DETAILED ACTION
Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendment
This communication is in response to amendment filed on 08/30/2021. Claims 1- 11, 13-15 and 17-20 are pending and being considered. Claims 1, 9 and 17 are independent. Claims 12 and 16 are cancelled. Claims 1, 5-11, 13-15 and 17-20 are amended. Thus, claims 1- 11, 13-15 and 17-20 are rejected.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 08/30/2021 was filed on or after the mailing date of the application no.16/240,129 on 01/04/2019.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner and an initialed and dated copy of Applicant’s IDS forms 1449 filed on 08/30/2021 is attached to the instant office action.

Response to Arguments/Remarks
	Applicant’s arguments/remarks filed on 08/30/2021 have been fully considered and are rendered moot in view of new grounds of rejection(s) outlined below. The argument do not apply to the current art being used.

Claim Objections
Claim(s) 1-11 and 13-15 are objected to because of the following informalities:  
Claim 1 (Line 8) recite limitation(s) "determining authentication statuses for individual hardware components”, which should read as “determining authentication statuses for the individual hardware components”.
Claim 9 (Line 10) recite limitation(s) "determining authentication statuses for individual hardware components”, which should read as “determining authentication statuses for the individual hardware components”.
Claims 2-8, 10-11 and 13-15 are likewise objected since they depend on and/or carries the deficiencies of the parent claim(s) 1 and 9.
Appropriate correction is required.

Claim Rejections - 35 U.S.C. 102 

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) The claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published 

Claim(s) 1, 6, 8, 9, 13, 14, 17 and 19 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Debates, Scott (DE 102017100886 A1; PUBLISHED ON 27-Jul-2017), hereinafter (Debates):

Regarding claim 1, Debates teaches one or more non-transitory computer-readable media storing computer-executable instructions that upon execution cause one or more processors of a user equipment to perform acts comprising (Debates, PDF Page 6 (Paragraph 8), discloses a device 400 that contains a computer-readable memory 412 which enables data storage, for example, data storage devices that can be accessed by a computer and that can permanently store data and executable instructions, and as disclosed in PDF Page 6 (Paragraph 7), the device also contains one or more processors (e.g., microprocessors, controllers, and the like) and / or a processor and memory system implemented as a one-chip system (SoC) that processes computer-executable instructions): 
receiving a set of component identifiers corresponding to a set of hardware components installed within the user equipment (Debates, PDF Page 5 (Paragraph 7), discloses that a radio-frequency identification tag (RFID tag) in the mobile device is queried for construction information for the hardware verification of the hardware components in the mobile device […]. The construction information 110 corresponds to the time of installation of the hardware components 108 during the manufacture and assembly of the mobile device, the construction information being the manufacturer ), individual hardware components within the set of hardware components associated with one or more different functionalities (Debates, PDF Page 3 (Paragraph 1) discloses functionality of one or more hardware components, and/or as disclosed in PDF Page 8 (Paragraph 7), restricting the functionality of at least one of the one or more hardware components); 
determining authentication statuses for individual hardware components of the set of hardware components by verifying that a respective component identifier of the set of component identifiers matches a network record in a data store, the network record corresponding to the individual hardware component (Debates, PDF Page 5 (Last Two Paragraphs), discloses that a current information is identified for each of the hardware components in the mobile device. For example, the bootloader identifies 130 who is in the mobile device 100 is implemented, the current information 134 (e.g., a manufacturer ID and / or a model ID) for each of the respective hardware components 108 that in the mobile device 100 are installed. Identifying the current information may include that of the bootloader 130 the current hardware configuration information of each of the hardware components 108 determined. At pos. 308 a determination is made as to whether the current information matches the stored construction information. For example, it determines or determines in the mobile device 100 implemented boot loader 130 whether the current information 134 for each of the hardware components 108 with the construction information 110 for each of the respective hardware components. In implementations, the bootloader compares 130 the manufacturer identifier (ID) and / or the model ID of the construction information 110 ); 
detecting at least one hardware component of the set of hardware components for which the respective authentication status indicates that the at least one hardware component is not authenticated (Debates, PDF Page 6 (2nd Paragraph), if the construction information and the current information do not match (i.e., "No" at pos. 308 ), at pos. 312 a message is displayed informing a user that at least one of the hardware components does not match the build information (i.e., indicates that an unauthorized hardware component is installed). For example, the bootloader determines 130 that the construction information 110 and the current one information 134 for a particular hardware component, and initiates the display of a message on the integrated display device 106 indicating that at least one unauthorized hardware component 108 in the mobile device 100 is installed); and 
providing instructions to the user equipment to cause the user equipment to deactivate the at least one hardware component (Debates, PDF Page 9 (Paragraph 7), wherein one of the hardware components is a device memory and wherein the bootloader restricts access to the device memory in response to a determination that the current information does not match the construction information), such that the user equipment is caused to operate absent the one or more different functionalities associated with the at least one hardware component (Debates, PDF Page 8 (Paragraph 7), in response to the determination that the current information does not match the construction information: storing, for each of the one or ).  

