DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/19/2021 has been entered.
As per instant Amendment, claims 1, 2, 4-7, 9-12, 14-17, 19 and 20 have been amended; claims 1, 6, 11 and 16 are independent claims. Claims 1-20 have been examined and are pending. This Action is made Non-Final. 

Response to Arguments
Applicant arguments in the instant amendment, filed on 11/19/2021, with respect to the 35 U.S.C. § 103 rejection, have been fully considered but they are not persuasive.
Applicant argues:  The Office Action admits that 3GPP fails to disclose “receiving, from the AMF over a non-3GPP access, a second security mode command message including the ngKSI.” Office Action, p. 5. Jerichow is relied on to allegedly teach this feature.
Regardless of whether 3GPP and Jerichow can be relied on for the features set forth in the Office Action, 3GPP and Jerichow cannot be relied on to disclose or render obvious at least the features of "performing, over a 3rd generation partnership project (3GPP) access, a first authentication procedure and a first key agreement procedure with an access and mobility management function (AMF), wherein a key set identifier (ngKSI) is changed from a first ngKSI to a second ngKSI during the first authentication procedure and the first key agreement procedure", "receiving, from the AMF over the 3GPP access, a first security mode command message including the second ngKSI", and "receiving, from the AMF over a non-3GPP access, a second security mode command message including the second ngKSI", as recited or analogously recited in claims 1, 6, 11, and 16.
...
Moreover, to the extent that Jerichow contemplates transmitting a NG-KSI, it is to initiate the NG-KSI, not to change the NG-KSI from a first to a second NG-KSI. Therefore, Jerichow cannot be relied on to disclose or render obvious at least the features of "performing, over a 3rd generation partnership project (3GPP) access, a first authentication procedure and a first key agreement procedure with an access and mobility management function (AMF), wherein a key set identifier (ngKSI) is changed from a first ngKSI to a second ngKSI during the first authentication procedure and the first key agreement procedure", "receiving, from the AM\F over the 3GPP access, a first security mode command message including the second ngKSI", and "receiving, from the AMF over a non-3GPP access, a second security mode command message including the second ngKSI", as recited or analogously recited in claims 1, 6, 11, and 16. 
3GPP fails to cure the above-noted deficiencies of Jerichow.
Examiner’s Response:  The examiner respectfully disagrees.  The examiner notes that the combination of 3GPP in view Jerichow does in fact teach the aforementioned features.  The examiner notes the 3GPP discloses in p. 65, 5.4.1.3.2 – an ngKSI is contained in an initial NAS message during a 5GMM procedure, the network shall include a different ngKSI value in the Authentication Result message when it initiates a 5G AKA based primary authentication and key agreement procedure.  Thus 3GPP as reasonably constructed reads on changing from changed from a first ngKSI to a second ngKSI.  Further, 3GPP discloses in p. 32-33, 4.7 – NAS over non-3GPP... The mobility management procedures defined over 3GPP access are re-used over non-3GPP. Thus 3GPP as reasonably constructed reads on concepts where the procedures, including, the first authentication and first key agreement procedure would be re-used over non-3GPP thus would involve the use of the second ngKSI.   Thus, it would be reasonable to contemplate that the received security command message would include the second ngKSI over non-3GPP as constructed form 3GPP.  However, the examiner sought to affirm this teaching by citing to Jerichow.  Jerichow teaches “Since the 5G system is being designed to have a unified authentication framework to support multiple access technologies such as 5G(NR), LTE, trusted non-3GPP access, trusted 3GPP access, etc., keys need to be derived to support access from any of these access technologies”, [0042].  The examiner further notes FIG. 1 – Depicts UE Security Context including the NG-KSI being sent through a non-3GPP access (e.g., 113 – WLAN) and further [0043] of Jerichow teaches “More specifically, Fig. 1 illustrates an example of the 5G security context at new generation UE (NG-UE) 100 and common control network function (CCNF)Y/SCMF 120 with index NG-KSI to support a unified UE authentication and security context management across multiple access technologies. In the example of Fig. 1, NG-UE 100 may be capable of communication with one or more of a gNB 110, an eNB 111, WLAN/ePDG 112, and/or WLAN 113. The CCNF/SCMF 120 may be in communication with or coupled to an AAA/HSS 130” and this concept is further affirmed in FIG. 2 that shows a 5. NG-Security Mode Command including an NG-KSI (i.e., message) sent via a WL (i.e., non-3GPP) and then is 6. Instantiated within the NG-UE 200 in which the NG-Security Mode Command Accept is sent via WL (e.g., WLAN, per [0046]), to the CCNF/SCMF, see [0046]-[0047].   Thus Jerichow as 
Thus as 3GPP teaches the second ngKSI and Jerichow teaches receiving, from the AMF over a non-3GPP access, a ... security mode command message including the ngKSI; one of ordinary skill in the art would apply the teaching of Jerichow to the second ngKSI of 3GPP to reach the conclusion that “receiving, from the AMF over a non-3GPP access, a “second” security mode command message including the second ngKSI”.  The examiner notes that this combination would be a “second” security mode command message as this would be sent to the non-3GPP access based on the 3GPP disclosure that the mobility management procedures defined over 3GPP access are re-used over non-3GPP, see 3GPP, p. 32-33, 4.7, thus would produce a “second” command message over the non-3GPP access as registration is managed independently, see 3GPP p. 52, 5.3.4
Therefore the examiner finds this argument not persuasive.










Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over 3GPP TS 24.501 VI.1.1; 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Non-Access-Stratum (NAS) protocol for 5G System (5GS); Stage 3, Release 15; May 9,2018 in view Jerichow et al. (WO 2018/056957 A1).



Regarding Claim 1;
3GPP discloses a method of performing a security mode control procedure by a user equipment (UE) (3GPP, p. 60 – Figure 5.4.1.2.1.1.: EAP based primary authentication and key agreement and Security Mode Command and p. 71, 5.4.2 – Security Mode Control Procedure), the method comprising: 
performing, over a 3rd generation partnership project (3GPP) access, a first authentication procedure and a first key agreement procedure with an access and mobility management function (AMF), wherein a key set identifier (ngKSI) is changed from a first ngKSI to a second ngKSI during the first authentication procedure and the first key agreement procedure (3GPP, p. 60 – Figure 5.4.1.2.1.1.: EAP based primary authentication and key agreement and Security Mode Command and p. 65, 5.4.1.3.1 – ...5G AKA based primary authentication and key agreement produce is to provide mutual authentication between the UE and the network to agree on a key KMF and p. 65, 5.4.1.3.2 – an ngKSI is contained in an initial NAS message during a 5GMM procedure, the network shall include a different ngKSI value in the Authentication Result message when it initiates a 5G AKA based primary authentication and key agreement procedure and p. 72, 5.4.2.2 - While having a current mapped 5G NAS security context with the UE. if the AMF wants to take the native 5G NAS security context into use. the AMF shall include the ngKSI that indicates the native 5G security context in the SECURITY MODE COMMAND message... the AMF may initiate a SECURITY MODE COMMAND in order to change the 5G security algorithm from a current 5G NAS...); 
receiving, from the AMF over the 3GPP access, a first security mode command message including the second ngKSI (3GPP, p. 65, 5.4.1.3.2 – an ngKSI is contained in an initial NAS message during a 5GMM procedure, the network shall include a different ngKSI value in the Authentication Result message when it initiates a 5G AKA based primary authentication and key agreement procedure and p. 73 – Figure 5.4.2.2. – Security mode control procedure and p. 74, 5.4.2.2. - Furthermore, if the SECURITY MODE COMMAND message can be accepted, the UE shall cipher the SECURITY nMODE COMPLETE message with the selected 5GS ciphering algorithm and the 5GS NAS ciphering key based on the Kamf or mapped K'amf indicated by the ngKSI); and 
receiving, from the AMF over a non-3GPP access... "(3GPP, p. 32-33, 4.7 – NAS over non-3GPP... The mobility management procedures defined over 3GPP access are re-used over non-3GPP and p. 52, 5.3.4 - Within the 5GS, the registration area is managed independently per access type, i.e., 3GPP access or non-3GPP access. The AMF assigns a registration area to the UE during the registration procedure.. p. 73 – Figure 5.4.2.2. – Security mode control procedure and p. 74, 5.4.2.2. - Furthermore, if the SECURITY MODE COMMAND message can be accepted, the UE shall cipher the SECURITY nMODE COMPLETE message with the selected 5GS ciphering algorithm and the 5GS NAS ciphering key based on the Kamf or mapped K'amf indicated by the ngKSI);, 
