DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Priority
Should applicant desire to obtain the benefit of foreign priority under 35 U.S.C. 119(a)-(d) prior to declaration of an interference, a certified English translation of the foreign application must be submitted in reply to this action.  37 CFR 41.154(b) and 41.202(e).
Failure to provide a certified translation may result in no benefit being accorded for the non-English application.
Examiner’s Note: the Examiner has pointed out particular references contained in the prior art of record within the body of this action for the convenience of the Applicant.  Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply.  "The use of patents as references is not limited to what the patentees describe as their own inventions or to the problems with which they are concerned. They are part of the literature of the art, relevant for all they contain." In re Heck, 699 F.2d 1331, 1332-33,216 USPQ 1038, 1039 (Fed. Cir. 1983) (quoting In re Lemelson, 397 F.2d 1006, 1009, 158 USPQ 275,277 (CCPA 1968)). A reference may be relied upon for all that it would have reasonably suggested to one having ordinary skill the art, including nonpreferred embodiments (see MPEP 2123).  Therefore, Applicant, in preparing the response, must fully consider the entire disclosure of the cited references 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1-10, 12, 16-22 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Bae et al (20180007552).
Regarding claim 1, Bae et al discloses, a method for accessing a network slice (fig. 1-18), comprising: 
sending, by User Equipment (UE/terminal, fig. 1-18), request information for accessing a network slice (the terminal may transmit at least one connection request message to the core network to access at least one network slice, ¶ 0125), 
wherein the request information contains user identity information (UE capability) and temporary network slice identity information (temporary network slice identifier) (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073, a user's 
by the UE, performing access authentication with the network slice, and in case of successful authentication, accessing the network slice (¶ 0133, the terminal receiving the RRC connection reconfiguration message or the attach accept message may use the network slice identifier to generate a security context. That is, the terminal may use the network slice identifier to generate the AS security key information K.sub.5G-RAN, k and verify the security algorithm to be used to generate the security context).
	Regarding claim 2, Bae et al discloses in claim 1, further Bae et al discloses,
wherein the request information for accessing the network slice comprises at least one of: attachment request information, and network slice access request information (¶ 0124, in step S530, the terminal may transmit connection request messages for each network slice to the core network (NW slice k connection request). The terminal may transmit the connection request messages to the core network to access the networks for each service. The connection request message may include the UE capability).
Regarding claim 3, Bae et al discloses in claims 1-2, further Bae et al discloses, wherein the user identity information comprises at least one of: temporary user subscription identity information, and encrypted user subscription identity information (¶ 0073, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value). 
Regarding claim 4, Bae et al discloses in claims 1-3, further Bae et al discloses, saving and maintaining, by the UE, a corresponding relationship list between network slice identity information (SliceID) and the SliceIDt, wherein the SliceIDt is in one-to-one correspondence with the SliceID (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0188, the terminal may use the K stored in USIM and the network may use the K stored in HSS, thereby deriving the CK and IK. The terminal may use the derived CK and IK to generate a plurality of authentication key vectors and then transmit the generated authentication key vectors to the core network. Accordingly, the network may use the received various authentication key vectors to generate the plurality of NAS security key information, ¶ 0196,  the terminal uses the K stored in the USIM and the network uses the K stored in the HSS, such that the NAS security key information can be derived. At this time, the network can receive various authentication key indexes KSI.sub.ASME from an authentication server when generating the initial network slice. Accordingly, the network can select a key mapped to a corresponding index among a plurality of NAS security key information K.sub.ASME,1, K.sub.ASME,2, . . . , K.sub.ASME,K using the received various authentication key indexes. Therefore, when receiving the message for the new network slice generation request from the terminal, the network may assign the non-assigned security key information among the NAS security key information generated by the received various authentication key indexes to the network slice).
