DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 10/18/2019 is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.

Allowable Subject Matter
Claim 19 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1, 3-4, 14 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by 3GPP Organizational Partners (“3GPP TS 24.501, 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Non-Access-Stratum (NAS) protocol for 5G System (5GS); Stage 3 (Release 15)”, dated March 2018), hereinafter 3GPP.

Regarding Claim 1:
3GPP teaches a method, comprising: 
transmitting, by a processor of an apparatus (page 62 section 5.4.1.3.1, UE comprising USIM which performs computations, i.e. computer; page 67 section 5.4.2.3, UE performs local calculations and executes procedures), an initial non-access stratum (NAS) message to a communication entity of a 5th Generation (5G) mobile network (page 47-48 section 5.3.1.1, UE sends initial NAS message, e.g. REGISTRATION REQUEST message; initial NAS message routed to appropriate AMF; page 56-58 section 5.4.1.2.1, additionally, AMF initiates security mode control procedure after EAP based primary authentication and key agreement procedure in which UE sends authentication response message); 
receiving, by the processor, a message from the communication entity responsive to the transmitting, the message comprising an additional 5G security parameter information element (IE) (page 57 section 5.4.1.2.1, AMF initiates security mode control procedure following primary authentication and key agreement procedure, including receiving AUTHENTICATION RESPONSE message from UE; page 65 section 5.4.2.2, alternatively, AMF sends security mode control procedure initiated upon receipt of REGISTRATION REQUEST message, by sending SECURITY MODE COMMAND (SMC) message; page 175 section 8.2.25.1, security mode command message definition including plurality of security parameter information elements, e.g. “selected NAS security algorithms”, “NAS key set identifier”, “Replayed UE security capabilities”; page 154 section 8.2, message definitions are for 5GS mobility management messages; therefore message information elements are 5G elements; page 154-155 section 8.2.1.1, network further sends AUTHENTICATION REQUEST message to UE comprising Authentication parameter AUTN IE); and 
performing, by the processor, a security mode control procedure using information contained in the additional 5G security parameter IE pertaining to at least one 5G security parameter (page 66-67 section 5.4.2.3, if SMC message can be accepted, the UE shall take the 5GS security context indicated in the message into use).

Regarding Claim 3:
3GPP teaches the method of Claim 1.  In addition, 3GPP teaches wherein the receiving of the message comprises receiving a security mode command message (page 65 section 5.4.2.2, AMF sends security mode control procedure initiated upon receipt of REGISTRATION REQUEST message, by sending SECURITY MODE COMMAND (SMC) message) or another NAS message (page 154-155 section 8.2.1.1, AUTHENTICATION REQUEST message) as the message that includes the additional 5G security parameter IE as a new optional information element added by the 5G mobile network in the security mode command message or the another NAS message (page 175 section 8.2.25.1, security mode command message definition including plurality of security parameter information elements, e.g. “selected NAS security algorithms”, “NAS key set identifier”, “Replayed UE security capabilities”; page 154 section 8.2, message definitions are for 5GS mobility management messages; therefore message information elements are 5G elements; page 154-155 section 8.2.1.1, AUTHENTICATION REQUEST message includes Authentication parameter AUTN IE).

Regarding Claim 4:
(page 154-155 section 8.2.1.1, AUTHENTICATION REQUEST message includes Authentication parameter AUTN IE; AUTN is a type 4 information element (i.e. TLV) with length 18 octets).

