DETAILED ACTION
This office action is in response to the correspondence filed on 12/10/2020. This application is a 371 National Stage of PCT/EP2019/064682 that has a foreign application EP18178316.8 filed 06/05/2019. Claims 1-17 are pending and are examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 

Priority
Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d). Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55.


Information Disclosure Statement
The information disclosure statement (IDS) was submitted on 12/10/2020. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Claim Objections
Claim 15 is objected to under 37 CFR 1.75(c) as being in improper form because a multiple dependent claim should refer to other claims in the alternative only.  See MPEP § 608.01(n).  


Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5, 8-10, and 12-17 are rejected under 35 U.S.C. 103 as being unpatentable over Yu (US Pub No. 2021/0243600 A1, referred to as Yu), in view of Smith et al. (US Pub No. 2012/0017271 A1, referred to as Smith).
Regarding claim 1, Yu discloses,
1. (Currently Amended) A method for setting up access authorization for a subscriber device to access a subnetwork of a mobile radio network, wherein the subnetwork is administered by way of a mobile radio administration device and the access authorization for the subscriber device to access the subnetwork is checked by way of an access device of the mobile radio network, wherein
requesting access authorization to access the subnetwork from a local administration device in the case of the mobile radio administration device for the subscriber device… (Yu: [0006]; UE (a local administration device) sends request information for accessing a network slice (subnetwork).)
Yu does not explicitly disclose, however Smith teaches,
…assigning a subnetwork authorization token to the subscriber device by the mobile radio administration device and is to the transmitted the subscriber device, and (Smith: [0022]; the Ticket Granting Server (mobile radio administration device) sends a ticket (token) to authentication client 120 (subscriber device).)
communicating such an association to a subnetwork access server wherein the subscriber device is authorized to access the subnetwork only when the subnetwork authorization token is transmitted to the subnetwork in the event of an access request from the subscriber device and is confirmed as valid by the subnetwork access server or by an authorization server. (Smith: [0022]; authentication client 120 contacts the Service Server (subnetwork access server), and using this ticket proves that it has been approved to receive the service. [0034]; if access is permitted, a response in the form of a service ticket is issued by the ticket granting server (TGS) of domain controller 170 (an authorization server) to authentication client 120.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings Smith of into the teachings of Yu with a motivation to mitigate security risk and avoid potential attacks from using conventional authentication methods by using Kerberos protocol to access platform resources (Smith abstract and [0003-0004]).


Regarding claim 2, the combination of Yu and Smith discloses, 
	2. (Currently Amended) The method as claimed in claim 1, 
Yu further discloses,
	wherein the subscriber device is authorized to access the subnetwork only when the subscriber device is additionally authorized by the access device to access the mobile radio network. (Yu: [0010]; a security management entity (access device) of the network slice corresponding to the SliceID performs authentication with the UE to implement access of the UE to the network slice.)
	

Regarding claim 3, the combination of Yu and Smith discloses, 
	3. (Currently Amended) The method as claimed in claim 1, wherein, 
Yu further discloses,
the subnetwork access server is set up when a subnetwork is set up, and the subnetwork authorization … is associated with a subnetwork; in particular a subnetwork identifier of the subnetwork, in the subnetwork access server. (Yu: [0010]; a security management entity (the subnetwork access server) of the network slice corresponding to the SliceID (subnetwork identifier)                                                                                                                                                                            performs authentication with the UE to implement access of the UE to the network slice.)
Yu does not explicitly disclose, however Smith teaches,
...token (Smith: [0022]; ticket (token) for domain-authenticated control of platform resources.)
The same motivation that was utilized for combining Yu and Smith as set forth in claim 1 is equally applicable to claim 3.


Regarding claim 4, the combination of Yu and Smith discloses, 
4. (Currently Amended) The method as claimed in claim 1, 
Yu does not explicitly disclose, however Smith teaches,
wherein access to the subnetwork for the subscriber device is authorized only when the association between the subnetwork authorization token and the subnetwork is confirmed. (Smith: [0022]; authentication client 120 contacts the Service Server (access the subnetwork), and using this ticket proves that it has been approved to receive the service (the ticket is only associated for that service).)
The same motivation that was utilized for combining Yu and Smith as set forth in claim 1 is equally applicable to claim 4.


Regarding claim 5, the combination of Yu and Smith discloses, 
5. (Currently Amended) The method as claimed in claim 4, 
Yu further discloses,
wherein the association is determined by querying the subnetwork access server. (Yu: [0010]; the user subscription data management entity determines authentication information of the UE according to the user identity information, searches for corresponding network slice identity information (SliceID) according to the SliceID, and sends the authentication information to a security management entity (the subnetwork access server) of the network slice corresponding to the SliceID to enable the security management entity to perform authentication with the UE to implement access of the UE to the network slice (security management entity can be queried by being sent the authentication information and it can then perform authentication for the network slice).)


Regarding claim 8, the combination of Yu and Smith discloses, 
Yu does not explicitly disclose, however Smith teaches,
8. (Currently Amended) The method as claimed in claim 1, 
Yu does not explicitly disclose, however Smith teaches,
wherein the subnetwork authorization token contains at least one parameter that needs to be met in order to gain access authorization to access the subnetwork. (Smith: [0022]; authentication client 120 then contacts the Ticket Granting Server of KDC 171, and using the ticket it demonstrates its identity and asks for a service. If authentication client 120 is eligible for the service (one parameter), then the Ticket Granting Server sends another ticket to authentication client 120.)
The same motivation that was utilized for combining Yu and Smith as set forth in claim 1 is equally applicable to claim 8.