Regarding claim 6, Debates teaches the one or more non-transitory computer-readable media of claim 1, wherein Debates further teaches at least one component identifier of the set of component identifiers comprises a serial number (Debates, PDF Page 3 (Paragraph 5), discloses that the model ID associated with the hardware component 108 may include any identification information, such as a particular model number, product name, serial number), the serial number comprising an International Mobile Equipment Identifier (IMEI) of the user equipment (Debates, PDF Page 2 (2nd-to- the- Last Paragraph), when the selected hardware components are installed and the device is assembled, the manufacturer may encrypt the device's International Mobile Station Equipment Identity (IMEI) with the hardware specific configuration parameters and store the encrypted construction information in the memory of a Radio Frequency Identification (RFID) tag contained in the device).  

Regarding claim 8, Debates teaches the one or more non-transitory computer-readable media of claim 1, wherein Debates further teaches at least one component identifier of the set of component identifiers comprises OEM information corresponding to the hardware component (Debates, PDF Page 2 (Last Paragraph), discloses that the hardware configuration of the original equipment of the device can be verified by comparing the current hardware configuration information nd-to- the- Last Paragraph), when the selected hardware components are installed and the device is assembled, the manufacturer may encrypt the device's International Mobile Station Equipment Identity (IMEI) with the hardware specific configuration parameters and store the encrypted construction information in the memory of a Radio Frequency Identification (RFID) tag contained in the device).  

Regarding claim 9, Debates teaches a computer-implemented method for authenticating one or more hardware components of a user equipment, the method performed by the user equipment, the method comprising (Debates, PDF Page 8 (First Paragraph), discloses method for performing hardware verification of one or more hardware components in the mobile device): 
accessing, via a device authentication service executed on the user equipment, one or more component identifiers corresponding to one or more hardware components installed within the user equipment (Debates, PDF Page 5 (Paragraph 7), discloses that a radio-frequency identification tag (RFID tag) in the mobile device is queried for construction information for the hardware verification of the hardware components in the mobile device. For example, the bootloader (application running in a mobile device, see Paragraph 6) asks 130 the RFID label 112 on the construction information 110 starting in the store 114 of the RFID tag is stored.  The construction information 110 corresponds to the time of installation of the hardware components 108 during the manufacture and assembly of the mobile device, the construction information being the manufacturer identification (ID) 116 and / or the model ID 118 for each of the respective hardware components), individual hardware components of the one or more hardware components associated with one or more different functionalities (Debates, PDF Page 3 (Paragraph 1) discloses functionality of one or more hardware components, and/or as disclosed in PDF Page 8 (Paragraph 7), restricting the functionality of at least one of the one or more hardware components); 
determining authentication statuses for individual hardware components of the one or more of hardware components by verifying, via the device authentication service, whether a respective component identifier of the one or more component identifiers matches a network record associated with the user equipment (Debates, PDF Page 5 (Last Two Paragraphs), discloses that a current information is identified for each of the hardware components in the mobile device. For example, the bootloader identifies 130 who is in the mobile device 100 is implemented, the current information 134 (e.g., a manufacturer ID and / or a model ID) for each of the respective hardware components 108 that in the mobile device 100 are installed. Identifying the current information may include that of the bootloader 130 the current hardware configuration information of each of the hardware components 108 determined. At pos. 308 a determination is made as to whether the current information matches the stored construction information. For example, it determines or determines in the mobile device 100 implemented boot loader 130 whether the current information 134 for each of the hardware components 108 with the construction information 110 for each of the respective hardware components. In implementations, the bootloader compares 130 the manufacturer identifier (ID) and / or the model ID of the construction information 110 with the manufacturer identifier (ID) and / or model ID of the current ); Serial No.: 16/240,129_4_ Atty Docket No.: TM.P0610US 
Atty/Agent: Bert E. Bouquetdetecting at least one hardware component of the one or more hardware components for which the respective authentication status indicates that the at least one hardware component is not authenticated (Debates, PDF Page 6 (2nd Paragraph), if the construction information and the current information do not match (i.e., "No" at pos. 308 ), at pos. 312 a message is displayed informing a user that at least one of the hardware components does not match the build information (i.e., indicates that an unauthorized hardware component is installed). For example, the bootloader determines 130 that the construction information 110 and the current one information 134 for a particular hardware component, and initiates the display of a message on the integrated display device 106 indicating that at least one unauthorized hardware component 108 in the mobile device 100 is installed); and 
deactivating, via the device authentication service, the at least one hardware component of the one or more hardware components (Debates, PDF Page 9 (Paragraph 7), wherein one of the hardware components is a device memory and wherein the bootloader restricts access to the device memory in response to a determination that the current information does not match the construction information), such that the user equipment is caused to operate absent the one or more different functionalities associated with the at least one hardware component (Debates, PDF Page 8 (Paragraph 7), in response to the determination that the current information does not match the construction information: storing, for each of the one or more hardware components in a memory of the RFID tag, the current information that ).  

