DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .



Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/09/2021 has been entered.



Response to Arguments
Applicant's arguments filed on 11/09/2021 have been fully considered.  Applicant asserts: 
Re Claim 1: Specifically, there is nothing in Zhang disclosing or suggesting that the ME Identity that is included in the response message comprise "[a] hash value" that was generated by "by inputting into a hash function a string that comprises an electronic identifier (EID) for the subscriber entity."
Examiner very kindly points out that BABBAGE already discloses access identifier that comprises the generated hash value and “generating a hash value by inputting into a hash function a string that comprises an electronic identifier (EID) for the subscriber entity;” (See BABBAGE [0064]: the key could be a hash of one or both of: the fake IMSI; and the IMEI) See BABBAGE [0024] the subscriber 
Re Claims 8, 24, and 27: Remarks for claim 1 apply to claims 8, 24, and 27.  
See Above.
Re Claim 14  
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action (See the body of the rejection below).
Re Claim 30: Remarks for claim 14 apply to claim 30.
See Above.



Claim Objections
Claims 14 and 30 are objected to because of the following informalities:  Claims 14 and 30 recites “the subscription portal entity generating and identifier using the generated hash value.”  It appears to mean “the subscription portal entity generating [[and]]an identifier using the generated hash value.”  Appropriate correction is required. 



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:

A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this 


Claims 1, 2, 18, 19, 20, and 24 are rejected under 35 U.S.C. 103 as being unpatentable over BABBAGE (US 20170041733 A1) in view of Zhang (US 20200260259 A1) and GELLER (US 20160173406 A1)

Re: Claim 1
BABBAGE discloses a method for initial network access of a subscriber entity to a radio access network, the method being performed by the subscriber entity, the method comprising: 
(See BABBAGE [0058]: the subscriber 120 has a subscription unit, which likely comprises a UICC or SIM card (not shown) coupled to (or integrated with) a device (also not shown))
transmitting an attach message towards a network node (See BABBAGE [0011] The admission platform (which is typically logically separate from the subscription manager and generally also physically separate therefrom, but can be integrated) may otherwise act as a regular network element), the attach message indicating a request for network access of the subscriber entity to a radio access network of the network node; (See BABBAGE The admission platform 100, [0032]: the visited PLMN (especially an MME))
See BABBAGE [0058] The admission platform 100 comprises: a network interface 101 [0059] The network interface 101 receives an initialisation request (as part of an Attach procedure, for example, in a cellular network) for access to a network on behalf of the subscriber 120.

generating a hash value by inputting into a hash function a string that comprises an electronic identifier (EID) for the subscriber entity; (See BABBAGE [0064]: the key could be a hash of one or both of: the fake IMSI; and the IMEI)
See BABBAGE [0024] the subscriber . . . comprising: a subscriber identity, as discussed herein; and a subscriber key (such as a Ki), with a low level of security.  For example, the subscriber key may be based on one or more of: the IMSI; the IMEI; the MAC address; a fixed key.  The combination may be a cryptographic hash.
NOTE: Also See [0023], [0028], [0029], and [0082] for further details on the subscriber identity. 
wherein the generated Access Identifier comprises the generated hash value;
See BABBAGE [0024] the subscriber . . . comprising: a subscriber identity, as discussed herein; and a subscriber key (such as a Ki), with a low level of security.  For example, the subscriber key may be based on one or more of: the IMSI; the IMEI; the MAC address; a fixed key.  The combination may be a cryptographic hash.
the attach message comprising the generated Access Identifier that comprises the generated hash value (See BABBAGE [0082] The running part of the temporary IMSI . . . may be random, based on a predetermined algorithm or even fixed. NOTE: as mentioned above, [0024] discloses a predetermined algorithm being a cryptographic hash), the Access Identifier indicating that the subscriber entity is subscription-less; and 
See BABBAGE Fig. 2, [0059] The initialisation request indicates a temporary subscriber identity (such as a temporary IMSI) [0016]:  a part of the subscriber identity may comprise a predetermined code, identifying the subscriber as a special (such as new) subscriber.

receiving a grant from the network node, the grant allowing the subscriber entity
See BABBAGE [0059]: the network interface 101 assigns the new subscriber limited access rights to the network, generally by communicating with the MME 115.  These limited access rights are for user-plane communication between the new subscriber and a subscription manager (not shown) only, for reconfiguration of the subscriber identity. 
NOTE: Also See [0010], [0015] and [0024]: the initial access is significantly restricted (only to communication with the subscription manager) and subsequent (less restricted) access may only be granted after a further provisioning exchange with the subscription manager.

