DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . In communications filed on 02/26/2020. Claims 1-20 are pending in this examination.
 In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.   This examination is in response to US Patent Application No. 16/801,870.
Examiner Note
Examiner encourages applicant to indicate the purpose or outcome of the independent claim. The claim is very specific but I don’t see what is the result of all the steps you are taking, please add a limitation at the end (which has a support in your specification) to further tie the other limitations with what is the result of the steps taken in the claim

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 1-4, 7-12, 14-18, and 20 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. (US2016/0241537) issued to Cha (cited in IDS 09/09/2020) and in view of US Patent No. (US2017/004665) (Cited in IDS 09/09/2020) issued to Chang.
Regarding claims 1, and 15, Cha discloses an electronic device comprising: at least one wireless communication circuit; a processor operatively connected with the at least one wireless communication circuit; and a memory operatively connected to the processor, wherein the memory stores instructions that, when executed, cause the processor to [¶32, Referring to FIG. 1, an electronic device 101 in a network environment 100, according to an embodiment of the present disclosure, is provided.  The electronic device 101 includes a secure memory 10, a bus 110, a processor 120, a memory 130, an input/output (I/O) interface 140, a display 150, a communication interface 160, and a profile manager module 170.  The electronic device 101 may exclude at least one of the above-described components or may further include one or more other components], and [¶49, the communication interface 160 establishes communication between the electronic device 101 and the first external electronic device 102,  
 detect an event related to transmission of identification information through the at least one wireless communication circuit [¶107, In step 601, a profile transfer event about a profile A 20, i.e., a target profile, installed on a secure memory 10 of the first electronic device 200 occurs to transfer the profile A 20 from the first electronic device 200 to the second electronic device 400.  In step 602, the first electronic device 200 requests device information from the second electronic device 400.  For example, the first electronic device 200 may request device information using NFC.  However, the scope and spirit of the present disclosure may not be limited thereto.  For example, the first electronic device 200 may be able to use other forms of communication, such as Wi-Fi, BT, etc.], and [¶173, in step 1010, the profile manager module 170 of a first electronic device 200 detects an occurrence of a profile transfer event]; and
and receive the identification information that is stored in the external electronic device from the server through the at least one wireless communication circuit [ ¶¶113-114, In step 608, the first electronic device 200 transfers the encrypted profile A 20 to the second electronic device 400. In step 609, the second electronic device 400 stores the received encrypted profile A 20 in a secure memory 10 of the second electronic device 400], and [¶34, The profile includes service provider-associated information, subscriber identification information (e.g., IMSI), card identification information (e.g., ICCID), network authentication-associated information, etc].
 in response to the detection of the event, perform a first authentication procedure for obtaining an access right to the identification information; relay a second authentication procedure between an external electronic device and a server through the at least one wireless communication circuit [¶48, Referring to FIG. 1, a first electronic device 110, a second electronic device 150, and a server 190 are illustrated in a network environment according to various embodiments of the present disclosure.  The first electronic device 110 performs authentication in response to an authentication request, and performs an operation corresponding to a control signal received from an authenticated electronic device.  The second electronic device 150 requests authentication to control the first electronic device 110.  The server 190 may be connected with the first electronic device 110 and the second electronic device 150, and may perform authentication with respect to at least one the first electronic device 110 and the second electronic device 150.  Also, the server 190 may include a group of one or more servers, at one or more locations], and [¶52, the communication module may perform communication between the electronic device 110 and an external electronic device (e.g., the second electronic device 150 or the server 190).  For example, the communication module may be connected to a network via wireless or wired communication so as to communicate with an external device], and [¶184, in operation 820, the second electronic device 810 requests, through the first communication mode, the first electronic device 800 to perform authentication with respect to the second electronic device 810.  The second electronic device 810 needs to be authenticated by the first electronic device 800 before transmitting a control signal to control the first electronic device 800.  Accordingly, the second electronic device 810 transmits a request for authentication to the first electronic device 800], and [¶147].