Regarding claim 13, Debates teaches the computer-implemented method of claim 9, wherein Debates further teaches the respective component identifier comprises OEM information corresponding to the one or more hardware components (Debates, PDF Page 2 (Last Paragraph), discloses that the hardware configuration of the original equipment of the device can be verified by comparing the current hardware configuration information with the stored encrypted construction information, and as disclosed in PDF Page 2 (2nd-to- the- Last Paragraph), when the selected hardware components are installed and the device is assembled, the manufacturer may encrypt the device's International Mobile Station Equipment Identity (IMEI) with the hardware specific configuration parameters and store the encrypted construction information in the memory of a Radio Frequency Identification (RFID) tag contained in the device).  

Regarding claim 14, Debates teaches the computer-implemented method of claim 9, wherein Debates further teaches the device authentication service is operable to configure the one or more hardware components based at least partially on the respective component identifier (Debates, PDF Page 3 (Paragraph 4), discloses that a user may order and purchase a mobile device (e.g., a mobile phone) having a particular hardware configuration of components. If the mobile device 100 and the particular hardware configuration of components is installed in the device, the ).  
 
Regarding claim 17, Debates teaches a system, comprising (Debates, PDF Page 9 (2nd Paragraph), discloses a system): one or more non-transitory storage mediums configured to provide stored code segments, the one or more non-transitory storage mediums coupled to one or more processors, each configured to execute the code segments and causing the one or more processors to (Debates, PDF Page 6 (Paragraph 8), discloses a device 400 that contains a computer-readable memory 412 which enables data storage, for example, data storage devices that can be accessed by a computer and that can permanently store data and executable instructions, and as disclosed in PDF Page 6 (Paragraph 7), the device also contains one or more processors (e.g., microprocessors, controllers, and the like) and / or a processor and memory system implemented as a one-chip system (SoC) that processes computer-executable instructions): Serial No.: 16/240,129_6_ Atty Docket No.: TM.P0610US 
Atty/Agent: Bert E. Bouquetaccess one or more component identifiers corresponding to one or more hardware components installed within a unique user equipment, each of the one or more component identifiers corresponding to at least one hardware component of the user equipment associated with one or more different functionalities (Debates, PDF Page 5 (Paragraph 7), discloses that a radio-frequency identification tag (RFID tag) in the mobile device is queried for construction information for the hardware verification of the hardware components in the mobile device […]. The construction information 110 corresponds to the time of installation of the hardware components 108 during the manufacture and assembly of the mobile device, the construction information being the manufacturer identification (ID) 116 and / or the model ID 118 for each of the respective hardware components, and as disclosed in PDF Page 3 (Paragraph 1), functionality of one or more hardware components, and/or as disclosed in PDF Page 8 (Paragraph 7), restricting the functionality of at least one of the one or more hardware components); 
determine authentication statuses for individual hardware components of the one or more hardware components (Debates, PDF Page 5 (Last Two Paragraphs), discloses that a current information is identified for each of the hardware components in the mobile device. For example, the bootloader identifies 130 who is in the mobile device 100 is implemented, the current information 134 (e.g., a manufacturer ID and / or a model ID) for each of the respective hardware components 108 that in the mobile device 100 are installed. Identifying the current information may include that of the bootloader 130 the current hardware configuration information of each of the hardware components 108 determined. At pos. 308 a determination is made as to whether the current information matches the stored construction information. For example, it determines or determines in the mobile device 100 implemented boot loader 130 whether the current information 134 for each of the hardware components 108 with ); 
detect at least one hardware component of the one or more hardware components for which the respective authentication status indicates that the at least one hardware component is not authenticated (Debates, PDF Page 6 (2nd Paragraph), if the construction information and the current information do not match (i.e., "No" at pos. 308 ), at pos. 312 a message is displayed informing a user that at least one of the hardware components does not match the build information (i.e., indicates that an unauthorized hardware component is installed). For example, the bootloader determines 130 that the construction information 110 and the current one information 134 for a particular hardware component, and initiates the display of a message on the integrated display device 106 indicating that at least one unauthorized hardware component 108 in the mobile device 100 is installed); and
deactivate the at least one hardware component of the one or more hardware components (Debate, PDF Page 9 (Paragraph 7), wherein one of the hardware components is a device memory and wherein the bootloader restricts access to the device memory in response to a determination that the current information does not match the construction information), such that the user equipment is caused to operate absent the one or more different functionalities associated with the at least one hardware component (Debate, PDF Page 8 (Paragraph 7), in response to the determination that the current information does not match the construction information: storing, for each of the one or more hardware components in a memory of the RFID tag, the current information that does not match the construction information; loading a limited functionality operating system in the mobile device; and restricting the functionality of at least one of the one or more hardware components).  

