DETAILED ACTION
1. 	This Non-Final Office Action is in response to application filed on 04/02/2019.  	Claims 1-7, 14-22, 29-30 and 36 are being considered on the merits. 	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . 
Drawings
2. 	The drawings filed on 04/02/2019 are accepted. 
Information Disclosure Statement
3.	The information disclosure statements (IDS) submitted on 04/02/2019 and 04/03/2019 have been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, initialed and dated copies of the Applicant’s IDS forms 1449 filed on 04/02/2019 and 04/03/2019 are attached to this office action. 
Claim Objections
4.	Claims 4-7, 14-15, 19-22 and 29-30 are objected to because of the following informalities:  
Appropriate correction is required.

4. The method of any one of claims 1 wherein the first set of encryption parameters comprise a scheme identifier indicating an encryption scheme used to generate the subscription concealed identifier.
In claim 4, “any one of claims 1” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 1” to recite claim 1.


In claim 5, “any one of claims 1” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 1” to recite claim 1.

6. The method of any one of claims 1 wherein validating the subscription concealed identifier comprises determining whether the subscription concealed identifier is valid by comparing the first set of encryption parameters to the second set of encryption parameters.
In claim 6, “any one of claims 1” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 1” to recite claim 1.

7. The method of any one of claims 1 further comprising performing a security operation depending on whether the subscription concealed identifier is valid, wherein the security operation comprises one or more of: 
rejecting the received message responsive to determining that the subscription concealed identifier is invalid; 
returning an error message responsive to determining that the subscription concealed identifier is invalid; 
accepting the received message if a number of related messages that have been received containing an invalid subscription concealed identifier is less than a predetermined number; 
updating encryption parameters for a user equipment associated with the subscription responsive to determining that the subscription concealed identifier is invalid; or 

In claim 7, “any one of claims 1” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 1” to recite claim 1.

14. The method of any one of claims 1 further comprising verifying that the first set of encryption parameters is valid before de-concealing the subscription concealed identifier.
In claim 14, “any one of claims 1” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 1” to recite claim 1.
15. The method of any one of claims 1 further comprising verifying that the result of de- concealing is valid before obtaining the second set of encryption parameters.
In claim 15, “any one of claims 1” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 1” to recite claim 1.

19. The network node of any one of claims 16 wherein the first set of encryption parameters comprise a scheme identifier indicating an encryption scheme used to generate the subscription concealed identifier.
In claim 19, “any one of claims 16” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 16” to recite claim 16.



In claim 20, “any one of claims 16” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 16” to recite claim 16.

21. The network node of any one of claims 16 wherein the processing circuit is further configured to validate the subscription concealed identifier by determining whether the subscription concealed identifier is valid by comparing the first set of encryption parameters to the second set of encryption parameters.
In claim 21, “any one of claims 16” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 16” to recite claim 16.

22. The network node of any one of claims 16 wherein the processing circuit is further configured to perform a security operation depending on whether the subscription concealed identifier is valid, wherein the security operation comprises one or more of: 
rejecting the received message responsive to determining that the subscription concealed identifier is invalid; 
returning an error message responsive to determining that the subscription concealed identifier is invalid; 
accepting the received message if a number of related messages that have been received containing an invalid subscription concealed identifier is less than a predetermined number; 
updating encryption parameters for a user equipment associated with the subscription responsive to determining that the subscription concealed identifier is invalid; or 

In claim 22, “any one of claims 16” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 16” to recite claim 16.

29. The network node of any one of claims 16 further comprising verifying that the first set of encryption parameters is valid before de-concealing the subscription concealed identifier.
In claim 29, “any one of claims 16” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 16” to recite claim 16.