Regarding claims 2, and 16, Cha discloses, wherein the at least one wireless communication circuit is configured to support short-range wireless communication, and wherein the instructions further cause the processor to: determine whether the external electronic device is located within a specified distance from the electronic device based on the short-range wireless communication, and detect the event based on the external electronic device being located within the specified distance from the electronic device[¶46, the input/output interface 140 may generate a profile transfer event through NFC tagging with the target electronic device or may receive an input for designating the target electronic device], and [¶¶50, 53].
Regarding claims 3, and 17, Cha discloses, wherein the instructions further cause the processor to:  - 37 -0210-0410 (2019-OPSE-3379/US) receive a user input at least one of a personal information number (PIN) or biometric information; and obtain the access right to the identification information based on at least one of the PIN or the biometric information [¶46, When transferring the target profile, the input/output interface 140 may receive a user input for user authentication.  For example, the user input may include a PIN code input, an ID and PW input, a pattern input, etc].



Regarding claims 4, and 18, Cha discloses, further comprising: a secure element configured to store the identification information, and wherein the instructions further cause the processor to: establish a first secure channel between the memory and the server through the at least one wireless communication circuit; transmit at least one of first key information or authentication information to the server; request the server to establish a second secure channel for transmitting the identification information through the first secure channel; transmit an identifier of the secure element to the server; establish the second secure channel between the secure element and the server based on at least one of the first key information, the authentication information, or the identifier of the secure element; and receive the identification information from the server through the second secure channel[¶¶ 35,67,79, 113-114].
Regarding claims 7, and 20, Cha discloses wherein the instructions further cause the processor to: transmit a message requesting deletion of the identification information stored in the external electronic device to the server or the external electronic device through the at least one wireless communication circuit [¶63, the profile manager module 170 may request the deletion of the target profile from the server 106.  Alternatively, the profile manager module 170 may directly delete the target profile and may report the deletion result to the server 106.  Alternatively, the profile manager module 170 may directly delete the target profile and transmit the deletion report to the target electronic device, and the target electronic device may report the deletion result to the server 106].
Regarding claim 8 Cha discloses further comprising: a display, wherein the instructions further cause the processor to: display, through the display, a graphical user interface (GUI) including the identification information [¶48, the display 150 displays at least one profile installed on the secure memory 10].
Regarding claim 9, Cha discloses an electronic device comprising: at least one wireless communication circuit; a secure element configured to store identification information; a processor operatively connected with the at least one wireless communication circuit  and a memory operatively connected to the processor, wherein the memory stores instructions that, when executed, cause the processor to¶32, Referring to FIG. 1, an electronic device 101 in a network environment 100, according to an embodiment of the present disclosure, is provided.  The electronic device 101 includes a secure memory 10, a bus 110, a processor 120, a memory 130, an input/output (I/O) interface 140, a display 150, a communication interface 160, and a profile manager module 170.  The electronic device 101 may exclude at least one of the above-described components or may further include one or more other components], and [¶49, the communication interface 160 establishes communication between the electronic device 101 and the first external electronic device 102, the second external electronic device 104, or a server 106.  For example, the communication interface 160 may be connected to the network 162 through wireless communication or wire communication and may communicate with the second external electronic device 104 or the server 106], and
 detect an event related to transmission of the identification information through the at least one wireless communication circuit [¶107, In step 601, a profile transfer event about a profile A 20, i.e., a target profile, installed on a secure memory 10 of the first electronic device 200 occurs to transfer the profile A 20 from the first electronic device 200 to the second electronic device 400.  In step 602, the first electronic device 200 requests device information from the second electronic device 400.  For example, the first electronic device 200 may request 
and delete the identification information stored in the secure element [¶63, the profile manager module 170 may request the deletion of the target profile from the server 106.  Alternatively, the profile manager module 170 may directly delete the target profile and may report the deletion result to the server 106.  Alternatively, the profile manager module 170 may directly delete the target profile and transmit the deletion report to the target electronic device, and the target electronic device may report the deletion result to the server 106].
Cha does not explicitly disclose, however, Chang discloses in response to the detection of the event, perform an authentication procedure with a server through an external electronic device; transmit the identification information to the server through the at least one wireless communication circuit [¶48, Referring to FIG. 1, a first electronic device 110, a second electronic device 150, and a server 190 are illustrated in a network environment according to various embodiments of the present disclosure.  The first electronic device 110 performs authentication in response to an authentication request, and performs an operation corresponding to a control signal received from an authenticated electronic device.  The second electronic device 150 requests authentication to control the first electronic device 110.  The server 190 may be connected with the first electronic device 110 and the second electronic device 150, and may perform authentication with respect to at least one the first electronic device 110 and the second electronic device 150.  Also, the server 190 may include a group of one or more servers, at one or more locations], and [¶52, the communication module may perform 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Cha with the teaching of Chang in order  for performing authentication between electronic devices that are capable of communicating through a plurality of communication modes[Chang, Abstract, ¶2].
Regarding claim 10 Cha discloses wherein the at least one wireless communication circuit is configured to support short-range wireless communication, and wherein the instructions further cause the processor to: perform user authentication to move the identification information before the detection of the event [¶50, the wireless communication may include, for example, a local area network. The local area network may include, for example, Wi-Fi, Bluetooth, NFC, global positioning system (GPS), etc.], and [¶62, , the user authentication may be performed through a PIN code input, an ID and PW input, a pattern input, biometrics (e.g., face recognition, finger recognition, iris recognition, and the like)].