wherein the UE is registered to the AMF and a same public land mobile network (PLMN) over both the 3GPP access and the non-3GPP access (3GPP, p. 19 - If the 5G NAS security context is used for access via both 3GPP and non~3GPP access in the same PLMN, there are two NAS COUNT counter pairs associated with the 5G NAS security' context. The NAS COUNT counters use 24 bit internal representation and are independently maintained by UE and AMF and p. 89 5.5.5.1 - When the UE wishes to initiate registration over both 3GPP access and non~3GPP access in the same PLMN (e.g. the 3GPP access and the selected N3IWF are located in the same PLMN), the UE... 3GPP  access... When the UE is registered with a PLAIN over a non-3GPP access, the AMF and the UE maintain... 5G NAS security context).
3GPP fails to explicitly disclose receiving, from the AMF over a non-3GPP access, a second security mode command message including the ngKSI.
However, in an analogous art, Jerichow teaches receiving, from the AMF over a non-3GPP access, a ... security mode command message including the ngKSI ([0008] - The method may also include, when the verification is successful, instantiating a security context for the user equipment and assigning a security context identifier for next generation system security context to the user equipment, and sending a security mode command message to instruct the user equipment to instantiate security context using the security context identifier. [0042] - According to an embodiment of the invention, a Next GenerationKey Set Identifier (NG-KSI) is provided as a parameter that is associated with a master key derived during an authentication and key agreement protocol and the security context established based on this key in the 5G system... Since the 5G system is being designed to have a unified authentication framework to support multiple access technologies such as 5G(NR), LTE, trusted non-3GPP access, trusted 3GPP access, etc., keys need to be derived to support access from any of these access technologies).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Jerichow to the change ...to a second ngKSI and non-3GPP NAS access, as the mobility management procedures defined over 3GPP access are re-used over non-3GPP, see p. 32-33, 4.7 – NAS over non-3GPP as disclosed by 3GPP to include receiving, from the AMF over a non-3GPP access, a security mode command message including the ...ngKS, further as 3GPP access are re-used over non-3GPP, see  3GPP, p. 32-33, 4.7,  thus the message would be a “second” security mode command message.
(Jerichow, [0042]).

Regarding Claim 2;
3GPP and Jerichow disclose the method to Claim 1.
3GPP further discloses wherein the second ngKSI corresponds to security context changed based on the first authentication procedure and the first key agreement procedure (3GPP, 3GPP, p. 60 – Figure 5.4.1.2.1.1.: EAP based primary authentication and key agreement and Security Mode Command and p. 65, 5.4.1.3.1 – ...5G AKA based primary authentication and key agreement produce is to provide mutual authentication between the UE and the network to agree on a key KMF and p. 65, p. 5.4.1.3.2 – an ngKSI is contained in an initial NAS message during a 5GMM procedure, the network shall include a different ngKSI value in the Authentication Result message when it initiates a 5G AKA based primary authentication and key agreement procedure and p. 72, 5.4.2.2 - The AMF may initiate a SECURITY MODE COMMAND in order to change the 5G security algorithms for a current 5G NAS security context already in use).