30. The network node of any one of claims 16 further comprising verifying that the result of de-concealing is valid before obtaining the second set of encryption parameters.
In claim 30, “any one of claims 16” is confusing language, as it is referencing multiple claims but only depending on claim 1. Examiner suggests changing “any one of claims 16” to recite claim 16.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



s 1-7, 14-22, 29-30 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over US Pub No. US 2016/0294783 A1 to Piqueras Jover, (hereinafter, “Piqueras”) in view of US Pub. No. US 2018/0013568 A1 to Muhanna, (hereinafter, “Muhanna”).
As per claims 1, 16 and 36, Piqueras teaches a method implemented by a network node in a mobile network of validating a subscription concealed identifier, a network node in a mobile network configured to validate a subscription concealed identifier, and a non-transitory computer-readable storage medium containing a computer program, respectively, comprising executable instructions that, when executed by a processing circuit in a network node of a mobile network, said network node comprising: 
an interface circuit for communicating with other network nodes over a communication network; and a processing circuit connected to the interface circuit (Piqueras, para. [0093] “a processor can refer to an integrated circuit, an application specific integrated circuit (ASIC), a digital signal processor (DSP), a field programmable gate array (FPGA), a programmable logic controller (PLC), a complex programmable logic device (CPLD), a discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. Processors can exploit nano-scale architectures such as, but not limited to, molecular and quantum-dot based transistors, switches and gates, in order to optimize space usage or enhance performance of user equipment. A processor may also be implemented as a combination of computing processing units”), said processing circuit being configured to: 
obtaining a first set of encryption parameters used to generate the subscription concealed identifier (Piqueras, para. [0051] “mobile device 202, once again through facilities provided by Verification engine 204 can, in accordance with an aspect, receive from a base station device (e.g. base station device 102) a database tuple that can comprise an identification string associated with the base station device and a public cryptographic key that can also be associated with the base station device. Mobile device 202, and more particularly verification engine 204, in response to receiving such a database tuple can confirm the validity of origination of the database tuple by ensuring that the private/ secret cryptographic key associated with a mobile network operator device was employed to encrypt the database tuple.” And para. [0052] “verification engine 204 associated with mobile device 202, in response to sending an identifier (e.g., international mobile subscriber identifier/identification (IMSI)), can receive an encrypted first nonce string, wherein the first nonce string is generated by a base station device (e.g., base station device 102) and encrypted by the base station device using a public cryptographic key associated with mobile device 202. On receiving the encrypted first nonce String, verification engine 204 can decrypt the encrypted first nonce string using a private/secret cryptographic key to extract the first nonce String. The private/secret cryptographic key used by verification engine 204 is a counterpart/corresponding cryptographic key to the public cryptographic key that was utilized by base station device 102 to encrypt the first nonce string.”); 
de-concealing the subscription concealed identifier to obtain subscription information associated with a subscription  (Piqueras, para. [0052] “On receiving the encrypted first nonce String, verification engine 204 can decrypt the encrypted first nonce string using a private/secret cryptographic key to extract the first nonce String. The private/secret cryptographic key used by verification engine 204 is a counterpart/corresponding cryptographic key to the public cryptographic key that was utilized”); 
obtaining a second set of encryption parameters associated with the subscription using the subscription information (Piqueras, para. [0053] “Verification engine 204 can, in response to receiving a database tuple comprising an identifier associated with a base station device and a public key (e.g., first encryption key) associated with the base station device, can generate a second nonce string, combine the first nonce string (received from the base station device) with the generated second nonce string to form a combined nonce string (e.g., the combined nonce string can be the first nonce string and/or the second nonce string), encrypt the combined nonce string using a public key associated with the base station device, and thereafter send the encrypted combined nonce string to the base station device. para. [0054] “verification engine 204, in response to receiving, from the base station device, an encrypted second nonce string (e.g., the second nonce string previously generated, combined, and the combination encrypted by Verification engine 204 and earlier sent to the base station) can decrypt the received encrypted second nonce string using the private/secret cryptographic key of mobile device 202 to obtain the decrypted second nonce string. It should be noted that the encrypted second nonce string can have been encrypted by the returning base station device using the public key of the mobile device 204.”); and 
validating the subscription concealed identifier based on the second set of encryption parameters (Piqueras, para. [0065] “verification engine 204, in response to receiving, from the base station device, an encrypted second nonce string that has now been encrypted by the base station device using the public cryptographic key associated with the mobile device, can decrypt the encrypted second nonce string using the private cryptographic key of the mobile device to obtain the unencrypted second nonce string, and as a function of in response or, or base on receiving a valid unencrypted second nonce string, establishing a secure communication channel”).
Piqueras teaches all the limitations of claims 1, 16 and 36 above, however fails to explicitly teach, but Muhanna teaches:
receiving a message including the subscription concealed identifier (Muhanna, para. [0086] The embodiment IAR message 520 corresponds to the IAR message 420 sent from the UE 215 to the SeAN 220. In this example, the embodiment IAR message 520 includes UE Specific information (UE info), a MAC signature, and a home network identifier (HID). The UE info may include various information associated with, or generated by, the UE, including (but not limited to) an IMSI, one or more random numbers (e.g., RAND1, RAND2, etc.), a counter, and/or UE security capability parameters. The MAC signature may be generated by computing a hash function of the UE info according to an integrity key (e.g., a KIAR.sub.INT) and/or a random number (e.g., RAND1). The MAC signature and the UE info are encrypted using a HPuK to form an encrypted portion 522 of the embodiment IAR message 520.).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 

