials from the credentials vault when the request for the service is intercepted (Merrien: see above & Col. 3 Line 22 – 25, Col. 4 Line 26 – 30 and Col. 2 Line 5 – 7: (a) the credentials is stored in a secure vault of a distant (remote) site and (b) the first set of credentials is retrieved from the credentials vault beause the original credentials will still have access to the user’s existing contacts, credentials and etc., when the smart card of the secure element (SE) is moved (transferred) into a new mobile terminal (Merrien: Col. 2 Line 5 – 7)).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 7, 9 & 17 – 18 are rejected under 35 U.S.C.103 as being unpatentable over Merrien et al. (FOR – EP 2-461-613), in view of Stickle et al. (U.S. Patent 10,873,601).  

As per claim 7 and 17, Stickle (& Merrien) teaches wherein the second set of credentials authenticates to a honeypot service, wherein the honeypot service returns false service data in response to the request (Merrien: see above) || (Stickle: Col. 2 Line 51 – 55 and Col. 15 Line 52 – 56: a decoy (honeypot) service data plane returns false service data in response to the request to mimic legitimate data / resources so that a malicious attacker is lured into a system analysis process for analyzing the motivation of the attacker w.r.t. the target computing device).
It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention was made to propose the modification to authenticate credentials to a honeypot service, wherein the honeypot service returns false service data in response to the request because Stickle teaches to effectively and securely provide a decoy (honeypot) service data plane returns false service data in response to the request to mimic legitimate data / resources so that a malicious attacker is lured into a system analysis process to analyze the motivation of the attacker w.r.t. the target computing device (see above) within the Merrien’s system of authenticating a user terminal device during a transfer of the content of a secure element from an old terminal device to a new terminal device to manage malicious attacks from the network (see above).

As per claim 9 and 18, Stickle (& Merrien) teaches modifying the serverless function at runtime, wherein the modified serverless function is controlled to remove the first set of credentials (Stickle: see above & Col. 22 Line 4 – 11: a serverless service code can be executed only when needed (i.e. service on-demand as one type of modified versions of serverless functions)) || (Merrien: see above & Para [0010]: the 1st set of credentials is removed from the exising (old) terminal since the smart card of the secure element (SE) is moved (transferred) into a new mobile terminal).  See the same rationale of combination applied herein as above in rejecting the claim 7.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to LONGBIT CHAI whose telephone number is (571)272-3788.  The examiner can normally be reached on Monday - Friday 9:00am-5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lynn D. Feild can be reached on 571-272-2092.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.




Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




---------------------------------------------------
                  /Longbit Chai/
           Longbit Chai E.E. Ph.D.
    Primary Examiner, Art Unit 2431
                   No. #2297 – 2021
---------------------------------------------------