BABBAGE does not appear to explicitly disclose receiving an identification request originating from the network node, the identification request requesting identification of the subscriber entity; transmitting towards the network node a response message responsive to the identification request, the response
In a similar endeavor, Zhang discloses receiving an identification request originating from the network node, the identification request requesting identification of the subscriber entity; 
See Zhang Fig. 6-1, [0002]: Mobile Equipment ("ME").  [0101] In step 630, an ME Identity (IMEISV) shall be retrieved from the mobile unit 105.
transmitting towards the network node a response message responsive to the identification request, the response message comprising the generated Access Identifier
See Zhang Fig. 6-1, [0002]: Mobile Equipment ("ME").  [0101] In step 630, an ME Identity (IMEISV) shall be retrieved from the mobile unit 105.  The ME identity shall be transferred encrypted.
BABBAGE and Zhang are analogous art because both are directed to subscriber accessing network (See BABBAGE Abstract and Zhang Fig. 6). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE invention by employing the teaching as taught by Zhang to provide the limitation.  The motivation for the combination is given by Zhang which ensures subscriber identity is provided and enhances security measures. 
		
		BABBAGE in view of Zhang does not appear to explicitly disclose generating an Access Identifier using the generated hash value (Emphasis added)
		In a similar endeavor, GELLER discloses generating an Access Identifier using the generated hash value
		See GELLER [0095] generate the URI of a group by applying a hash function (e.g., a version of the Message Digest 5 (MD5) algorithm, the Secure Hash Algorithm SHA-1, or another suitable hash function) to the provided access identifier and group name, and appending the resulting hash value to a base URI path designated for group resources 140.
Note, BABBAGE in view of Zhang and GELLER are analogous art because both are directed to user identity authentication (See BABBAGE [0031] and GELLER [0038]). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE in view of Zhang invention by employing the teaching as taught by GELLER to provide the limitation.  The motivation for the combination is given by GELLER which improves security measure.

Re: Claim 2
BABBAGE in view of Zhang and GELLER discloses wherein the grant allows the subscriber entity limited network access to a subscription portal entity.  (See BABBAGE [0024]: the subscription manager)
See BABBAGE [0024]: the initial access is significantly restricted (only to communication with the subscription manager) and subsequent (less restricted) access may only be granted after a further provisioning exchange with the subscription manager.

Re: Claim 18
BABBAGE in view of Zhang and GELLER discloses wherein the network access of the subscriber entity is limited to actions needed to be performed by the subscriber entity for subscription profile download.  (See BABBAGE [0006]: the UICC needs to be loaded with an initial International Mobile Subscriber Identity (IMSI), subscriber key (Ki) and profile (a so-called "provisioning subscription") in order to connect to a mobile network and download a permanent subscription.)
See BABBAGE [0024]: the initial access is significantly restricted (only to communication with the subscription manager) and subsequent (less restricted) access may only be granted after a further provisioning exchange with the subscription manager.
NOTE: Also See [0060]

Re: Claim 19
BABBAGE in view of Zhang and GELLER discloses wherein a cellular radio access technology is used for the network access of the subscriber entity.  
See BABBAGE [0060]: a "minimal" provisioning subscription, with very little security, but just enough to allow an initial connection via a cellular network to the subscription manager can therefore be used.
NOTE: Also See [0019] and [0059] re an Attach procedure, for example, in a cellular network.