As per claims 2 and 17, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein the first set of encryption parameters is obtained from the received message (Muhanna, para. [0074] “the initial authorization and data response includes a UE security capability parameter. The MME may then select one of the authentication vectors, as well as a non-access stratum (NAS) ciphering algorithm. The MME may also assign a temporary network identifier (e.g., a globally unique temporary identifier (GUTI)) to the UE. Thereafter, the MME may encrypt the KIAS.sub.ENC, the temporary network identifier, and a key set identifier (KSI) associated with the selected NAS ciphering algorithm using the KIAS.sub.ENC to obtain encrypted NAS security data.” and para. [0086] The embodiment IAR message 520 corresponds to the IAR message 420 sent from the UE 215 to the SeAN 220. In this example, the embodiment IAR message 520 includes UE Specific information (UE_info), a MAC signature, and a home network identifier (HID). The UE_info may include various information associated with, or generated by, the UE, including (but not limited to) an IMSI, one or more random numbers (e.g., RAND1, RAND2, etc.), a counter, and/or UE security capability parameters. The MAC signature may be generated by computing a hash function of the UE_info according to an integrity key (e.g., a KIAR.sub.INT) and/or a random number (e.g., RAND1). The MAC signature and the UE_info are encrypted using a HPuK to form an encrypted portion 522 of the embodiment IAR message 520.).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 
As per claims 3 and 18, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein the first set of encryption parameters comprise a key identifier indicating a public key used to generate the subscription concealed identifier (Piqueras, para. [0051] “mobile device 202, once again through facilities provided by Verification engine 204 can, in accordance with an aspect, receive from a base station device (e.g. base station device 102) a database tuple that can comprise an identification string associated with the base station device and a public cryptographic key that can also be associated with the base station device. Mobile device 202, and more particularly verification engine 204, in response to receiving such a database tuple can confirm the validity of origination of the database tuple by ensuring that the private/ secret cryptographic key associated with a mobile network operator device was employed to encrypt the database tuple.” And para. [0052] “verification engine 204 associated with mobile device 202, in response to sending an identifier (e.g., international mobile subscriber identifier/identification (IMSI)), can receive an encrypted first nonce string, wherein the first nonce string is generated by a base station device (e.g., base station device 102) and encrypted by the base station device using a public cryptographic key associated with mobile device 202.”).
As per claims 4 and 19, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein the first set of encryption parameters comprise a scheme identifier indicating an encryption scheme used to generate the subscription concealed identifier (Muhanna, para. [0074] “the initial authorization and data response includes a UE security capability parameter. The MME may then select one of the authentication vectors, as well as a non-access stratum (NAS) ciphering algorithm. The MME may also assign a temporary network identifier (e.g., a globally unique temporary identifier (GUTI)) to the UE. Thereafter, the MME may encrypt the KIAS.sub.ENC, the temporary network identifier, and a key set identifier (KSI) associated with the selected NAS ciphering algorithm using the KIAS.sub.ENC to obtain encrypted NAS security data.” and para. [0086] The embodiment IAR message 520 corresponds to the IAR message 420 sent from the UE 215 to the SeAN 220. In this example, the embodiment IAR message 520 includes UE Specific information (UE_info), a MAC signature, and a home network identifier (HID). The UE_info may include various information associated with, or generated by, the UE, including (but not limited to) an IMSI, one or more random numbers (e.g., RAND1, RAND2, etc.), a counter, and/or UE security capability parameters. The MAC signature may be generated by computing a hash function of the UE_info according to an integrity key (e.g., a KIAR.sub.INT) and/or a random number (e.g., RAND1). The MAC signature and the UE_info are encrypted using a HPuK to form an encrypted portion 522 of the embodiment IAR message 520.).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into (Muhanna, para. [0002]-[0003]). 
As per claims 5 and 20, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein: the subscription information comprises a subscription permanent identifier; and the subscription permanent identifier is used to obtain the second set of encryption parameters (Piqueras, para. [0020] “Additional acts can include using a private key to decrypt the first data to obtain the first nonce string, wherein the private key is burned, indelibly persisted, or permanently stored, to an integrated circuit device associated with the system; using the public key associated with the base station device to encrypt the second data; and using the private key to decrypt the third data to obtain the second nonce string.” and para. [0047] “In parallel with registering and persisting the pairing of the international mobile subscriber identification /identifier associated with the subscriber identification module and the public cryptographic key to the database device and/or to the plurality of network distributed database device, the international mobile subscriber identification /identifier together with a private/secret cryptographic key can be burned, indelibly stored, permanently persisted to a write once read only integrated circuit device that can be associated with mobile device 202.”).

