DETAILED ACTION
  
Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
  
Election/Restrictions

2.    Newly submitted claims 41 and 44 are directed to an invention that is independent or distinct from the invention originally claimed for the following reasons:
3.    Applicant’s initial invention was directed towards generating and updating keys at a terminal controlled by a first network device as previously stated in claims 21 and 28. The newly submitted claims r41 and 44 recite generating (~keying) and updating (~rekeying) keys at a second network device controlled by the first network device using KeNB2 received by the first network device from a mobility management entity (MME).
Since applicant has received an action on the merits for the originally presented invention, this invention has been constructively elected by original presentation for prosecution on the merits. Accordingly, claims 41-46 are withdrawn from consideration as being directed to a non-elected invention. See 37 CFR 1.142(b) and MPEP § 821.03.

Claim Objections

4.	Claim 28 is objected to because of the following informalities: On line 10, “generate a access security management” should be changed to “generate an access security management”. Appropriate correction is required.

Response to Arguments

5.	Applicant’s arguments with respect to claims 21, 25, 27-28, 32, and 34 have been considered but are moot in view of new grounds of rejection based on new reference Vignesh (EP 2 469 752 A1).

6.	On pgs. 9-10 of Applicant’s Response, applicant argues that the requested (indication) information in amended independent claim 21 is used to inform the terminal device to update a first key used for communicating with the first network device and a second key used for communicating with a second network device.

 	Examiner respectfully disagrees with applicant’s argument. Applicant’s amended claim defines as updating a “first key” and “second key”. Rajadurai teaches receiving indication information from a first network device informing the device to update a second key used for communicating with a second device (see Rajadurai [0217], “sending the … indication to update the security key … to the UE”; [0357], “Key Update (KU) indicator … indicated to the UE … for updating the security key”; [0302], “On receiving the key update request, the UE 108 can be configured to derive the security key (~second key) to be used for communication between the UE 108 and the SeNB 106 (~second network)”).
	Rajadurai does not explicitly teach that the updating involves updating a first key used for communicating with a first network device.
(~terminal device) communicating (~has a communication connection) with a radio base station (~first network device) by … using a first key, the mobile station (~terminal device) including: an updating unit (~of a mobile station, see claim 3) configured to update the first key … transmit a … signal to the radio base station … using the updated first key”).
	Rajadurai combined with Iwamura teaches updating a first key to communicate with a first network and updating a second key to communicate with a second network.
	

Claim Rejections - 35 USC § 103

7.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

8.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


s 21, 27-28, and 34 are rejected under 35 U.S.C. 103 as being unpatentable over Rajadurai (US 2016/0205547 A1) in view of Iwamura (US 2011/0086640 A1), and further in view of Vignesh (EP 2 469 752 A1).