Regarding claim 11 Cha discloses, wherein the instructions further cause the processor to: while performing the user authentication, generate key information or receive a user input of biometric information, and transmit at least one of the key information or the biometric information to the server through the at least one wireless communication circuit [¶50, the wireless communication may include, for example, a local area network. The local area network may include, for example, Wi-Fi, Bluetooth, NFC, global positioning system (GPS), etc.], and [¶62, , the user authentication may be performed through a PIN code input, an ID and PW input, a pattern input, biometrics (e.g., face recognition, finger recognition, iris recognition, and the like)].
Regarding claim 12 Cha discloses wherein the instructions further cause the processor to: connect to the external electronic device through the at least one wireless communication circuit, and perform the authentication procedure with the server through a long-range wireless communication supported by the external electronic device[¶¶48, 55, 184 and FIG.1, A second electronic device(810 )requests, through a first communication mode, a first electronic device(800) to perform authentication with respect to the second electronic device(810), where in the server(190) may be connected  with the first electronic device, and may perform authentication with respect to at least one the first electronic device and the second electronic device, where in the first electronic device includes an LTE communication module[ ¶236,  a user of the third electronic device 1330 may establish a connection with the first electronic device 1310 through an LTE network, WiFi direct, or the like ,and may perform authentication with the First Electronic Device 1310 using the information associated with a fingerprint and the PIN")].

Regarding claim 14 Cha discloses, wherein the instructions further cause the processor to:  - 40 -0210-0410 (2019-OPSE-3379/US) receive a message requesting deletion of the identification information stored in the secure element from the external electronic device or the server through the at least one wireless communication circuit; and in response to the reception of the message, delete the identification information[¶63, the profile manager module 170 may request the deletion of the target profile from the server 106. Alternatively, the profile manager module 170 may directly delete the target profile and may report the deletion result to the server 106].