Regarding Claim 3;
3GPP and Jerichow disclose the method to Claim 1.
	3GPP further discloses transmitting, to the AMF, a first security mode complete message in response to the first security mode command message (3GPP, p. 73 FIG. 5.4.2.2); and transmitting, to the AMF, a ... security mode complete message in response to ...security mode command message (3GPP, p. 73 FIG. 5.4.2.2);
([0008] - The method may also include, when the verification is successful, instantiating a security context for the user equipment and assigning a security context identifier for next generation system security context to the user equipment, and sending a security mode command message to instruct the user equipment to instantiate security context using the security context identifier and [0042] - According to an embodiment of the invention, a Next GenerationKey Set Identifier (NG-KSI) is provided as a parameter that is associated with a master key derived during an authentication and key agreement protocol and the security context established based on this key in the 5G system... Since the 5G system is being designed to have a unified authentication framework to support multiple access technologies such as 5G(NR), LTE, trusted non-3GPP access, trusted 3GPP access, etc., keys need to be derived to support access from any of these access technologies and [0043] and [0046]-[0047]).
Therefore, it would have been obvious before the effective filing date of the claimed invention to combine the teachings of Jerichow to the non-3GPP NAS access, as the mobility management procedures defined over 3GPP access are re-used over non-3GPP, see p. 32-33, 4.7 – NAS over non-3GPP as disclosed by 3GPP to include a security mode complete message over non-3GPP, further as 3GPP access are re-used over non-3GPP, see  3GPP, p. 32-33, 4.7,  thus the message would be a “second” security mode complete message.
One would have been motivated to combine the teachings of Jerichow to non-3GPP to do so as it provides / allows a unified authentication framework (Jerichow, [0042]).



Regarding Claim 4;
3GPP and Jerichow disclose the method to Claim 1.
	3GPP teaches performing... a second authentication procedure and a second key agreement procedure with the AMF, wherein the second ngKSI is changed to a third ngKSI using the second authentication procedure and the second key agreement procedure (3GPP, p. 18, 4.4.2.4 Change of Security Keys - When the AMF initiates a re-authentication to create a new 5G NAS security context, the messages exchanged during the authentication procedure are integrity protected and ciphered using the current 5G NAS security context, if any. The SECURITY MODE COMMAND message sent by the AMF includes the ngKSI of the new 5G NAS security context to be used p. 65, 5.4.1.3.1 – ...5G AKA based primary authentication and key agreement produce is to provide mutual authentication between the UE and the network to agree on a key KMF and p. 65, p. 5.4.1.3.2 – an ngKSI is contained in an initial NAS message during a 5GMM procedure, the network shall include a different ngKSI value in the Authentication Result message when it initiates a 5G AKA based primary authentication and key agreement procedure and p. 72, 5.4.2.2 - While having a current mapped 5G NAS security context with the UE. if the AMF wants to lake the native 5G NAS security context into use. the AMF shall include the ngKSI that indicates the native 5G security context in the SECURITY MODE COMMAND message... the AMF may initiate a SECURITY MODE COMMAND in order to change the 5G security algorithm from a current 5G NAS...); receiving, from the AMF over the non-3GPP access...  (3GPP, p. 73. FIG. 5.4.2.2); receiving, from the AMF over a 3GPP access, a “fourth”/another security mode command message including the third ngKSI (3GPP, p. 65, 5.4.1.3.1 – ...5G AKA based primary authentication and key agreement produce is to provide mutual authentication between the UE and the network to agree on a key KMF and p. 65, p. 5.4.1.3.2 – an ngKSI is contained in an initial NAS message during a 5GMM procedure, the network shall include a different ngKSI value in the Authentication Result message when it initiates a 5G AKA based primary authentication and key agreement procedure and p. 72, 5.4.2.2 - While having a current mapped 5G NAS security context with the UE. if the AMF wants to lake the native 5G NAS security context into use. the AMF shall include the ngKSI that indicates the native 5G security context in the SECURITY MODE COMMAND message... the AMF may initiate a SECURITY MODE COMMAND in order to change the 5G security algorithm from a current 5G NAS... and p. 73. FIG. 5.4.2.2).  The examiner notes that a security command change can occur any number of times based on the current 5G NAS.
Jerichow further teaches ...over a non-3GPP access... and receiving, from the AMF over a non-3GPP access, a ... security mode command message including the ngKSI ([0008] - The method may also include, when the verification is successful, instantiating a security context for the user equipment and assigning a security context identifier for next generation system security context to the user equipment, and sending a security mode command message to instruct the user equipment to instantiate security context using the security context identifier. [0042] - According to an embodiment of the invention, a Next GenerationKey Set Identifier (NG-KSI) is provided as a parameter that is associated with a master key derived during an authentication and key agreement protocol and the security context established based on this key in the 5G system... Since the 5G system is being designed to have a unified authentication framework to support multiple access technologies such as 5G(NR), LTE, trusted non-3GPP access, trusted 3GPP access, etc., keys need to be derived to support access from any of these access technologies).
to a third ngKSI and non-3GPP NAS access, as the mobility management procedures defined over 3GPP access are re-used over non-3GPP, see p. 32-33, 4.7 – NAS over non-3GPP as disclosed by 3GPP to include receiving, from the AMF over a non-3GPP access, a security mode command message including the ...ngKSI, , further as 3GPP access are re-used over non-3GPP, see  3GPP, p. 32-33, 4.7,  thus the message would be a “third” security mode command message.
One would have been motivated to combine the teachings of Jerichow to non-3GPP to do so as it provides / allows a unified authentication framework (Jerichow, [0042]).