	Regarding claim 21, Rajadurai teaches a method implemented by a terminal device (Fig. 1A, UE 108; [0028], “operations performed between a UE (~terminal device), a MeNB, and a SeNB for creating a secure connection for user plane data transfer using a unique non-repetitive security base key”), the method comprising: 
 	receiving indication information from a first network device, wherein the indication information informs the terminal device to update a second key used for communicating with a second network device ([0287], “UE 108 can be configured to generate a security base key for the SeNB 106. This security base key is generated using a vertical key derivation, which makes use of Next Hop (NH) parameters received from the MeNB 104”; [0217], “sending the selected DL PDCP count from the SeNB 106 in the DL PDCP header with an indication to update the security key. The selected DL PDCP COUNT is indicated to the UE 108 in the PDCP PDU such that the UE 108 uses the security key indicated by the PDCP COUNT for security key derivation”; [0357], “security headers include a key update indicator (KU) and the PDCP Sequence Number (SN) which is being transmitted. The header included in every PDCP PDU contains security information for the PDCP PDU. Key Update (KU) indicator in the PDCP PDU indicated to the UE 108 to use the PDCP SN for updating the security key”; [0302], “On receiving the key update request, the UE 108 can be configured to derive the security key to be used for communication between the UE 108 and the SeNB 106”; [0287], “At 1118, the UE 108 can be configured to generate a security base key for the SeNB 106. This security base key is generated using a vertical key derivation, which makes use of Next Hop (NH) parameters received from the MeNB 104”); 
 	 sending notification information to the first network device in order to notify the first network device that the updating of the second key has been completed ([0127], “once the UE 108 derives the security key (KenB_s) associated with the SeNB 106 and the user plane encryption key an RRC connection reconfiguration complete message is sent to the MeNB 104 from the UE 108”; [0048] “Through the document, the terms "refresh", "rekeying" and "update" have been used interchangeably and may refer to the derivation of a fresh security base key associated with the SeNB”), 
 	wherein the second network device has a communication connection to the terminal device ([0309], “using the derived security key for securely transmitting data between the UE 108 (~terminal device) and the SeNB 106 (~second network device) from the next PDCP count”).  
	Rajadurai does not explicitly teach updating of a first key used for communicating with the first network device and the first network device has a communication connection to the terminal device.
	However, Iwamura teaches updating a first key used for communicating with a first network device ([0023], “a mobile station (~terminal device) communicating with a radio base station (~first network device) by using a certain key generated using a first key, the mobile station (~terminal device) including: an updating unit configured to update the first key”) and
 	the first network device has a communication connection to a terminal device ([0023], “a mobile station (~terminal device) communicating (~has a communication connection) with a radio base station (~first network device) by using a certain key generated using a first key, the mobile station (~terminal device) including: an updating unit configured to update the first key”).
	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Iwamura with the teaching of Rajadurai in order to reduce a system’s security vulnerability during a communication by not using a same key for an extended length of time (Iwamura [0004]). 	
	The combination does not explicitly teach 
	generating an access security management entity key KASME2 in response to the indication information; 
 	generating a security key KeNB2 according to the KASME2 and a COUNT value of a non-access stratum (NAS); 
 	generating a first key used for communicating with the first network device according to the KeNB2 and a security algorithm of the first network device; and
 	generating a second key used for communicating with the second network device according to the KeNB2 and a security algorithm of the second network device.
 	However, Vignesh teaches 
ASME2 in response to an indication information ([0058], “As soon as the monitoring system detects the S1AP Initial context Setup request message 509 (or the UE Context modification request message in an alternative embodiment), the monitoring system retrieves the KeNB value included in message 509 and does a reverse lookup of the stored KeNB values to identify the KASME that is in use”); 
 	generating a security key KeNB2 according to the KASME2 and a COUNT value of a non-access stratum (NAS) ([0056], “The KeNB key is calculated using the KDF function, which has as inputs the fresh KASME and the NAS uplink count. In the example illustrated in FIGURE 5, UE 51 sets the NAS uplink count to the start value (=0) after the successful AKA run. UE 51 also includes the sequence number part of the NAS uplink”); 
 	generating a key used for communicating with a network device according to the KeNB2 and a security algorithm of the network device ([0057] The KeNb correlation algorithm derives KeNB from every KASME that is identified on the S6a interface and indexes it using the KeNB value itself. The KeNB and KASME keys may be stored in an AuthVector or Subscriber Record as described above, for example. The KeNB values that are calculated by the correlation algorithm using the KASME may be designated as " KalgeNB." The algorithm processes both the monitored KASME values and the NAS uplink count value with the KDF function to obtain the KalgeNB candidates”).
	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Vignesh with 

Regarding claim 27, Rajadurai in view of Iwamura, and further in view of Vignesh substantially teaches the method according to claim 21.
Rajadurai further teaches wherein the indication information comprises at least one of the following: 
a physical cell identity (PCI) and frequency information of a target cell, wherein the PCI and the frequency information are used for updating the keys, 
a next hop (NH) value used for updating the keys ([0287], “UE 108 can be configured to generate a security base key for the SeNB 106. This security base key is generated using a vertical key derivation, which makes use of Next Hop (NH) parameters received from the MeNB 104”), 
or information for updating the keys using a PCI and frequency information of a primary cell of the terminal device.  