Re: Claim 20
BABBAGE in view of Zhang and GELLER discloses wherein the Access Identifier (See BABBAGE [0027]: the initial key (for the provisioning subscription used at first) is based on a hash of identity information of the subscriber entity.  
See BABBAGE [0024]: the subscriber key may be based on one or more of: the IMSI; the IMEI; the MAC address; a fixed key.  The combination may be a cryptographic hash. [0064]: the key could be a hash of one or both of: the fake IMSI; and the IMEI.
NOTE: Also See [0028]. 

Re: Claim 24
BABBAGE in view of Zhang and GELLER discloses a subscriber entity (See BABBAGE Fig. 1, [0058]: the subscriber 120 has a subscription unit, which likely comprises a UICC or SIM card (not shown) coupled to (or integrated with) a device (also not shown)) for initial network access of the subscriber entity to a radio access network, the subscriber entity comprising: 
a receiver; a transmitter; and processing circuitry, the processing circuitry being configured to cause the subscriber entity to: 
NOTE: While BABBAGE in view of Zhang and GELLER does not explicitly disclose a receiver; a transmitter; and processing circuitry, the processing circuitry being configured to cause the subscriber entity to: it is inherent that the subscriber 120 disclosed in BABBAGE comprises a receiver; a transmitter; and processing circuitry, the processing circuitry being configured to cause the subscriber entity to execute the functions disclosed in the reference.
transmit an attach message towards a network node, the attach message indicating a request for network access of the subscriber entity to a radio access network of the network node;
receive an identification request originating from the network node, the identification request requesting identification of the subscriber entity; 
generate a hash value by inputting into a hash function a string that comprises an electronic identifier (EID) for the subscriber entity; 5Application No. 16/767,988 Attorney Docket: 3602-1991US1 
generate an Access Identifier using the generated hash value, wherein the generated Access Identifier comprises the generated hash value; 
transmit towards the network node a response message responsive to the identification request, the response message comprising the Access Identifier that comprises the generated hash value, the Access Identifier indicating that the subscriber entity is subscription- less; and receive a grant from the network node, the grant allowing the subscriber entity limited network access.
NOTE: See the rejection of Claim 1. 


Claim 3 is rejected under 35 U.S.C. 103 as being unpatentable over BABBAGE in view of Zhang and GELLER as applied to Claim 1 above, and further in view of Yi (US 20190268757 A1)

Re: Claim 3
BABBAGE in view of Zhang and GELLER disclose wherein the grant comprises a network address of Access Point Name for the subscription portal entity. (See BABBAGE [0035] the subscription manager)
See BABBAGE [0035] the instruction comprises an indication of at least one Access Point Name (APN) and preferably only one APN.  . . . the APN may provide access only to the subscription manager, such as using a Virtual Private Network (VPN). . . . Thus, restricting the 
NOTE: Also See [0075]
BABBAGE in view of Zhang and GELLER does not appear to explicitly disclose a network address of the subscription portal entity.  (Emphasis added).
In a similar endeavor, Yi discloses wherein the grant comprises a network address of the subscription portal entity.  
See Yi Fig. 2, [0094] S119.  After successfully establishing the network connection, the first network device returns a response to the first request to the terminal based on identification information of the terminal, to inform the terminal device that the network connection has been successfully established. 
NOTE: See Fig. 2: “S119 Return a response (the download address of the profile)”
Note, BABBAGE in view of Zhang and GELLER and Yi are analogous art because both are directed to subscriber accessing network (See BABBAGE Abstract and Yi Abstract). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE in view of Zhang and GELLER invention by employing the teaching as taught by Yi to provide the limitation.  The motivation for the combination is given by Yi which reduces network usage and provides efficient way to redirect the subscriber. 


Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over BABBAGE in view of Zhang and GELLER as applied to Claim 1 above, and further in view of Karimli (US 20190069122 A1)

Re: Claim 4
BABBAGE in view of Zhang and GELLER does not appear to explicitly disclose 
receiving network configuration information and/or resource discovery information originating from the network node, and wherein the network configuration information and/or resource discovery information comprises a network address of the subscription portal entity.
In a similar endeavor, Karimli discloses receiving network configuration information and/or resource discovery information originating from the network node, and 
See Karimli Fig. 1, [0044] the profile application 214 can send a query to one or more servers associated with a discovery service (e.g., discovery server(s) 106) to determine whether the one or more servers associated with the discovery service are aware of a profile that is available for an identifier associated with the device 200 (e.g., the eSIM 202 of the device).  . . .  
wherein the network configuration information and/or resource discovery information comprises a network address of the subscription portal entity.  
See Karimli Fig. 1, [0044] the profile application 214 can receive a response to the query that includes an address for the service provider associated with the profile to which the identifier is mapped or otherwise associated. 
Note, BABBAGE in view of Zhang and GELLER and Karimli are analogous art because both are directed to subscriber accessing network (See BABBAGE Abstract and Karimli Abstract, [0004]). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE in view of Zhang and GELLER invention by employing the teaching as taught by Karimli to provide the limitation.  The motivation for the combination is given by Karimli which provides efficient way to redirect the subscriber. 


Claims 5 and 6 are rejected under 35 U.S.C. 103 as being unpatentable over BABBAGE in view of Zhang and GELLER as applied to Claim 1 above, and further in view of GAO (US 20160283216 A1)
 
Re: Claim 5
BABBAGE in view of Zhang and GELLER does not appear to explicitly disclose transmitting a request for generation of a subscription profile for the subscriber entity towards the subscription portal entity.  
In a similar endeavor, GAO discloses transmitting a request for generation of a subscription profile (See Gao [0358] an SM-DP generates, for the MNO, a profile that can be downloaded into an eUICC of a terminal) for the subscriber entity towards the subscription portal entity.  
See Gao Fig. 13A, Step 7. [0365] the eUICC sends, to the SM-SR, the request for downloading the profile; 
Note, BABBAGE in view of Zhang and GELLER and Gao are analogous art because both are directed to subscriber accessing network (See BABBAGE Abstract and Gao [0004]). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE in view of Zhang and GELLER invention by employing the teaching as taught by Gao to provide the limitation.  The motivation for the combination is given by Gao which provides efficient way for subscription provisioning. 

Re: Claim 6
BABBAGE in view of Zhang, GELLER and Gao discloses wherein the request for generation of the subscription profile comprises identity information of the subscriber entity, and 
See Gao Fig. 13A, Step 7. [0365] The download request carries at least the token, an ID of the eUICC (marked as an eID for short and the ID of the SM-DP, and optionally, may further carry the ICCID and the identity of the terminal or the classification identity of the terminal.
NOTE: See rejection of Claim 5 for motivation to combine.
wherein the subscriber entity is authenticated by the subscription portal entity based on the identity information.  (See BABBAGE [0042] The authentication information may be a cryptographic key or data derived from the cryptographic key. [0028]: The cryptographic key may be based on the subscription identifier, an identifier for a device associated with the network subscription apparatus or a combination (such as by a cryptographic hash) of both)
See BABBAGE [0041]: the subscriber and subscription manager sharing the authentication information for the purpose of authenticating the subscriber to the subscription manager. 
NONTE: Also See [0047] for additional support.  


Claims 8, 9, and 27 are rejected under 35 U.S.C. 103 as being unpatentable over BABBAGE (US 20170041733 A1) in view of Zhang (US 20200260259 A1)