Regarding Claim 14:
3GPP teaches an apparatus (page 16 section 1, user equipment (UE)), comprising: 
a transceiver which, during operation, wirelessly communicates with a communication entity of a 5th Generation (5G) mobile network (page 1, non-access-stratum protocol for 5G system; page 16 section 1, non-access stratum (NAS) procedures in 5G systems (5GS); user equipment uses NG radio access network (NG-RAN); NAS protocol for mobility management between UE and access and mobility management function (AMF) for 3GPP access and non-3GPP access); and 
a processor coupled to the transceiver such that, during operation, the processor performs operations comprising (page 62 section 5.4.1.3.1, UE comprising USIM which performs computations, i.e. computer; page 67 section 5.4.2.3, UE performs local calculations and executes procedures): 
transmitting, via the transceiver, an initial non-access stratum (NAS) message to the communication entity of the 5G mobile network (page 47-48 section 5.3.1.1, UE sends initial NAS message, e.g. REGISTRATION REQUEST message; initial NAS message routed to appropriate AMF; page 56-58 section 5.4.1.2.1, additionally, AMF initiates security mode control procedure after EAP based primary authentication and key agreement procedure in which UE sends authentication response message); 
receiving, via the transceiver, a message from the communication entity responsive to the transmitting, the message comprising an additional 5G security parameter information element (IE) (page 57 section 5.4.1.2.1, AMF initiates security mode control procedure following primary authentication and key agreement procedure, including receiving AUTHENTICATION RESPONSE message from UE; page 65 section 5.4.2.2, alternatively, AMF sends security mode control procedure initiated upon receipt of REGISTRATION REQUEST message, by sending SECURITY MODE COMMAND (SMC) message; page 175 section 8.2.25.1, security mode command message definition including plurality of security parameter information elements, e.g. “selected NAS security algorithms”, “NAS key set identifier”, “Replayed UE security capabilities”; page 154 section 8.2, message definitions are for 5GS mobility management messages; therefore message information elements are 5G elements; page 154-155 section 8.2.1.1, network further sends AUTHENTICATION REQUEST message to UE comprising Authentication parameter AUTN IE); and 
performing a security mode control procedure using information contained in the additional 5G security parameter IE pertaining to at least one 5G security parameter (page 66-67 section 5.4.2.3, if SMC message can be accepted, the UE shall take the 5GS security context indicated in the message into use), 
wherein, in receiving the message, the processor receives a security mode command message (page 65 section 5.4.2.2, AMF sends security mode control procedure initiated upon receipt of REGISTRATION REQUEST message, by sending SECURITY MODE COMMAND (SMC) message) or another NAS message (page 154-155 section 8.2.1.1, AUTHENTICATION REQUEST message) as the message that includes the additional 5G security parameter IE as a new optional information element added by the 5G mobile network in the security mode command message or the another NAS message (page 175 section 8.2.25.1, security mode command message definition including plurality of security parameter information elements, e.g. “selected NAS security algorithms”, “NAS key set identifier”, “Replayed UE security capabilities”; page 154 section 8.2, message definitions are for 5GS mobility management messages; therefore message information elements are 5G elements; page 154-155 section 8.2.1.1, AUTHENTICATION REQUEST message includes Authentication parameter AUTN IE).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2, 5-13, 15-18, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over 3GPP, and further in view of Ericsson (Update to clause 6.7.2; ngKSI and ABBA, 3GPP TSG WG3 (Security) Meeting #91bis, S3-181760).

Regarding Claim 2:
3GPP teaches the method of Claim 1.  In addition, 3GPP teaches wherein the message comprises a security mode command message that includes the additional 5G security parameter IE (page 65 section 5.4.2.2, AMF sends security mode control procedure initiated upon receipt of REGISTRATION REQUEST message, by sending SECURITY MODE COMMAND (SMC) message; page 175 section 8.2.25.1, security mode command message definition including plurality of security parameter information elements, e.g. “selected NAS security algorithms”, “NAS key set identifier”, “Replayed UE security capabilities”; page 154 section 8.2, message definitions are for 5GS mobility management messages; therefore message information elements are 5G elements).
3GPP does not explicitly teach the additional 5G security parameter IE providing at least a horizontal derivation parameter (HDP) to the apparatus.
However, Ericsson teaches the concept of an additional 5G security parameter IE providing at least a horizontal derivation parameter (HDP) to an apparatus (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 6-7, in case NAS Security Mode Command message includes horizontal derivation parameter or ABBA parameter, the UE shall derive a new KAMF).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the horizontal derivation parameter teachings of Ericsson with the security mode command information element teachings of 3GPP, in order to instruct the user equipment to derive a new key, thereby improving communication security by limiting duration of key use, increasing entropy, preventing attackers from using the previous key to decrypt future messages, and improving the security environment.