Regarding claim 19, Debates teaches the of claim 17, wherein Debates further teaches determining authentication statuses comprises accessing a network record using the respective component identifier to obtain authentication data (Debates, PDF Page 4 (Paragraph 3), discloses that the bootloader 130 can with the RFID tag 112 communicate and query this (e.g., via the RFID reader 120 or the communication bus 132 ) to the construction information 110 for the hardware verification of the hardware components 108 in the mobile device, and as disclosed in PDF Page 4 (Paragraph 4), in addition, the bootloader 130 each of the hardware components 108 query to over the communication bus 132 a current information 134 regarding each of the respective hardware components. The current information 134 usually contains hardware component configuration information of the same type as the design information 110 , for example, the manufacturer ID and / or the model ID of each hardware component, including identification information), and comparing the respective component identifier with the authentication data (Debates, PDF Page 4 (Paragraph 5), discloses that the boot loader 130 the construction information 110 with the current one information 134 for each of the respective hardware components 108 and may execute various instructions based on whether the current information ).  

Claim Rejections - 35 U.S.C. 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-5, 7, 10-11 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Debates, Scott (DE 102017100886 A1; PUBLISHED ON 27-Jul-2017), hereinafter (Debates), in view of Aissi; Selim (US 2014/0066015 A1), hereinafter (Aissi).

Regarding claim 2, Debates teaches the one or more non-transitory computer-readable media of claim 1, wherein Debates fails to explicitly disclose but Aissi teaches the component identifier includes an embedded UICC identity (EID) corresponding to an embedded UICC (eUICC) of the user equipment (Aissi, Para. [0038], discloses a “subscriber identity/identification module” (SIM) is an example of a ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into the teachings of ‘Debates’, with a motivation wherein the component identifier includes an embedded UICC identity (EID) corresponding to an embedded UICC (eUICC) of the user equipment, as taught by Aissi, in order to verify the integrity of mobile device to ensure the mobile device is in a trusted State.; Aissi, Para. [0061].

Regarding claim 3, Debates teaches the one or more non-transitory computer-readable media of claim 1, wherein Debates fails to explicitly disclose but Aissi teaches the component identifier comprises a hash generated via a hash function (Aissi, Para. [0077], discloses that the cryptographic operations can be performed on the hardware component identifier or unique number of the respective components. The result (i.e., hash) of the cryptographic operations can be stored in the corresponding attestation register).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into 

Regarding claim 4, Debates teaches the one or more non-transitory computer-readable media of claim 1, wherein Debates fails to explicitly disclose but Aissi teaches the data store comprises an equipment identity register (EIR) (Aissi, Para. [0074], discloses that the device integrity check 308 may involve reading a set of attestation values from attestation registers (i.e., EIR) maintained by the Root of Trust of mobile device 350 if such is available. Each attestation register may correspond to a component of mobile device 350 (e.g., any one of hardware components, firmware components, operating system components, virtual machine monitor, existing applications, etc.)).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into the teachings of ‘Debates’, with a motivation wherein the data store comprises an equipment identity register (EIR), as taught by Aissi, in order to indicate/verify the integrity of the respective hardware components; Aissi, Para. [0077].