Re: Claim 8
BABBAGE discloses a method for allowing initial network access of a subscriber entity (See BABBAGE [0058]: the subscriber 120 has a subscription unit, which likely comprises a UICC or SIM card (not shown) coupled to (or integrated with) a device (also not shown)) to a radio access network, the method being performed by a network node (See BABBAGE The admission platform 100, [0032]: the visited PLMN (especially an MME)), the method comprising: 
See BABBAGE [0011] The admission platform (which is typically logically separate from the subscription manager and generally also physically separate therefrom, but can be integrated) may otherwise act as a regular network element)
receiving an attach message originating from the subscriber entity; 
See BABBAGE [0058] The admission platform 100 comprises: a network interface 101 [0059] The network interface 101 receives an initialisation request (as part of an Attach procedure, for example, in a cellular network) for access to a network on behalf of the subscriber 120.
NOTE: Also See [0020] The initialisation request can take a number of different forms.  For example, a Network Attach Request may be communicated from the subscriber to the Visited PLMN.
the attach message comprising an Access Identifier of the subscriber entity (See BABBAGE [0059]: a temporary subscriber identity (such as a temporary IMSI)[0062]: a "fake" IMSI), the Access Identifier indicating that the subscriber entity is subscription-less, 
See BABBAGE Fig. 2, [0059] The initialisation request indicates a temporary subscriber identity (such as a temporary IMSI) [0016]:  a part of the subscriber identity may comprise a predetermined code, identifying the subscriber as a special (such as new) subscriber.
NOTE: Also See [0023], [0029], and [0082] for further details on the subscriber identity. 
wherein the Access Identifier comprises a hash value that was generated by hashing a string comprising an electronic identifier (EID) of the subscriber entity; and
See BABBAGE [0024] the subscriber . . . comprising: a subscriber identity, as discussed herein; and a subscriber key (such as a Ki), with a low level of security.  For example, the subscriber key may be based on one or more of: the IMSI; the IMEI; the MAC address; a fixed key.  The combination may be a cryptographic hash.
NOTE: Also See [0023], [0029], and [0082] for further details on the subscriber identity. 
NOTE: See the rejection of Claim 1 for further details. 
transmitting a grant towards the subscriber entity, the grant allowing the subscriber entity limited network access.  
See BABBAGE [0059]: the network interface 101 assigns the new subscriber limited access rights to the network, generally by communicating with the MME 115.  These limited access rights are for user-plane communication between the new subscriber and a subscription manager (not shown) only, for reconfiguration of the subscriber identity. 
NOTE: Also See [0010], [0015] and [0024]: the initial access is significantly restricted (only to communication with the subscription manager) and subsequent (less restricted) access may only be granted after a further provisioning exchange with the subscription manager.
BABBAGE does not appear to explicitly disclose transmitting an identification request towards the subscriber entity, the identification request requesting identification of the subscriber entity; receiving a response message from the subscriber entity, the response
In a similar endeavor, Zhang discloses transmitting an identification request towards the subscriber entity, the identification request requesting identification of the subscriber entity; 
See Zhang Fig. 6-1, [0002]: Mobile Equipment ("ME").  [0101] In step 630, an ME Identity (IMEISV) shall be retrieved from the mobile unit 105.
receiving a response message from the subscriber entity, the response message comprising an Access Identifier of the subscriber entity
See Zhang Fig. 6-1, [0002]: Mobile Equipment ("ME").  [0101] In step 630, an ME Identity (IMEISV) shall be retrieved from the mobile unit 105.
Note, BABBAGE and Zhang are analogous art because both are directed to subscriber accessing network (See BABBAGE Abstract and Zhang Fig. 6). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE invention by employing the Zhang to provide the limitation.  The motivation for the combination is given by Zhang which ensures subscriber identity is provided and enhances security measures. 

Re: Claim 9
BABBAGE in view of Zhang discloses wherein the grant allows the subscriber entity limited network access to a subscription portal entity.   (See BABBAGE [0024]: the subscription manager)
See BABBAGE [0024]: the initial access is significantly restricted (only to communication with the subscription manager) and subsequent (less restricted) access may only be granted after a further provisioning exchange with the subscription manager.

Re: Claim 27
BABBAGE in view of Zhang discloses a network node (See BABBAGE Fig. 1,   [0011] The admission platform (which is typically logically separate from the subscription manager and generally also physically separate therefrom, but can be integrated) may otherwise act as a regular network element) for allowing initial network access of a subscriber entity to a radio access network, the network node comprising: 
a transmitter; a receiver (See BABBAGE Fig. 1, [0059] The network interface 101); and processing circuitry (See BABBAGE Fig. 1, processor 102), the processing circuitry being configured to cause the network node to: 
receive an attach message originating from the subscriber entity; 
transmit an identification request towards the subscriber entity, the identification request requesting identification of the subscriber entity; 
receive a response message from the subscriber entity, the response message comprising an Access Identifier of the subscriber entity, the Access Identifier indicating that the subscriber entity is subscription-less; 
wherein the Access Identifier comprises a hash value that was generated by hashing a string comprising an electronic identifier (EID) of the subscriber entity; and 
transmit a grant towards the subscriber entity, the grant allowing the subscriber entity limited network access.  
NOTE: See the rejection of Claim 8. 