Regarding Claim 5:
3GPP teaches the method of Claim 1.
3GPP does not explicitly teach wherein the at least one 5G security parameter comprises a horizontal derivation parameter (HDP).
However, Ericsson teaches the concept wherein at least one 5G security parameter comprises a horizontal derivation parameter (HDP) (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 6-7, in case NAS Security Mode Command message includes horizontal derivation parameter or ABBA parameter, the UE shall derive a new KAMF).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the horizontal derivation parameter teachings of Ericsson with the security mode command information element teachings of 3GPP, in order to instruct the user equipment to derive a new key, thereby improving communication security by limiting duration of key 

Regarding Claim 6:
3GPP in view of Ericsson teaches the method of Claim 5.  In addition, 3GPP teaches wherein the 5G security parameter IE comprises three octets (page 175 section 8.2.25.1, SECURITY MODE COMMAND message comprising information elements of length 3 octets, e.g. Replayed UE security capabilities); and
Ericsson teaches the concept wherein a value of at least one of a plurality of bits of a value part of the information element indicates whether derivation of a key for an Access and Mobility management Function (KAMF) is required (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 6, if the NAS Security Mode Command message includes a horizontal derivation parameter, the UE shall derive a new KAMF).
The rationale to combine 3GPP and Ericsson is the same as provided for claim 5 due to the overlapping subject matter between claims 5 and 6.

Regarding Claim 7:
3GPP in view of Ericsson teaches the method of Claim 6.  In addition, 3GPP teaches wherein the value of at least one of the plurality of bits of the value part of the information element indicates whether the derivation of the KAMF is not required (page 67 section 5.4.2.3, UE checks whether SECURITY MODE COMMAND message indicates the ngKSI of the current 5GS context, if it is a mapped 5GS security context, in order not to re-generate the K’AMF).

Regarding Claim 8:
3GPP in view of Ericsson teaches the method of Claim 6.  In addition, 3GPP teaches wherein a first octet of the 5G security parameter IE identifies the additional 5G security parameter IE, and wherein a second octet of the 5G security parameter IE includes information of a length of the additional 5G security parameters IE (page 175 section 8.2.25.1, SECURITY MODE COMMAND message comprises TLV-E (type, length, value) format information element, i.e. wherein a first octet indicates “type” identifier, and a second octet indicates the length of the parameter).

Regarding Claim 9:
3GPP in view of Ericsson teaches the method of Claim 5.  In addition, Ericsson teaches wherein the 5G security parameter further comprises an Anti-Bidding down Between Architectures (ABBA) parameter (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 7, if the NAS Security Mode Command message includes an ABBA parameter, the UE shall derive a new KAMF).
The rationale to combine 3GPP and Ericsson is the same as provided for claim 5 due to the overlapping subject matter between claims 5 and 9.

Regarding Claim 10:
3GPP in view of Ericsson teaches the method of Claim 9.  In addition, 3GPP teaches wherein the 5G security parameter IE comprises three or more octets (page 175 section 8.2.25.1, SECURITY MODE COMMAND MESSAGE comprising information elements of three or more octets, e.g. EAP message, a TLV-E information element of length 7 octets), and
AMF) is required, and wherein one or more other bits of a value part of the information element are coded to indicate the ABBA parameter (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 6, if the NAS Security Mode Command message includes a horizontal derivation parameter, the UE shall derive a new KAMF).
The rationale to combine 3GPP and Ericsson is the same as provided for claim 9 due to the overlapping subject matter between claims 9 and 10.

Regarding Claim 11:
3GPP in view of Ericsson teaches the method of Claim 10.  In addition, 3GPP teaches wherein a first octet of the three or more octets identifies the additional 5G security parameter IE, and wherein a second octet of the three or more octets includes information of a length of the additional 5G security parameter IE (page 175 section 8.2.25.1, SECURITY MODE COMMAND message comprises TLV-E (type, length, value) format information element, i.e. wherein a first octet indicates “type” identifier, and a second octet indicates the length of the parameter).

