Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 11/30/2020. Claims 1-18 and  25-26 are pending. Claims 19-24 and 27-36 were cancelled in preliminary amendments.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/30/2020 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Objection for informalities
Claims 1-18 and 25-26 are objected to for informalities: the claims recite a plurality of acronyms, abbreviations and commas; the examiner recommends to write the acronyms and abbreviations within parenthesis, for instance in claim 1: 
“A method performed by an access gateway, GW, node  of a non- Third Generation Partnership Project, non-3GPP, access, for authentication of a Transport Layer Security, TLS, connection, between the access GW node and a communication device, the method comprising: receiving, from a Core Network, CN ...”  should be rewritten as follows for clarity:  “A method performed by an access gateway(GW) node  of a non- Third Generation Partnership Project(non-3GPP ) access, for authentication of a Transport Layer Security(TLS) connection[[,]] between the (CN) function ...”
Additionally, the claims recite : first authentication data, second authentication data, third ..., first TLS message, second TLS message .... but 1st, 2nd key; for consistencies, please use first key, second key.
Additionally, claim 26 recites the access node instead of the access GW node.
Correction is kindly requested for all the claims.


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 17 and 25 are rejected under 35 USC 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because:
Claim 17 is directed to an access gateway node, however, the claim recites only functionalities performed by the access gateway and is software per se. In order to be statutory, the examiner recommends amending the claim to include at least a piece of hardware such a memory, microprocessor ... (like in claim 18).
Claim 25 is directed to a communication device that is also reciting functionalities only and is software per se. In order to be statutory, the examiner recommends 
Correction is kindly requested.

Allowable Subject Matter
Claims 1-18 and 25-26 are allowable over the prior art of record.
The closes prior art of record is CN107147611 cited in IDS dated 11/30/2020. CN107147611 disclose TLS link establishment, generating a first message according to TLS connection, sending the first message to the server, the server returning a response message, the first and second message used for handshake or mutual authentication between a client and a server; therefore CN107147611 discloses or suggests:
receiving a first TLS message comprising first authentication data from the communication device; transmitting  the second TLS message comprising the third authentication data to the communication device; verifying that the received first authentication data is substantially the same as the calculated second authentication data; and authenticating the TLS connection when the received first authentication data is successfully verified.
CN107147611 does not teach: calculating second authentication data based on a first, 1st, key and the 2nd key and for the received first TLS message, wherein the 1st key is associated with the TLS connection; calculating third authentication data based on the 1st and 2nd keys and for a second TLS message to be transmitted.
Other prior arts of the record disclose:
Zollinger 20160119318 discloses handshake between a client and a server, with exchange of messages comprising message authentication code (MAC), the MAC received at client and at server is verified for authentication and integrity protection. Zollinger does not teach generating keys as recited in the claims and generating the authentication data (MAC) based on the keys as recited.
Campagna 20170171174 also discloses a handshake procedure to establish a cryptographically protected communication between a first and second client, with generation of messages with MAC tags, respectively verified at the first and second client; the MAC tag generated using a master key associated with the second client and transmitted to the first client, and a shared key derived from the second client public key for encrypting communication between the first and second client.
Sharifi Mehr 10951652 discloses a client and a server exchanging digital certificate, and verifying the certificates, the client generating a premaster secret used to derive a master secret key and session keys, the server also generates a matching master secret and session ; after establishing master secret and session keys, client and server switch to a secure channel to complete establishment of the TLS connection and send “finish” message.
Benjamin Dowling et al  “A Cryptographic Analysis of the TLS 1.3 Handshake Protocol Candidates”, ACM, 2015 p. 1197-1210 discloses TLS handshake with a multi stage key exchange during connection establishment.
Therefore, none of the prior art of the record, alone or in combination with other prior arts of the record disclose:
“A method performed by an access gateway, GW, node of a non-Third Generation Partnership Project, non-3GPP, access, for authentication of a Transport Layer Security, TLS, connection, between the access GW node and a communication device, the method comprising: receiving, from a Core Network, CN, function, a second, 2nd, key derived during an authentication procedure of the communication device; receiving a first TLS message comprising first authentication data from the communication device; calculating second authentication data based on a first, 1st, key and the 2nd key and for the received first TLS message, wherein the 1st key is associated with the TLS connection; calculating third authentication data based on the 1st and 2nd keys and for a second TLS message to be transmitted; transmitting the second TLS message comprising the third authentication data to the communication device; verifying that the received first authentication data is substantially the same as the calculated second authentication data; and authenticating the TLS connection when the received first authentication data is successfully verified”, as recited in claim 1 and substantially in claim 17.
None of the prior art of the record, alone or in combination with other prior arts of the record disclose:
“A method performed by a communication device  of at non-Third Generation Partnership Project, non-3GPP, access, for authentication of a Transport Layer Security, TLS, connection, between an access gateway, GW, node and the communication device, the method comprising: generating, a second, 2nd, key derived during an authentication procedure of the communication device; calculating first authentication data based on a first, 1st, key and the 2nd key and for a TLS message to be transmitted, wherein the 1st key is associated with the TLS connection; transmitting a first TLS message comprising first authentication data to the access GW node; receiving a second TLS message comprising third authentication data from the access GW node; calculating fourth authentication data based on the 1st and 2nd keys; verifying that the received third authentication data is substantially the same as the calculated fourth authentication data; and authenticating the TLS connection when the received third authentication data is successfully verified”, as recited in claim 9 and substantially in claim 25.
Therefore, claims 1, 9, 17 and 25 are found allowable. Claims 2-8, 10-18, 18 and 26, respectively dependent from claims 1, 9, 17 and 25 are also found allowable.

Other relevant prior arts:
Roth et al 9258117 discloses a client verifying a digital signature recived from a server, obtaining a pre-shared key form the message received from the server, the pre-shared key may be used to establish an encrypted communication channel between the client and the server, and can be used to determine a premaster key then a master key from which the session key is derived.
Senecal et al 20190190950 discloses establishing a TLS handshake between a client and a server and negotiating a session key at each side from a master secret.
Lee et al 20180084414 disclose performing an EAP procedure with an authentication server via an authenticator. The EAP procedure may be based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method may also include deriving, as part of performing the 
Ohba et al 20040098588 disclose using an established TLS session may be used for fast authentication or re-authentication occurring during intra-technology or inter-technology handoff or during reconnection. If a session such as a TLS session had been established previously, a session identifier may be derived such that resumption of the TLS session may be accomplished through fast authentication or re-authentication such that a TLS handshake over EAP specifying the corresponding session ID may be performed. If a match is found, the session may be resumed under fast authentication. For example, the TLS handshake may be completed without exchanging a user certificate or performing a key exchange sequence. Thus, fast authentication is more efficient than full authentication.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        1/12/2022