Regarding claim 9, the combination of Yu and Smith discloses, 
9. (Currently Amended) The method as claimed in claim 1 
Yu does not explicitly disclose, however Smith teaches,
wherein the subnetwork authorization token is stored on an internal memory of the subscriber device. (Smith: [0022]; the Ticket Granting Server sends a ticket (token) to authentication client 120 (subscriber device). [0072]; memory to store.)
The same motivation that was utilized for combining Yu and Smith as set forth in claim 1 is equally applicable to claim 9.


Regarding claim 10, the combination of Yu and Smith discloses, 
10. (Currently Amended) The method as claimed in claim 1, 
Yu does not explicitly disclose, however Smith teaches,
wherein the subnetwork authorization token is stored on a security module, wherein the security module is connected detachably to the subscriber device and is stored in the security functions of the mobile radio network, in particular a subscriber identity module of the mobile radio network. (Smith: [0022]; the Ticket Granting Server sends a ticket (token) to authentication client 120 (subscriber device). [0072], [0074]; memory to store (various choices of storage can be used).)
The same motivation that was utilized for combining Yu and Smith as set forth in claim 1 is equally applicable to claim 10.


Regarding claim 12, the combination of Yu and Smith discloses, 
12. (Currently Amended) The method as claimed in claim 1, 
Yu further discloses,
wherein the mobile radio network is designed in accordance with a fifth-generation mobile radio standard of the Third Generation Partnership Project. (Yu: [0002]; 5G network architecture.)

Regarding claim 13, the combination of Yu and Smith discloses, 
13. (Currently Amended) The method as claimed in claim 1, 
Yu does not explicitly disclose, however Smith teaches,
wherein the mobile radio network and in particular the mobile radio administration device is administered by a mobile radio network operator, and  (Smith: [0022]; the Ticket Granting Server (mobile radio administration device)) the subnetwork and the local administration device is administered by a subnetwork operator, and (Smith: [0022]; authentication client 120 (local administration device) the Service Server (subnetwork access server).)
wherein the mobile radio network operator is different from the subnetwork operator. (Smith: see mapping before and it is obvious that different components can be used to implement different functions. Yu also has components that can be used to do some of these functions.)
The same motivation that was utilized for combining Yu and Smith as set forth in claim 1 is equally applicable to claim 13.

Claims 14-17 are rejected under the same reasoning as claims 1 and 3.
Claims 14-17 has system and device that participate in the same steps as claim 1 and claim 15 has additional limitation that is the same as claim 3 above, therefore, they are rejected under the same reasoning as stated above.


Claim 7 is rejected under 35 U.S.C. 103 as being unpatentable over Yu, in view of Smith, further in view of Gleim et al. (US Pub No. 2011/0119743 A1, referred to as Gleim).
Regarding claim 7, the combination of Yu and Smith discloses, 
7. (Currently Amended) The method as claimed in claim 1
Yu does not explicitly disclose, however Gleim teaches,
wherein the subnetwork authorization token is received by the subscriber device via a data communication connection or via a near-field communication connection or by scanning an optical code or via a manual input unit. (Gleim: [0027]; tickets can be exchanged using Near-Field Retrieval device.)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings of Gleim into the combination of Yu and Smith with a .


Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over Yu, in view of Smith, further in view of Nam et al. (US Pub No. 2014/0115126 A1, referred to as Nam).
Regarding claim 11, the combination of Yu and Smith discloses, 
11. (Currently Amended) The method as claimed in claim 1,
Yu does not explicitly disclose, however Nam teaches,
wherein the subnetwork is a control network of an industrial installation, and is used to transmit control communication to a control server outside the subnetwork. (Nam: [0019]; a system for controlling networks in which pieces of heterogeneous network equipment inter-work, including: a control device configured to manage the network equipment by domain, classify a physical network to which network equipment is connected into a plurality of virtual networks by slice and manage the same, and control an operation of each piece of network equipment (networks are known to communicate with each other and can send control commands).)
It would have been obvious to one ordinary skill in the art before the effective filing date of the claimed invention to implement the teachings of Nam into the combination of Yu and Smith with a motivation to allow innovation of a fast networking technique by providing a system for controlling and verifying a network having advantages of reliably verifying a network operating in an environment in which heterogeneous equipment inter-work through an open interface (Nam: [0007] and [0009]).


Allowable Subject Matter
Claim 6 is objected to as being dependent upon rejected base claims, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is an examiner’s statement of reasons for allowance: 
Although prior arts Yu, Smith, Gleim and Nam above disclose all the limitations of the prior claims (see rejections above), none of the prior arts of record alone or in combination discloses information regarding the association between the subnetwork authorization token and the subnetwork is transmitted from the subnetwork access server to an authorization server of the mobile radio network and the association is determined by querying the authorization server as described in the claim.
At the effective filing date of the application, the above limitations would not have been obvious over the prior arts of record. 


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The listed references disclose relevant inventions of authentication methods of accessing communication systems.
Bae; Beomsik et al. (US 20180007552 A1) 
Hjelm; Johan et al. (US 20130143524 A1) 
Schanze et al. (US 7024692 B1) 
Please see PTO-892. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to KA SHAN CHOY whose telephone number is (571) 272-1569.  The examiner can normally be reached on MON - FRI: 9AM-5:30PM EST Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Joseph Hirl can be reached on (571) 272-3685.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/KA SHAN CHOY/Examiner, Art Unit 2435 

/JOSEPH P HIRL/Supervisory Patent Examiner, Art Unit 2435