As per claims 6 and 21, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, wherein validating the subscription concealed identifier comprises determining whether the subscription concealed identifier is valid by comparing the first set of encryption parameters to the second set of encryption parameters (Muhanna, para. [0082] “Upon receiving the authentication and data request message 430, the HSS 230 may decrypt encrypted portion using a HPrK, and verify the integrity of the encrypted portion based on the MAC signature. In one example, the HSS 230 independently generates a MAC signature by computing a hash of the information in the authentication and data request message 430 using an independently generated integrity key (e.g., a KIAR.sub.INT), and then compares the independently generated MAC signature with the MAC signature carried by the encrypted portion in the authentication and data request 430.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 

As per claims 7 and 22, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, further comprising performing a security operation depending on whether the subscription concealed identifier is valid, wherein the security operation comprises one or more of:
rejecting the received message responsive to determining that the subscription concealed identifier is invalid; returning an error message responsive to determining that the subscription concealed identifier is invalid (Muhanna, para. [0159] “FIG. 32 is a diagram of a communications sequence 3200 in which a UE unsuccessfully attempts to attach to a wireless network. In this example, the UE 215 sends an attach request 3210 to an SeAN 220, who is unable to authenticate the UE 215, and returns an attach reject 3220 to the UE 215. The attach reject 3220 prompts the UE 215 to set a back off timer, and the UE 215 is unable to initiate mobility management signaling prior to expiration of the back-off timer.”); 
(Muhanna, para. [0082] “Upon receiving the authentication and data request message 430, the HSS 230 may decrypt encrypted portion using a HPrK, and verify the integrity of the encrypted portion based on the MAC signature…The HSS 230 may also take further steps to validate the encrypted portion. For example, the HSS 230 may verify that a COUNTER in the encrypted portion of the authentication and data request message 430 (e.g., a counter originally in the IAR message 420) exceeds an independent COUNTER maintained by the HSS 230 in order to confirm that the encrypted portion in the authentication and data request message 430 is fresh (e.g., not stale). If the encrypted portion is stale, then it may have been intercepted by a malicious man-in-the-middle entity.”); 
updating encryption parameters for a user equipment associated with the subscription responsive to determining that the subscription concealed identifier is invalid (Muhanna, para. [0162] “FIG. 34 is a diagram of a communications sequence 3400 in which a UE unsuccessfully attempts to attach to a wireless network. Similar to the communications sequence 3200, the UE 215 sends an attach request 3410 to the SeAN 220, who is unable to authenticate the UE 215, and returns an attach reject 3420 to the UE 215 that indicates that the UE 215 could not be authenticated by the network. However, unlike the attach reject 3220, the attach reject 3420 includes a MAC signature, which is generated by the SeAN by computing a hash function of information carried by the attach reject message 3420 using a SPrK associated with the underlying serving network. Upon reception, the UE 215 attempts to validate the attach reject 3420 by processing the MAC signature according to a SPuK assigned to the serving network. The SPrK and the SPuK form a public-private key pair such that processing of a MAC signature using the SPuK will only result in successful validation of the attach reject 3420 if the MAC signature was generated using the SPrK. Because the MAC signature carried by the attach reject 3420 was generated using the SPrK, the UE 215 will determine that the attach reject 3420 is valid, and will set a back-off timer.”); or 
performing an authentication procedure responsive to determining that the subscription concealed identifier is valid (Muhanna, para. [0083] “After verifying the integrity of the encrypted portion(s), the HSS 230 may generate authentication vectors based on an EPS-AKA procedure, and send an authentication and data response message 435 carrying the EPS authentication vectors to the SeAN 220. The authentication and data response message 435 may include other information in addition to the EPS authentication vectors, such as integrity/encryption keys (e.g., a KIAS.sub.INT, KIAS.sub.ENC, etc.), the IMSI of the UE, a COUNTER, and/or a UE security capabilities. The UE security capabilities may indicate protocol capabilities supported by the UE, such as, for example, NAS ciphering algorithms supported by the UE.”).
Therefore, it would have been obvious to one of the ordinary skill in the art before the effective filing date of the claimed invention to combine the teachings of Muhanna’s authentication protocol into Piqueras’s secure subscriber server, with a motivation to provide privacy to subscriber and UE permanent identifiers (Muhanna, para. [0002]-[0003]). 