Regarding claim 28, Rajadurai teaches an apparatus (Fig. 1A, UE 108) comprising: 
 	a processor (Fig. 1A, UE 108 comprises a processor; [0361], “any general purpose processor and any combination of programming language, application, and embedded processor”); and 
(Fig. 1A, UE 108 comprises a memory), 
 	the programming instructions instructing the processor to provide at least the following operations ([0361], “elements shown in the FIGS. 1, 2 and 3 include various units, blocks, modules, or steps described in relation with methods, processes, algorithms, or systems of the present invention, which can be implemented using any general purpose processor and any combination of programming language, application (~programming instructions), and embedded processor”; Fig. 1A): 
receive, from the first network device, indication information informing the apparatus to update a second key used for communicating with a second network device ([0287], “UE 108 can be configured to generate a security base key for the SeNB 106. This security base key is generated using a vertical key derivation, which makes use of Next Hop (NH) parameters received from the MeNB 104”; [0217], “sending the selected DL PDCP count from the SeNB 106 in the DL PDCP header with an indication to update the security key. The selected DL PDCP COUNT is indicated to the UE 108 in the PDCP PDU such that the UE 108 uses the security key indicated by the PDCP COUNT for security key derivation”; [0357], “security headers include a key update indicator (KU) and the PDCP Sequence Number (SN) which is being transmitted. The header included in every PDCP PDU contains security information for the PDCP PDU. Key Update (KU) indicator in the PDCP PDU indicated to the UE 108 to use the PDCP SN for updating the security key”; [0302], “On receiving the key update request, the UE 108 can be configured to derive the security key to be used for communication between the UE 108 and the SeNB 106”; [0287], “At 1118, the UE 108 can be configured to generate a security base key for the SeNB 106. This security base key is generated using a vertical key derivation, which makes use of Next Hop (NH) parameters received from the MeNB 104”); 
send, to the first network device, notification information in order to notify the first network device that the updating of the second key has been completed ([0127], “once the UE 108 derives the security key (KenB_s) associated with the SeNB 106 and the user plane encryption key an RRC connection reconfiguration complete message is sent to the MeNB 104 from the UE 108”; [0048] “Through the document, the terms "refresh", "rekeying" and "update" have been used interchangeably and may refer to the derivation of a fresh security base key associated with the SeNB”), 
 	wherein the second network device has a communication connection to the apparatus ([0309], “using the derived security key for securely transmitting data between the UE 108 (~terminal device) and the SeNB 106 (~second network device) from the next PDCP count”).  
	Rajadurai does not explicitly teach updating of a first key used for communicating with the first network device and the first network device has a communication connection to the apparatus.
	However, Iwamura teaches updating a first key used for communicating with a first network device ([0023], “a mobile station (~apparatus) communicating with a radio base station (~first network device) by using a certain key generated using a first key, the mobile station (~apparatus) including: an updating unit configured to update the first key”) and
 	the first network device has a communication connection to a terminal device ([0023], “a mobile station (~apparatus) communicating (~has a communication connection) with a radio base station (~first network device) by using a certain key generated using a first key, the mobile station (~terminal device) including: an updating unit configured to update the first key”).
	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Iwamura with the teaching of Rajadurai as modified by Iwamura in order to reduce a system’s security vulnerability during a communication by not using a same key for an extended length of time (Iwamura [0004]). 
	The combination does not explicitly teach
	generating a access security management entity key KASME2 according to the indication information; 
 	generating a security key KeNB2 according to the KASME2 and a COUNT value of a non-access stratum (NAS); 
 	generating a first key used for communicating with the first network device according to the KeNB2 and a security algorithm of the first network device; and
	generating a second key used for communicating with the second network device according to the KeNB2 and a security algorithm of the second network device.
 	However, Vignesh teaches 
ASME2 according to an indication information ([0058], “As soon as the monitoring system detects the S1AP Initial context Setup request message 509 (or the UE Context modification request message in an alternative embodiment), the monitoring system retrieves the KeNB value included in message 509 and does a reverse lookup of the stored KeNB values to identify the KASME that is in use”); 
 	generating a security key KeNB2 according to the KASME2 and a COUNT value of a non-access stratum (NAS) ([0056], “The KeNB key is calculated using the KDF function, which has as inputs the fresh KASME and the NAS uplink count. In the example illustrated in FIGURE 5, UE 51 sets the NAS uplink count to the start value (=0) after the successful AKA run. UE 51 also includes the sequence number part of the NAS uplink”); 
 	generating a key used for communicating with a network device according to the KeNB2 and a security algorithm of a network device ([0057] The KeNb correlation algorithm derives KeNB from every KASME that is identified on the S6a interface and indexes it using the KeNB value itself. The KeNB and KASME keys may be stored in an AuthVector or Subscriber Record as described above, for example. The KeNB values that are calculated by the correlation algorithm using the KASME may be designated as " KalgeNB." The algorithm processes both the monitored KASME values and the NAS uplink count value with the KDF function to obtain the KalgeNB candidates”).
	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Vignesh with 