Regarding Claim 5;
3GPP and Jerichow disclose the method to Claim 4.
3GPP teaches wherein the third ngKSI corresponds to security context changed based on the second authentication procedure and second key agreement procedure (3GPP, p. 65, 5.4.1.3.1 – ...5G AKA based primary authentication and key agreement produce is to provide mutual authentication between the UE and the network to agree on a key KMF and p. 65, p. 5.4.1.3.2 – an ngKSI is contained in an initial NAS message during a 5GMM procedure, the network shall include a different ngKSI value in the Authentication Result message when it initiates a 5G AKA based primary authentication and key agreement procedure and p. 72, 5.4.2.2 - While having a current mapped 5G NAS security context with the UE. if the AMF wants to lake the native 5G NAS security context into use. the AMF shall include the ngKSI that indicates the native 5G security context in the SECURITY MODE COMMAND message... the AMF may initiate a SECURITY MODE COMMAND in order to change the 5G security algorithm from a current 5G NAS...). The examiner notes that a security command change can occur any number of times based on the current 5G NAS.
Similar motivation is noted for the combination of Claim 4, as per Claim 1 above.  

Regarding Claim(s) 6-10; claim(s) 6-10 is/are directed to a/an user equipment (UE) associated with the method claimed in claim(s) 1-5. Claim(s) 6-10 is/are similar in scope to claim(s) 1-5, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 11-15; claim(s) 11-15 is/are directed to a/an method associated with the method claimed in claim(s) 1-5. Claim(s) 11-15 is/are similar in scope to claim(s) 1-5, and is/are therefore rejected under similar rationale.

Regarding Claim(s) 16-20; claim(s) 16-20 is/are directed to a/an access and mobility management function (AMF) associated with the method claimed in claim(s) 1-5. Claim(s) 16-20 is/are similar in scope to claim(s) 1-5, and is/are therefore rejected under similar rationale.










Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385. The examiner can normally be reached Monday-Friday 10am - 6pm (MDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.