Claim 10 is rejected under 35 U.S.C. 103 as being unpatentable over BABBAGE in view of Zhang as applied to Claim 1 above, and further in view of Nokia (3GPP)

Re: Claim 10
BABBAGE in view of Zhang disclose wherein the grant is transmitted without the network node having security check the subscriber entity.  
See BABBAGE [0024]: Thus, the security may be handled by the subscription manager rather than the Visited PLMN, admission platform or both.
BABBAGE in view of Zhang does not appear to explicitly disclose authenticated
In a similar endeavor, Nokia discloses wherein the grant is transmitted without the network node having authenticated the subscriber entity.  
See Nokia page 2, 2.1: c) Skip access authentication completely – i.e. the UE doesn’t authenticate the network, and is provided unauthenticated access to the provisioning server.  
Note, BABBAGE in view of Zhang and Nokia are analogous art because both are directed to subscriber accessing network (See BABBAGE Abstract and Nokia Abstract). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE in view of Zhang invention by employing the teaching as taught by Nokia to provide the limitation.  The motivation for the combination is given by Nokia which reduces provisioning time.


Claim 11 is rejected under 35 U.S.C. 103 as being unpatentable over BABBAGE in view of Zhang as applied to Claim 9 above, and further in view of Suh (US 20140141763 A1)

Re: Claim 11
BABBAGE in view of Zhang does not appear to explicitly disclose providing the Access Identifier to the subscription portal entity.  
In a similar endeavor, Suh discloses providing the Access Identifier to the subscription portal entity.  
 (See Suh Fig. 3, [0056]: the USIM Central Center 180 sends the USIM authentication center 190 the information provision verification request message at step 211. [0054]: The information Provision verification request message may include the Mobile Identity (MID))
NOTE: Also See Fig. 5A, [0074] Afterward, the USIM center 191 may sends the OTA server 182 the MID at step 237.
Note, BABBAGE in view of Zhang and Suh are analogous art because both are directed to subscriber accessing network (See BABBAGE Abstract and Suh Abstract). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the BABBAGE in view of Zhang invention by employing the teaching as taught by Suh to provide the limitation.  The motivation for the combination is given by Suh which provides efficient way to communicate subscriber’s identity.


Claims 14, 15, 16, and 30 are rejected under 35 U.S.C. 103 as being unpatentable over Suh in view of BABBAGE (US 20170041733 A1), GELLER, and GAO (US 20160283216 A1)

Re: Claim 14
Suh discloses a method for verification of a subscriber entity, the method being performed by an authentication entity (See Suh Fig. 3: the USIM authentication center 190), the method comprising: 
obtaining an Access Identifier of the subscriber entity from a network node of a radio access network (See Suh Fig. 3: the MME 114) for which network access of the subscriber entity has been requested; and (See Suh Fig. 3, 209 [0054]: Upon receipt of the information Provision request message from the UE 110, the MME 114 sends the USIM Central Center 180 the information Provision Verification Request message.  NOTE: the request from UE is for the network access as disclose in Abstract and [0055])  
(See Suh Fig. 3, [0056]: the USIM Central Center 180 sends the USIM authentication center 190 the information provision verification request message at step 211. [0054]: The information Provision verification request message may include the Mobile Identity (MID))
performing verification of the subscriber entity, wherein the Access Identifier received from the network node is used as reference by the authentication entity during the verification.  (See Suh [0056] The USIM Central Center 180 requests for verifying that the MID identifies the valid user accessible to the operator using the information provision verification request message)
See Suh Fig. 3, [0057]: the USIM Central Center 180 sends the USIM Authentication Center 190 the information provision verification request message and receives the information provision verification response message in replay at steps 211 and 213 as the corresponding procedure.  . . The information provision authentication response message may include MID to indicate corresponding information provision authentication request verified successfully. 

