Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detail Action
This office action is response to the application 16/610,937 filed on 11/05/2019. 

Response to Amendments
This is in response to the amendments filed on 09/10/2021. Independent claims 1, 12, 13 and 15 have been amended. Claims 9 and 10 are cancelled. Claims 1-8 and 11-18 are currently pending and have been considered below.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 09/01/2021 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner. 

Examiner’s Amendment
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. 
Authorization for this examiner’s amendment was given on 11/02/2021 by applicant’s representative Mr. Jason A. Murphy (Reg. No. 63,423).
The application has been amended as follows:
1.	(Currently Amended) A method for securing a communication between at least one first communication device and at least one second communication device within a communication network, wherein the communication network has at least one network element, via which data associated with the communication are routed, the method comprising:
securing the data by a first cryptographic security function, which are transmitted from at least one first communication device to at least one second communication device;
providing a second cryptographic security function, which protects messages between a communication device and a network element which are routed via the at least one network element from the at least one first communication device to the at least one second communication device and which contain the data;
providing a verification function by the at least one network element, which verifies an authenticity and/or an integrity of the messages using the second cryptographic security function; and
continuing or suspending the communication depending on a result of a verification by the verification function;
;
wherein the first cryptographic security function uses a first group key, and the second cryptographic security function uses a second group key;
wherein the first group key is derived from the second group key, and a group secret associated with the communication devices enters into a key derivation function.

9.	Canceled

10.	Canceled

12.	(Currently Amended) A computing system comprising:
at least one processor;
a memory device coupled to the at least one processor; and
a computer readable storage device coupled to the processor, wherein the storage device contains program code executable by the processor via the memory device to implement a method for securing a communication between at least one first communication device and at least one second communication device within a communication network, wherein the communication network has at least one network element via which data associated with the communication are routed, the method comprising:

providing, by the at least one processor, a second cryptographic security function, which secures messages between a communication device and a network element, which are routed via the at least one network element from the first communication device to the at least one second communication device and which contain the data;
providing, by the at least one processor, a verification function, which is designed to verify an authenticity and/or an integrity of the messages using the second cryptographic security function; and
continuing or suspending, by the at least one processor, the communication depending on a result of a verification by the verification function;
wherein, in an event of a continuation of the communication, the data remain protected by the first cryptographic security function up to a reception by the at least one second communication device; 
wherein the first cryptographic security function uses a first group key, and the second  cryptographic security function uses a second group key;
wherein the first group key is derived from the second group key, and a group secret associated with the communication devices enters into a key derivation function.

13.	(Currently Amended) A network element suitable for supporting a secured communication between at least one first communication device and at least one second 
at least one hardware processor configured to:
read cryptographically secured data from cryptographically secured messages that are routed via the network element from the at least one first communication device to the at least one second communication device;
provide a verification function that is designed to verify an authenticity and/or an integrity of the read messages;
continue or suspend the communication depending on a result of a verification by the verification function;
wherein, in an event of the continuation of the communication, the read data, which were cryptographically secured before an arrival at the network element by means of a first security function, remain protected by the security function up to a reception by the at least one second communication device; 
provide a second cryptographic security function, which, in an event of the continuation of the communication, secures messages which are transmitted by the network element to the at least one second communication device and which contain the data;
wherein the first cryptographic security function uses a first group key, and the second cryptographic security function uses a second group key;
wherein the first group key is derived from the second group key, and a group secret associated with the communication devices enters into a key derivation function.




15.	(Currently Amended) A communication device for securing a communication with at least one further communication device within a communication network, wherein the communication network has at least one network element, via which data associated with the communication can be routed, the communication device comprising:
at least one hardware processor configured to:
secure the data by means of a first cryptographic security function, which are transmitted from the communication device to at least one second communication device; and
provide a second cryptographic security function, which secures messages of the communication device and a network element, which are routed via the network element to the at least one second communication device and which contain the data;
wherein, depending on a result of a verification of an authenticity and/or an integrity of the secured messages by the at least one network element, in an event of a continuation of the communication, the data that are secured by the first cryptographic security function remain protected by the first security function up to a reception by the at least one second communication device; 
wherein the first cryptographic security function uses a first group key, and the second cryptographic security function uses a second group key;
wherein the first group key is derived from the second group key, and a group secret associated with the communication devices enters into a key derivation function.

Allowable Subject Matter
Claims 1-8 and 11-18 are allowed as amended.
The following is an examiner's statement of reasons for allowance: 
The closest prior art of record LARSON; Victor et al., Pat. No.: US 8,943,201 B2 and ERICKSON; Steven et al., Pat. No.: US 8,776,166 B1 individually or in combination do not disclose the invention as filed. 
LARSON discloses a technique of multi-layer encryption of data packets. The technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication.
ERICKSON discloses a technique for taking a decision of allowing or denying by a security policy. Integrity result identifying whether a client device complies with the security policy, format integrity result, and send the formatted integrity result to a host device, the host device using the formatted integrity result to produce an instruction that is used by a network device to grant or deny access to the client device based on whether the client device complies with the security policy.
What is missing from the prior art is a first cryptographic security function uses a first group key, and a second cryptographic security function uses a second group key, further the first group key is derived from the second group key, and a group secret associated with the communication devices enters into a key derivation function.
Thus the prior art, when considered individually and in combination, do not teach or suggest the subject matter as recited by independent claims 1, 12, 13, 15 and 18, thereby claims 1, 12, 13, 15 and 18 are considered allowable. The dependent claims which further limit claims 1, 12, 13, 15 and 18 also are allowable by virtue of their dependency.
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to QUAZI FAROOQUI whose telephone number is (571) 270-1034.  The examiner can normally be reached on Monday-Friday 9:00 am to 5:30 pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashokkumar Patel can be reached on (571) 272-3972.  The fax phone number for the organization where this application or proceeding is assigned is 571-270-2034. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 

/QUAZI FAROOQUI/
Primary Examiner, Art Unit 2491