Regarding Claim 12:
3GPP teaches the method of Claim 1.
3GPP does not explicitly teach wherein the 5G security parameter comprises an Anti-Bidding down Between Architectures (ABBA) parameter.
However, Ericsson teaches the concept wherein a 5G security parameter comprises an Anti-Bidding down Between Architectures (ABBA) parameter (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 7, if the NAS Security Mode Command message includes an ABBA parameter, the UE shall derive a new KAMF).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the ABBA parameter teachings of Ericsson with the security mode command information element teachings of 3GPP, in order to instruct the user equipment to derive a new key, thereby improving communication security by limiting duration of key use, increasing entropy, preventing attackers from using the previous key to decrypt future messages, and improving the security environment.

Regarding Claim 13:
3GPP teaches the method of Claim 1.
3GPP does not explicitly teach wherein the performing of the security mode control procedure comprises: 
deriving a same key for an Access and Mobility management Function (KAMF) as that used by an Access and Mobility management Function (AMF) of the 5G mobile network by using a downlink NAS count value; 
resetting corresponding uplink and downlink NAS counters; and 
deriving one or more new NAS keys from the KAMF and one or more algorithms in use, 
wherein the KAMF is horizontally derived.
However, Ericsson teaches the concept wherein performing of a security mode control procedure comprises (page 2 figure 6.7.2-1: NAS Security Mode Command procedure): 
deriving a same key for an Access and Mobility management Function (KAMF) as that used by an Access and Mobility management Function (AMF) of a 5G mobile network by using a downlink NAS (page 2 paragraph 2, in case of horizontal derivation of KAMF during mobility registration, horizontal derivation parameter shall be included; page 3 paragraph 6, in case the NAS SMC message includes a horizontal derivation parameter, the UE shall derive a new KAMF); 
resetting corresponding uplink and downlink NAS counters (page 3 paragraph 6, 9, UE and AMF set NAS COUNTs to zero if horizontal derivation of KAMF is performed); and 
deriving one or more new NAS keys from the KAMF and one or more algorithms in use (page 3 paragraph 3, UE verifies integrity protection using indicated NAS integrity algorithm and NAS integrity key based on KAMF indicated by ngKSI), 
wherein the KAMF is horizontally derived (page 2 paragraph 2, horizontal derivation of KAMF).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the KAMF derivation teachings of Ericsson with the security mode command information element teachings of 3GPP, in order to instruct the user equipment to derive a new key, thereby improving communication security by limiting duration of key use, increasing entropy, preventing attackers from using the previous key to decrypt future messages, and improving the security environment.

Regarding Claim 15:
3GPP teaches the apparatus of Claim 14.  In addition, 3GPP teaches wherein the 5G security parameter IE comprises a type 4 IE with a length of at least three octets (page 154-155 section 8.2.1.1, AUTHENTICATION REQUEST message includes Authentication parameter AUTN IE; AUTN is a type 4 information element (i.e. TLV) with length 18 octets).
3GPP does not explicitly teach wherein the at least one 5G security parameter comprises either or both of a horizontal derivation parameter (HDP) and an Anti-Bidding down Between Architectures (ABBA) parameter.
(page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 6-7, in case NAS Security Mode Command message includes horizontal derivation parameter or ABBA parameter, the UE shall derive a new KAMF).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the horizontal derivation parameter and ABBA parameter teachings of Ericsson with the security mode command information element teachings of 3GPP, in order to instruct the user equipment to derive a new key, thereby improving communication security by limiting duration of key use, increasing entropy, preventing attackers from using the previous key to decrypt future messages, and improving the security environment.