As per claims 14 and 29, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, further comprising verifying that the first set of encryption parameters is valid before de-concealing the subscription concealed identifier (Piqueras, para. [0049] “Upon receiving this identifier from mobile device 202, base station device 102 can forward this identifier to an associated database device (e.g., storage 110) associated with a grouping of diversely located distributed database devices for verification. Verification of the identifier received from mobile device 202 can take the form of base station device 102 ensuring that a database tuple stored to the associated database device and comprising the received identifier has previously been encrypted using a private/secret cryptographic key associated with a mobile network operator device. Once base station device 102 has verified that the identifier is valid and is associated with a public cryptographic key associated with mobile device 202, base station device 102 can generate a nonce string, encrypt the nonce string, and send/forward an encrypted nonce string to mobile device 202.” And para. [0050] “Once mobile device 202, through facilities provided by verification engine 204, has decrypted the encrypted nonce string received from base station device 102, it can send the now decrypted nonce string back to base station device 102”).

As per claims 15 and 30, the combination of Piqueras and Muhanna teach the method of claim 1 and the network node of claim 16, respectively, further comprising verifying that the result of de- concealing is valid before obtaining the second set of encryption parameters (Piqueras, para. [0060] “Subsequent to sending the encrypted nonce string to the base station device, at act 708 verification engine 204 can establish, or facilitate the establishment, a secure communication channel between the base station device and the mobile device should the base station device respond with a valid decrypted nonce string.” And para. [0061] “At 810 authentication engine 104 can receive from the mobile device an encrypted combined nonce string, wherein the encrypted combined nonce string can comprise one or both of the first nonce string generated earlier by authentication engine 104 and/or a second nonce string that has been generated and by the mobile device…Authentication engine 104, on receiving the encrypted combined nonce string from the mobile device, at act 812, can decrypt the encrypted combined nonce string by using the private cryptographic key associated with the base station device. The result of the decryption of the encrypted combined nonce string is the first nonce string and/or the second nonce string, wherein the first nonce string was generated by authentication engine 104 and second nonce string was generated by the mobile device (e.g., by verification engine 204).”).



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
US 20160286378 A1 - Mapping subscription to service user identity.
US 20120122423 A1 - Subscriber identifier and method for subscriber authentication.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZOHA P TAFAGHODI whose telephone number is (571)272-5199.  The examiner can normally be reached on 9AM-5PM EST M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s acting supervisor, Kristine Kincaid can be reached on (571) 272-4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained 
/ZOHA PIYADEHGHIBI TAFAGHODI/Examiner, Art Unit 2437           

/KRISTINE L KINCAID/Supervisory Patent Examiner, Art Unit 2437