Regarding claim 34, Rajadurai in view of Iwamura, and further in view of Vignesh substantially teaches the apparatus according to claim 28. 
Rajadurai further teaches wherein the indication information comprises at least one of: 
a physical cell identity (PCI) and frequency information of a target cell, 
wherein the PCI and the frequency information are used for the current key updating, 
a next hop (NH) value used for the current key updating ([0287], “UE 108 can be configured to generate a security base key for the SeNB 106. This security base key is generated using a vertical key derivation, which makes use of Next Hop (NH) parameters received from the MeNB 104”), 
or information for updating the keys using a PCI and frequency information of a primary cell of the apparatus.  
  
10.	Claims 25 and 32 are rejected under 35 U.S.C. 103 as being unpatentable over Rajadurai in view of Iwamura, further in view of Vignesh, and further in view of Noh (US 2015/0223181 A1).
     
Regarding claim 25, Rajadurai in view of Iwamura, and further in view of Vignesh substantially teaches the method according to claim 21.

 	However, Noh teaches wherein indication information comprises information about a cell associated with a second base station for random access performed by a terminal device in the cell ([0004], “transmitting, by the first base station to the UE, a downlink signal including information associated with the set transmission power and information indicating the random access to the second base station (~second cell)”; [0026], “A base station or a cell may generally refer to a station where communication with a User Equipment (UE) is performed”). 
 	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Noh with the teaching of Rajadurai as modified by Iwamura and Vignesh in order to for the UE to check the indication and control random access (Noh [0003]), and to transmit high capacity data without data collisions (Noh [0002]). 

Regarding claim 32, Rajadurai in view of Iwamura, and further in view of Vignesh substantially teaches the apparatus according to claim 28. 
The combination does not explicitly teach wherein the indication information comprises information about a cell associated with the second network device for random access performed by the apparatus.  
 	However, Noh teaches wherein indication information comprises information about a cell associated with a second network device for random access performed by ([0004], “transmitting, by the first base station to the UE, a downlink signal including information associated with the set transmission power and information indicating the random access to the second base station (~second cell)”; [0026], “A base station or a cell may generally refer to a station where communication with a User Equipment (UE) is performed”; ([0361], “elements shown in the FIGS. 1, 2 and 3 include various units, blocks, modules, or steps described in relation with methods, processes, algorithms, or systems of the present invention, which can be implemented using any general purpose processor and any combination of programming language, application (~programming instructions), and embedded processor”; Fig. 1A)).  
	It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to combine the teaching of Noh with the teaching of Rajadurai as modified by Iwamura and Vignesh in order to for the UE to check the indication and control random access (Noh [0003]), and to transmit high capacity data without data collisions (Noh [0002]). 

Conclusion

11.	Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  

 	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALEXANDER J. YI whose telephone number is (571)270-7696. The examiner can normally be reached Monday thru Friday: 8:00AM to 5PM EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jinsong Hu can be reached on (571)272-3965. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-





/ALEXANDER J YI/Examiner, Art Unit 2643                                                                                                                                                                                                        

/JINSONG HU/Supervisory Patent Examiner, Art Unit 2643