Regarding claim 5, Bae et al discloses, a method for accessing a network slice, comprising: 
receiving, by a user subscription data management entity from User Equipment (UE) through a base station (RAN), request information for accessing a network slice (the terminal may transmit at least one connection request message to the core network to access at least one network slice, ¶ 0125), 
wherein the request information contains user identity information and temporary network slice identity information (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability); and 
by the user subscription data management entity, determining authentication information of the UE according to the user identity information, searching for corresponding network slice identity information (SliceID) according to the SliceIDt and sending the authentication information to a security management entity of the network slice corresponding to the SliceID to enable the security management entity to perform authentication with the UE to implement access of the UE to the network slice (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0074-0075, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
Regarding claim 6, Bae et al discloses in claim 5, further Bae et al discloses, wherein the request information for accessing the network slice is-comprises attachment request information, the authentication information comprises one or more authentication vectors, and determining, by the user subscription data management entity, the authentication information of the UE according to the user identity information comprises: by the user subscription data management entity, determining user subscription identity information according to the user identity information, and generating a set of corresponding authentication vectors according to the user subscription identity information (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
Regarding claim 7, Bae et al discloses in claim 5-6, further Bae et al discloses, wherein the request information for accessing the network slice is-comprises network slice access request information, the authentication information comprises user subscription identity information and the network slice access request information, and determining, by the user subscription data management entity, the authentication information of the UE according to the user identity information comprises: determining, by the user subscription data management entity, the user subscription identity information according to the user identity information (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
	Regarding claim 8, Bae et al discloses in claim 5-7, further Bae et al discloses, receiving, by the user subscription data management entity, authentication request information sent by the security management entity, wherein the authentication request information contains the user subscription identity information; and by the user subscription data management entity, generating a set of authentication vectors according to the user subscription identity information and sending the set of generated authentication vectors to the security management entity (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
	Regarding claim 9, Bae et al discloses in claim 5-8, further Bae et al discloses, wherein the SliceIDt is in one-to-one correspondence with the SliceID, and before receiving, by the user subscription data management entity from the UE through the base station, the request information for accessing the network slice, the method further comprises: generating, by the user subscription data management entity, the SliceIDt corresponding to the SliceID (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
	Regarding claim 10, Bae et al discloses in claim 5-9, further Bae et al discloses, wherein the user identity information comprises at least one of temporary user subscription identity information, and encrypted user subscription identity information (¶ 0073, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value).
Regarding claim 12, Bae et al discloses, a method for accessing a network slice, comprising: 
sending, by User Equipment (UE) to a base station, request information for accessing a network slice, wherein the request information contains user identity information and temporary network slice identity information (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI); 
by a user subscription data management entity, receiving the request information from the UE through the base station, determining authentication information of the UE according to the user identity information contained in the request information, searching for a corresponding network slice identity (SliceID)corresponding network slice identity information (SliceID) according to the SliceIDt and sending the authentication information to a security management entity of the network slice corresponding to the SliceID (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like); and 
performing, by the security management entity, access authentication with the UE according to the authentication information, and in case of successful authentication, accessing, by the UE, the network slice (¶ 0133, the terminal receiving the RRC connection reconfiguration message or the attach accept message may use the network slice identifier to generate a security context. That is, the terminal may use the network slice identifier to generate the AS security key information K.sub.5G-RAN, k and verify the security algorithm to be used to generate the security context). 
Regarding claim 16, Bae et al discloses in claim 1, further Bae et al discloses, User Equipment (terminal, fig. 17), comprising: a processor (1720); a memory (1730) configured to store an instruction executable for the processor (¶ 0051); and a transmission device (1710) configured to perform information transmission and reception communication according to control of the processor (fig. 17, ¶ 0051, 0268), wherein the processor is configured to run the instruction stored in the memory to execute in the method as claimed in claim 1.
	Regarding claim 17, Bae et al discloses in claim 5, further Bae et al discloses
 user subscription data management entity (fig. 18), comprising: a processor (1820); a memory (1830) configured to store an instruction executable for the processor (fig. 18, ¶ 0051, 0282); and a transmission device configured to perform information transmission and reception communication according to control of the processor, wherein the processor is configured to run the instruction stored in the memory to execute operations in the method (fig. 18, ¶ 0051, 0282) as claimed in claim 5.