Regarding claim 5, Debates teaches the one or more non-transitory computer-readable media of claim 1, wherein Debates fails to explicitly disclose but Aissi teaches at least one component identifier of the set of component identifiers comprises a group component identifier (Aissi, Para. [0074], discloses that the device integrity check 308 may involve reading a set of attestation values from ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into the teachings of ‘Debates’, with a motivation wherein at least one component identifier of the set of component identifiers comprises a group component identifier, as taught by Aissi, in order to indicate/verify the integrity of the respective hardware components; Aissi, Para. [0077].

Regarding claim 7, Debates teaches the one or more non-transitory computer-readable media of claim 1, wherein Debates fails to explicitly disclose but Aissi teaches at least one component identifier of the set of Serial No.: 16/240,129_3_Atty Docket No.: TM.P0610USAtty/Agent: Bert E. Bouquetcomponent identifiers corresponds to an account identifier of an account associated with the user equipment (Aissi, Para. [0044], discloses an enrollment process of registering a mobile device for a service such that the service can be accessed from the mobile device. In some instances, a user may have an existing account with a service provider, but may not be able to access the service from the user's mobile device unless the mobile and/or see also Para. [0089], discloses a PIN (i.e., account identifier of an account) used for unlocking mobile device 350).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into the teachings of ‘Debates’, with a motivation wherein the component identifier corresponds to an account identifier of an account associated with the user equipment, as taught by Aissi, in order to verify that the user is the authorized user of mobile device; Aissi, Para. [0089].

Regarding claim 10, Debates teaches the computer-implemented method of claim 9, wherein Debates fails to explicitly disclose but Aissi teaches the one or more hardware components comprise a subscriber identity module (SIM) card and the respective component identifier comprises an integrated circuit card identity (ICCID) corresponding to the SIM card (Aissi, Para. [0038], discloses a “subscriber identity/identification module” (SIM) is an example of a trusted execution environment. The SIM is commonly used to securely store the international mobile subscriber identity (IMSI) and the related key used to identify and authenticate subscribers on mobile devices. A SIM circuit is embedded into a removable plastic card. This plastic card is called “SIM card' and can be transferred between different mobile devices. A SIM card is an example of a trusted execution environment, however, other variations of a SIM card, such as a universal integrate circuit card (UICC) may be interchangeably used herein, without departing from the scope of the invention. And as disclosed in Para. [0115], wherein the integrity of the hardware configuration of the mobile device is determined. This may include determining what hardware components (e.g., secure ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into the teachings of ‘Debates’, with a motivation wherein the one or more hardware components comprise a subscriber identity module (SIM) card and the respective component identifier comprises an integrated circuit card identity (ICCID) corresponding to the SIM card, as taught by Aissi, in order to verify the integrity of mobile device to ensure the mobile device is in a trusted State.; Aissi, Para. [0061].

Regarding claim 11, Debates teaches the computer-implemented method of claim 9, wherein Debates fails to explicitly disclose but Aissi teaches the respective component identifier comprises at least one group component identifier that includes a set of component identifiers, each of the set of component identifiers corresponding to a unique hardware component of the user equipment (Aissi, Para. [0074], discloses that the device integrity check 308 may involve reading a set of attestation values from attestation registers maintained by the Root of Trust of mobile device 350 if such is available. Each attestation register may correspond to a component of mobile device 350 (e.g., any one of hardware components, firmware components, operating system components, virtual machine monitor, existing applications, etc.). In some embodiments, each attestation register can correspond to a group of components, and/or as disclosed in Para. [0079], wherein an attestation ).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into the teachings of ‘Debates’, with a motivation wherein the respective component identifier comprises at least one group component identifier that includes a set of component identifiers, each of the set of component identifiers corresponding to a unique hardware component of the user equipment, as taught by Aissi, in order to indicate/verify the integrity of the respective hardware components; Aissi, Para. [0077].