Suh does not appear to explicitly disclose a subscription portal, 
wherein the Access Identifier comprises a hash value that was generated by hashing a string comprising an electronic identifier (EID) of the subscriber entity,
wherein using the Access Identifier received from the network node is used as reference comprises: the subscription portal entity generating a hash value by inputting into a hash function a string that comprises the EID for the subscriber entity; 
the subscription portal entity generating and identifier,
wherein the generated identifier comprises the generated hash value; and 
In a similar endeavor, BABBAGE discloses an authentication performed at a subscription portal
(See BABBAGE [0041]: there is provided a method for managing subscriber authentication in a network . . . the subscriber and subscription manager sharing the authentication information for the purpose of authenticating the subscriber to the subscription manager. . . . authenticating the subscriber to access the network.  This approach may be implemented at the subscription manager)
NOTE: Also See BABBAGE [0011] The admission platform (which is typically logically separate from the subscription manager.
wherein the Access Identifier comprises a hash value that was generated by hashing a string comprising an electronic identifier (EID) of the subscriber entity,
(See BABBAGE [0024] the subscriber . . . comprising: a subscriber identity, as discussed herein; and a subscriber key (such as a Ki), with a low level of security.  For example, the subscriber key may be based on one or more of: the IMSI; the IMEI; the MAC address; a fixed key.  The combination may be a cryptographic hash. 
NOTE: Also See [0023], [0028], [0029], and [0082] for further details on the subscriber identity. 
NOTE: See the rejection of Claim 1 for further details)
wherein using the Access Identifier received from the network node is used as reference comprises: 
NOTE: As mentioned above, Suh discloses the Access Identifier received form the network node.
the subscription portal entity generating a hash value by inputting into a hash function a string that comprises the EID for the subscriber entity; 
See BABBAGE [0074] A combination where the subscription manager derives a temporary key (from the group key, or from the device-unique key, or both) and provides this to the admission platform may also be possible. [0064]: For example, the key could be a hash of one or both of: the fake IMSI; and the IMEI. Alternatively, a fixed key may be used or a hash of one or more of: the fixed key; IMSI; and IMEI. 
NOTE: Also See [0031] 
the subscription portal entity generating and identifier,
See BABBAGE [0074] A combination where the subscription manager derives a temporary key (from the group key, or from the device-unique key, or both) and provides this to the admission platform may also be possible. [0064]: For example, the key could be a hash of one or both of: the fake IMSI; and the IMEI. Alternatively, a fixed key may be used or a hash of one or more of: the fixed key; IMSI; and IMEI. 
wherein the generated identifier comprises the generated hash value; and 
See BABBAGE [0024] the subscriber . . . comprising: a subscriber identity, as discussed herein; and a subscriber key (such as a Ki), with a low level of security.  For example, the subscriber key may be based on one or more of: the IMSI; the IMEI; the MAC address; a fixed key.  The combination may be a cryptographic hash.
Note, Suh and BABBAGE are analogous art because both are directed to subscriber accessing network (See Suh Abstract and BABBAGE Abstract). 
Suh invention by employing the teaching as taught by BABBAGE to provide the limitation.  The motivation for the combination is given by BABBAGE which reduces information exchange, improves subscriber provisioning, and simplifies authentication process.

		Suh in view of BABBAGE does not appear to explicitly disclose generating an Access Identifier using the generated hash value (Emphasis Added)
		In a similar endeavor, GELLER discloses generating an Access Identifier using the generated hash value
		See GELLER [0095] generate the URI of a group by applying a hash function (e.g., a version of the Message Digest 5 (MD5) algorithm, the Secure Hash Algorithm SHA-1, or another suitable hash function) to the provided access identifier and group name, and appending the resulting hash value to a base URI path designated for group resources 140.
Note, Suh in view of BABBAGE and GELLER are analogous art because both are directed to user identity authentication (See Suh [0017] and GELLER [0038]). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the Suh in view of BABBAGE invention by employing the teaching as taught by GELLER to provide the limitation.  The motivation for the combination is given by GELLER which improves security measure.