Claims 5-6, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. (US2016/0241537) issued to Cha (cited in IDS 09/09/2020) and in view of US Patent No. (US2017/004665) (Cited in IDS 09/09/2020) issued to Chang and further in view of US Patent No. (US2017/004665) (Cited in IDS 09/09/2020) issued to Juan Carlos.
Regarding claim 5 is Cha discloses   and wherein the second secure channel is based on a secure channel protocol of a global platform (GP) [¶82, using an advanced encryption standard (AES)-based secure channel protocol (e.g., SCP 03)].
Cha and Chang do not explicitly disclose, however, Juan Carlos discloses wherein the first secure channel includes a transport layer security (TLS) channel configured to deliver encrypted data in a transport layer[ section [10.2-10.2.1, The client framework enables a range of authentication methods, tokens and protocols to support sarong client authentication. It supports standalone and embedded tokens (e.g. smart card, SIM card, TPM) and it communicates using standard authentication protocols (e.g. SSL/TLS, WS-Security, EAP-*].

It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Cha, Chang with the teaching of Juan Carlos in order  to provide enhancement and improvement for improving the security, privacy and identity assurance of existing authentication[ Juan Carlos, Conclusion].
Regarding claims 6, and 19, Cha and Chang do not explicitly disclose, however, Juan discloses wherein the instructions further cause the processor to: generate second key information for encrypting the identification information;  - 38 -0210-0410 (2019-OPSE-3379/US) transmit the second key information to the server through the at least one wireless communication circuit; and obtain a digital signature based on the second key information from the server
[Section 1.1, the user’s cipher text is transformed into encrypted data for the data receiver by using the re-encryption key. Finally, the data receiver decrypts the data and verifies the signature on the disclosed parts], and [section 10.1.1, to authenticate a client towards a relying service, the service sends a challenge to the client. The client signs the challenge with its secret key, and the signature and the public key is returned to the service. The service is able to verify the signature with the public key], and [section 10.2.1, the framework supports a wide range of authentication methods: password, one-time password, challenge-response, transaction signing, user certification, biometric, device finger-printing, device certificate, and OTP].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Cha, Chang with the teaching of Juan Carlos in order  to provide enhancement and improvement for improving the security, privacy and identity assurance of existing authentication[ Juan Carlos, Conclusion].
Claim 13 is rejected under 35 U.S.C. 103 as being unpatentable over US Patent No. (US2016/0241537) issued to Cha (cited in IDS 09/09/2020) and in view of US Patent No. (US2017/004665) (Cited in IDS 09/09/2020) issued to Chang and further in view of Foreign Patent Application No. EP3407309A1 issued to Paul Bastian.
Regarding claim 13, Cha and Chang do not explicitly disclose, however Bastian discloses wherein the instructions further cause the processor to: perform the authentication procedure based on an Extended Access Control (EAC) protocol defined by British Standards Institute (BSI) in a Technical Report (TR)- 03110 Standard Specification[¶13, the asymmetric authentication protocol comprises an Extended Access Control (EAC) authentication protocol. The EAC authentication protocol is an established and standardized asymmetric authentication protocol. The Extended Access Control (EAC) authentication protocol may include a Terminal Authentication (TA) protocol section, a Passive Authentication (PA) protocol section, and a Chip Authentication (CA) protocol section. Furthermore, as part of the Extended Access Control (EAC) authentication protocol, a Secure Messaging (SM) channel can be established between the access control device and the communication device. For example, the Extended Access Control (EAC) authentication protocol can be implemented according to the technical guideline BSI TR-03110].
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Cha, Chang with the teaching of Bastian in order for an access control device to control access to an access area using an asymmetric authentication protocol. As a result, the advantage is achieved that the key management can be simplified in a plurality of access control devices and / or communication .

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Song (U9,801,044) [Apparatus and method for accessing wireless network].
Kim (US2018/0109947) [ method and apparatus for connecting between electronic devices]. 
Park (US2016/0112386) [Device and Method for secure connection].
Lee (US10,425,409) [A method and an apparatus for providing a connection between electronic devices using authentication based on biometric information].
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHAHRIAR ZARRINEH whose telephone number is (571)272-1207. The examiner can normally be reached Monday-Friday, 8:30am-5:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge Ortiz-Cirado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SHAHRIAR ZARRINEH/Examiner, Art Unit 2496