Regarding claim 18, Debates teaches the system of claim 17, wherein Debates fails to explicitly disclose but Aissi teaches the user equipment is authenticated based at least partially on a hash calculated using the respective component identifier (Aissi, Para, [0077], discloses that for hardware components, the integrity of these components can be verified by serial numbers, issuer/manufacturer identification numbers, or other hardware component identifier or unique numbers stored or implemented in the hardware components. The Verification agent may request the hardware components to perform cryptographic operations (hash) using cryptographic keys only available to genuine hardware components. This can provide an indication of the security capabilities of the respective hardware components (e.g., ability to perform certain types of cryptographic operations, etc.). In some embodiments, the cryptographic operations can be performed on the hardware component identifier or unique number of the respective components. The result of the cryptographic and/or as disclosed in Para. [0115], wherein the contents of the secure storage can be hashed, and the result be used as an attestation value for the secure storage. The attestation values of the various hardware components can also be hashed together to generate a hardware attestation value representing the overall integrity of the hardware configuration of the mobile device).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of Aissi‘’ into the teachings of ‘Debates’, with a motivation wherein the user equipment is authenticated based at least partially on a hash calculated using the respective component identifier, as taught by Aissi, by utilizing “Root of trust” (RoT) that can be a combination of one or more of hardware, firmware, and/or software components for performing security-critical functions, such as performing device authentication; Aissi, Para. [0039].

Claims 15 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Debates, Scott (DE 102017100886 A1; PUBLISHED ON 27-Jul-2017), hereinafter (Debates), in view of Bumiller; George B. et al. (US 2007/0124818 A1), hereinafter (Bumiller).

Regarding claim 15, Debates teaches the computer-implemented method of claim 9, wherein Debates fails to explicitly disclose but Bumiller teaches further comprising the steps of: transmitting status updates of the user equipment to the telecommunications service provider, wherein the status updates indicate whether or not the one or more hardware components is authenticated (Bumiller, Para. [0039], discloses that mismatch would occur, for example, if the software and/or hardware components of the communication device 100 have been modified so as to provide different identifiers in step 402 for the hashing algorithm performed in step 404. Performance of the hashing algorithm at step 404 would result in a different hash value being generated based on the different identifiers. In addition to displaying an error message in step 412, a corresponding message indicating this error may be transmitted to the wireless network 20 and/or certain operations of the device may be shut down), the status updates comprising the respective component identifier corresponding to the one or more hardware components authenticated (Bumiller, Para. [0037], discloses to transmit the encrypted IMSTI (generated from hardware and/or software component identifiers) to the wireless network 20).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Bumiller’ into the teachings of ‘Debates’, with a motivation to transmitting the encrypted IMSTI to the wireless network 20. The wireless network 20 stores the encrypted IMSTI and sends confirmation to the communication device 100 that the SIM configuration indicated by the IMSTI has been accepted or rejected; Bumiller, Para. [0037].

Regarding claim 20, Debates teaches the system of claim 17, wherein Debates fails to explicitly disclose but Bumiller teaches the one or more processors are further caused to communicate a status update indicating that the at least one hardware component of the user equipment is authenticated to a telecommunications service provider, and the status updates are communicated to the telecommunications service provider on a scheduled basis (Bumiller, Para. [0039], discloses that mismatch would occur, for example, if the software and/or hardware components of the communication device 100 have been modified so as to provide different identifiers in step 402 for the hashing algorithm performed in step 404. Performance of the hashing algorithm at step 404 would result in a different hash value being generated based on the different identifiers. In addition to displaying an error message in step 412, a corresponding message indicating this error may be transmitted to the wireless network 20), the status updates comprising the respective component identifier and an integrated circuit card identity (ICCID) corresponding to a subscriber identity module (SIM) card of the user equipment (Bumiller, Para. [0037 and 0047], discloses to transmit the encrypted IMSTI (generated from hardware and/or software component identifiers) to the wireless network 20, and as disclosed in Para. [0047], the newly installed SIM card of the device 100 transmits a validation request to the wireless network 20); and upon failure to transmit the status updates on the scheduled basis, disabling the one or more functionalities of the user equipment (Bumiller, Para. [0039], discloses that, in addition to displaying an error message in step 412, a corresponding message indicating this error may be transmitted to the wireless network 20 and/or certain operations of the mobile communication device ( of Fig. 2A) may be shut down).
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Bumiller’ into the teachings of ‘Debates’, with a motivation to transmitting the encrypted IMSTI to the wireless network 20. The wireless network 20 stores the encrypted IMSTI and sends .

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALI CHEEMA, whose telephone number is 571-272-1239. The examiner can normally be reached on 8AM-4PM (EST) Monday-Friday. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached on 571-272-7624.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 


/ALI CHEEMA/
Examiner, Art Unit 2496

/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496