Suh in view of BABBAGE and GELLER does not appear to explicitly disclose the subscription portal entity comparing the generated identifier to the Access Identifier received from the network node
 In a similar endeavor, Gao discloses the subscription portal entity comparing the generated identifier (See Gao Fig. 13A, [0358] Step 1.  an SM-DP . . . generates a token that  to the Access Identifier received from the network node. [0362] Step 5.  The terminal requests, by using an APDU message, the eUICC to initiate a request for downloading the profile.  . . . a DATA field of the INSTALL command may carry the token, the ICCID)
 (See Gao [0371] Step 12.  The SM-DP verifies whether the token carried in the request for downloading the profile is a valid token, and if the token is valid and the token is obtained by performing an encryption operation on the ICCID, the SM-DP performs a corresponding inverse operation to obtain the ICCID)
Note, Suh in view of BABBAGE and GELLER and Gao are analogous art because both are directed to subscriber accessing network (See Suh Abstract and Gao [0004]). 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the Suh in view of BABBAGE and GELLER invention by employing the teaching as taught by Gao to provide the limitation.  The motivation for the combination is given by Gao which improves security measure for network access.

Re: Claim 15
Suh in view of BABBAGE, GELLER, and Gao discloses 
receiving a request for generation of a subscription profile (See Gao [0358] an SM-DP generates, for the MNO, a profile that can be downloaded into an eUICC of a terminal) for the subscriber entity, the request originating from the subscriber entity.  
See Gao Fig. 13A, Step 7. [0365] the eUICC sends, to the SM-SR, the request for downloading the profile; 
The motivation for the combination is given by Gao which provides efficient way for subscription provisioning. 

Re: Claim 16
Suh in view of BABBAGE, GELLER, and Gao discloses wherein the verification of the subscriber entity is performed upon receiving the request.  
See Gao Fig. 13B, [0366] Step 8.  The SM-SR verifies whether a new profile is allowed to be downloaded into the eUICC
NOTE: Also See Fig. 13B, Step 13 [0402] 
NOTE: Step 8 is performed after Step 7.
The motivation for the combination is given by Gao which eliminated unnecessary processing in case there is no request. 

Re: Claim 30
Suh in view of BABBAGE, GELLER, and Gao discloses a subscription portal entity for verification of a subscriber entity, the subscription portal entity (See BABBAGE Fig. 3, OTA server 14) comprising:
processing circuitry, the processing circuitry being configured to cause the subscription portal entity to: 
NOTE: While Suh in view of BABBAGE, GELLER, and Gao does not explicitly disclose processing circuitry, the processing circuitry being configured to cause the subscription portal entity to:  it is inherent that OTA server 14 disclosed in BABBAGE comprises processing circuitry, the processing circuitry being configured to cause the subscription portal entity to:, execute the functions disclosed in the reference.
NOTE: See the rejection of Claim 14 for motivation to combine. 
obtain an Access Identifier of the subscriber entity from a network node of a radio access network for which network access of the subscriber entity has been requested;7371 of PCT/EP2017/081001Preliminary Amendment Attorney Docket: 3602-1991USand 
perform verification of the subscriber entity, wherein the Access Identifier received from the network node is used as reference by the subscription portal entity during the verification,
wherein the Access Identifier comprises a hash value that was generated by hashing a string comprising an electronic identifier (EID) of the subscriber entity,
wherein the subscription portal entity is configured to use the Access Identifier received from the network node is used as reference by performing a process that includes: generating a hash value by inputting into a hash function a string that comprises the EID for the subscriber entity; generating and identifier using the generated hash value, wherein the generated identifier comprises the generated hash value; and comparing the generated identifier to the Access Identifier received from the network node.
NOTE: See the rejection of Claim 14. 



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MINJUNG KIM whose telephone number is (408) 918-7693.  The examiner can normally be reached on Monday-Friday 9am to 2pm PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Wang-Hurst, Kathy can be reached on (571) 270-5371.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/MINJUNG KIM/
Examiner, Art Unit 2644