Regarding Claim 16:
3GPP in view of Ericsson teaches the apparatus of Claim 15.  In addition, 3GPP teaches wherein the 5G security parameter IE comprises three octets (page 175 section 8.2.25.1, SECURITY MODE COMMAND message comprising information elements of length 3 octets, e.g. Replayed UE security capabilities), and
Ericsson teaches wherein the at least one 5G security parameter comprises the HDP but not the ABBA parameter, and wherein at least one of a plurality of bits of a value part of the information element indicates whether derivation of a key for an Access and Mobility management Function (KAMF) is required (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; therefore, as each element is optional, the message may contain a horizontal derivation parameter but not the ABBA parameter; page 3 paragraph 6, if the NAS Security Mode Command message includes a horizontal derivation parameter, the UE shall derive a new KAMF).
The rationale to combine 3GPP and Ericsson is the same as provided for claim 15 due to the overlapping subject matter between claims 15 and 16.

Regarding Claim 17:
3GPP in view of Ericsson teaches the apparatus of Claim 16.  In addition, 3GPP teaches wherein an octet is a third octet, a first octet of the 5G security parameter IE identifies the additional 5G security parameter IE, and wherein a second octet of the 5G security parameter IE includes information of a length of the at least one 5G security parameter (page 175 section 8.2.25.1, SECURITY MODE COMMAND message comprises TLV-E (type, length, value) format information element, i.e. wherein a first octet indicates “type” identifier, and a second octet indicates the length of the parameter); and
Ericsson teaches wherein the at least one of the plurality of bits of the octet of the 5G security parameter IE indicates whether the derivation of the KAMF is required (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; page 3 paragraph 6, if the NAS Security Mode Command message includes a horizontal derivation parameter, the UE shall derive a new KAMF).
The rationale to combine 3GPP and Ericsson is the same as provided for claim 16 due to the overlapping subject matter between claims 16 and 17.

Regarding Claim 18:
3GPP in view of Ericsson teaches the apparatus of Claim 15.  In addition, 3GPP teaches wherein the 5G security parameter IE comprises three or more octets, and a plurality of bits of a third octet of the three or more octets (page 175 section 8.2.25.1, SECURITY MODE COMMAND MESSAGE comprising information elements of three or more octets, e.g. EAP message, a TLV-E information element of length 7 octets); and
Ericsson teaches wherein the at least one 5G security parameter comprises both the HDP and the ABBA parameter (page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter and/or Anti-Bidding down Between Architectures (ABBA) parameter), wherein at least one of the plurality of bits indicates whether derivation of a key for an Access and Mobility management Function (KAMF) is required (page 3 paragraph 6, if the NAS Security Mode Command message includes a horizontal derivation parameter, the UE shall derive a new KAMF), and wherein at least one or more other bits of the plurality of bits are coded to indicate the ABBA parameter (page 2 paragraph 2, NAS Security Mode Command message to UE may contain Anti-Bidding down Between Architectures (ABBA) parameter).
The rationale to combine 3GPP and Ericsson is the same as provided for claim 15 due to the overlapping subject matter between claims 15 and 18.

Regarding Claim 20:
3GPP teaches the apparatus of Claim 14.  In addition, 3GPP teaches wherein the 5G security parameter IE comprises three or more octets, and one or more bits of a plurality of bits of at least a third octet of the three or more octets (page 175 section 8.2.25.1, SECURITY MODE COMMAND MESSAGE comprising information elements of three or more octets, e.g. EAP message, a TLV-E information element of length 7 octets).
3GPP does not explicitly teach wherein the at least one 5G security parameter comprises the ABBA parameter but not the HDP, and wherein the one or more bits of a plurality of bits are coded to indicate the ABBA parameter.
(page 2 paragraph 2, NAS Security Mode Command message to UE may contain horizontal derivation parameter or Anti-Bidding down Between Architectures (ABBA) parameter; therefore, as each element is optional, the message may contain an ABBA parameter but not the horizontal derivation parameter; page 3 paragraph 7, if the NAS Security Mode Command message includes an ABBA parameter, the UE shall derive a new KAMF).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the ABBA parameter teachings of Ericsson with the security mode command information element teachings of 3GPP, in order to instruct the user equipment to derive a new key, thereby improving communication security by limiting duration of key use, increasing entropy, preventing attackers from using the previous key to decrypt future messages, and improving the security environment.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                         

/ALEXANDER LAGOR/Primary Examiner, Art Unit 2491