	Regarding claim 18, Bae et al discloses in claim 12, further Bae et al discloses, wherein the request information for accessing the network slice comprises attachment request information, the authentication information comprises one or more authentication vectors, and determining, by the user subscription data management entity, the authentication information of the UE according to the user identity information contained in the request information comprises: by the user subscription data management entity, determining user subscription identity information according to the user identity information, and generating a set of corresponding authentication vectors according to the user subscription identity information (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
Regarding claim 19, Bae et al discloses in claim 12, further Bae et al discloses, wherein the request information for accessing the network slice comprises network slice access request information, the authentication information comprises user subscription identity information and the network slice access request information, and determining, by the user subscription data management entity, the authentication information of the UE according to the user identity information contained in the request information comprises: determining, by the user subscription data management entity, the user subscription identity information according to the user identity information (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
Regarding claim 20, Bae et al discloses in claim 1, further Bae et al discloses, after sending the authentication information to the security management entity of the network slice corresponding to the SliceID, further comprising: receiving, by the user subscription data management entity, authentication request information sent by the security management entity, wherein the authentication request information contains the user subscription identity information; and by the user subscription data management entity, generating a set of authentication vectors according to the user subscription identity information and sending the set of generated authentication vectors to the security management entity (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
Regarding claim 212, Bae et al discloses in claim 1, further Bae et al discloses, wherein the SliceIDt is in one-to-one correspondence with the SliceID, and before receiving, by the user subscription data management entity, the request information from the UE through the base station, the method further comprises: generating, by the user subscription data management entity, the SliceIDt corresponding to the SliceID (¶ 0099, the terminal may generate security keys for each network slice using the temporary network slice identifier, ¶ 0120-0125, after generating the common AS security key, the terminal may generate UE capability. At this time, the UE capability generated by the terminal may include network slice information and security capability, the connection request message may include the UE capability, ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal, ¶ 0200, the core network can store the plurality of authentication key indexes KSI.sub.ASME received from the authentication server and a security key vector K.sub.ASME, i (or authentication key vector) extracted using the authentication key index. Specifically, the core network can generate the NAS security key vector K.sub.ASME, i and generate the specific NAS security key information K.sub.ASME, k for the network slice k using the authentication key index KSI.sub.ASME indicating i for each network slice. The process of generating the NAS security key information K.sub.ASME, k will be described later, the terminal can generate the UE capability. At this time, the UE capability generated by the terminal may mean UE capability including information on network slice and security capability. The network slice information includes a network slice indicator indicating a type of network slices, information related to the number of network slices set in the terminal, identifier information of the network slice or the like).
Regarding claim 22, Bae et al discloses in claim 12, further Bae et al discloses, wherein the user identity information comprises at least one of: temporary user subscription identity information, and encrypted user subscription identity information ¶ 0073-0075, a user's universal subscriber identification module and a home subscriber server (HSS) may store a user-specific key K and user's international mobile station identity (IMSI). In this case, the K value may mean a value corresponding to the user's IMSI value, the terminal and the HSS may use the K value to derive two security keys CK and IK. Furthermore, the terminal and the HSS may use the derived security keys CK and IK to generate the NAS security key information K.sub.ASME. Therefore, the terminal and the MME may use the NAS security key information generated from the K.sub.ASME after mutual authentication to generate key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption, in which the message between the terminal and the MME may be integrity protected and encrypted using the key information K.sub.NAS int for integrity verification and key information K.sub.NAS enc for encryption that are generated by the NAS security key information, the terminal and the MME may use the NAS security key information to generate the AS security key information K.sub.eNB. The MME may transmit the AS security key information to the base station, and the terminal).



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 11, 23 are rejected under 35 U.S.C. 103 as being unpatentable over Bae et al (20180007552) in view of RAJADURAI et al (20190261178).
Regarding claims 11 and 23, Bae et al discloses in claims 5, 12, further Bae et al discloses, wherein the user subscription data management entity comprises (see claim 5 and 12).
 Bae does not specifically disclose an Authentication Server Function (AUSF), and a Security Anchor Function (SEAF).
In the same field of endeavor, RAJADURAI et al discloses, an Authentication Server Function (AUSF), and a Security Anchor Function (SEAF) (¶ 0205, 0215). Therefore, before the effective filing date of the claim invention, it would have been obvious to one of ordinary skill in the art at the time the invention was made to modify the device of Bae by specifically adding feature in order to enhance system performance to improving signaling overhead of mobility management and supporting high data rate in the WLAN RATs as taught by RAJADURAI et al.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KHAWAR IQBAL whose telephone number is (571)272-7909. The examiner can normally be reached M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jinsong Hu can be reached on 5712723965. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/KHAWAR IQBAL/           Primary Examiner, Art Unit 2643