DETAILED ACTION
Notice of Pre-AIA  or AIA  Status

1.    	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

2.    	Claims 1 -18 are pending. Claims 1, 11, and 18 are in independent forms. Claim 18 has been 

amended. Claim 19 has been canceled.

Priority
3. 	Foreign priority has been claimed to Indian application # 201811013305 filed on 04/06/2018.


Information Disclosure Statement

4. 	The information disclosure statements (IDS's) submitted on 09/30/2020 in compliance with 

provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by 

the examiner.

Drawings

5. 	The drawings filed on 09/30/2020 are accepted by the examiner.


Claim Rejections - 35 USC § 103
6.	The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

7.	Claims 1-4, 6, 10-13, and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Bajko et al. US Patent Application Publication No. 2006/0280305 (hereinafter Bajko) in view of Garcia Martin et al. US Patent Application Publication No. 2016/0183180 (hereinafter Garcia).
Regarding claim 1, Bajko discloses a method for securing authentication between a User Equipment (UE) (Fig. 2, MN 12) and a network node (Fig. 2, BSF 8), the method comprising: 
“sending a plurality of identifiers to the network node, wherein the plurality of identifiers are supported by the UE and indicating at least one authentication measure for the network node” (see Bajko par. 0166, provide a method, apparatus and computer program product(s) to send a wireless network (WN) a first message that is comprised of a list of authentication mechanisms supported by a node and, in association with each authentication mechanism, a corresponding identification (identifiers), and determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the node, and including in a first response message to the node information pertaining to the determined authentication mechanism in conjunction with the corresponding identification); and 
Bajko does not explicitly discloses attaching a priority tag for each of the plurality of the identifiers.
However in analogues art, Garcia discloses  attaching a priority tag for each of the plurality of the identifiers (see Garcia Abstract, Fig. 1, pars. 0033-0041, The user terminal (100) obtains (s20) information (50), i.e. “tag information”, from an electronic tag or a visual tag. The user terminal (100) transmits (s40), to a network node hosting an access network discovery and selection function (ANDSF), i.e. to an “ANDSF node” (200), the tag information (50). The ANDSF node (200) then transmits (s60), to the user terminal (100), credentials (70) for allowing the user terminal (100) to connect to said access network).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Garcia into the system of Bajko in order to include a sending unit configured to send, to an ANDSF node, said tag information. The receiving unit is 

Regarding claim 2, Bajko in view of Garcia discloses the method as claimed in claim 1, 
Garcia further discloses sorting the plurality of identifiers based on the attached priority tag, wherein the attached priority tag indicates the order of UE's preference for securing the authentication (see Garcia par. 0058). 
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Garcia into the system of Bajko in order to include a sending unit configured to send, to an ANDSF node, said tag information. The receiving unit is configured to receive, from the ANDSF node, credentials for allowing the user terminal to connect to the access network (see Garcia par. 0015).

Regarding claim 3, Bajko in view of Garcia discloses the method as claimed in claim 1, 
Bajko further discloses wherein the network node is configured to select at least one authentication measure from based on the plurality of identifiers sent by the UE (see Bajko par. 0015).

Regarding claim 4, Bajko in view of Garcia discloses the method as claimed in claim 1, 
Bajko further discloses wherein the authentication measure selected by the network node is indicated to the UE based on at least one parameter (see Bajko par. 0053).

Regarding claim 10, Bajko in view of Garcia discloses the method as claimed in claim 1, 
Garcia further discloses wherein the UE is configured to instruct the network node to override the priority tag and respond with another preference (see Garcia par. 0051). 


Regarding claim 11, Bajko discloses a method for securing authentication between a User Equipment, UE (Fig. 2, MN 12) and a network node (Fig. 2, BSF 8), the method comprising: 
“selecting an authentication measure based on a plurality of supported identifiers received from the UE” (see Bajko par. 0018, a method that includes sending to a network a first message that is comprised of a list of authentication mechanisms supported by a device and, in association with each authentication mechanism, a corresponding identity; and receiving from the network a first response message, the first response message comprising information pertaining to an authentication mechanism selected by the network from the list in conjunction with a corresponding identity); 
Bajko does not explicitly discloses transmitting a plurality of identifiers to the UE in one of broadcasting mode or pre-provisioned mode.
However, in analogues art, Garcia discloses transmitting a plurality of identifiers to the UE in one of broadcasting mode or pre-provisioned mode (see Garcia par. 0039-0040, ANDSF node 200 is capable of being provisioned with data pertaining to electronic and/or visual tags, such as for example a third party identifier (third party ID), to identify the third party maintaining the access network, and a tag identifier (tag ID). In step s60, ANDSF node 200 sends s60.sub.1, to user terminal 100, the credentials 70 for enabling user terminal 100 to connect to the access network, and user terminal 100 receives s60.sub.2 credentials 70. The electronic tag and/or a visual tag may, in one embodiment, be located within, or in the vicinity of, the area covered by the access network for which the credentials 70 are transmitted).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Garcia into the system of Bajko in order to include ANDSF node transmit to the user terminal, policy information indicating that connecting to the access network for which the credentials are transmitted is preferred over other access networks (see Garcia par. 0010).

Regarding claim 12, Bajko in view of Garcia discloses the method as claimed in claim 11, 
Bajko further discloses wherein the selection is based on one of subscription data, type of access network, type of serving network, home network policies, the UE subscribed network or the type of UE (see Bajko par. 0028).

Regarding claim 13, Bajko in view of Garcia discloses the method as claimed in claim 11, 
Bajko further discloses wherein the network node is configured to: replay a parameter containing a plurality of supported authentication measure received; and send a part of the parameter to the UE to ensure that it has been unchanged (see Bajko par. 0073).

Regarding claim 17, Bajko in view of Garcia discloses the method as claimed in claim 11, 
Garcia further discloses wherein the network node is configured to send a mismatch tag to the UE corresponding to mismatch in capabilities of the network node (see Garcia pars. 0069-0070).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Garcia into the system of Bajko in order to include ANDSF node transmit to the user terminal, policy information indicating that connecting to the 
 
Regarding claim 18, Bajko discloses a system having a user equipment (UE) (Fig. 2, MN 12) and a base station (Fig. 2, BSF 8), the system comprising: 
“sending a plurality of identifiers to a network node, wherein the plurality of identifiers are supported by the UE and indicating at least one authentication measure for the network node” (see Bajko par. 0166, provide a method, apparatus and computer program product(s) to send a wireless network (WN) a first message that is comprised of a list of authentication mechanisms supported by a node and, in association with each authentication mechanism, a corresponding identification (identifiers), and determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the node, and including in a first response message to the node information pertaining to the determined authentication mechanism in conjunction with the corresponding identification); 
Bajko does not explicitly discloses attaching a priority tag for each of the plurality of the identifiers.
However in analogues art, Garcia discloses  attaching a priority tag for each of the plurality of the identifiers (see Garcia Abstract, Fig. 1, pars. 0033-0041, The user terminal (100) obtains (s20) information (50), i.e. “tag information”, from an electronic tag or a visual tag. The user terminal (100) transmits (s40), to a network node hosting an access network discovery and selection function (ANDSF), i.e. to an “ANDSF node” (200), the tag information (50). The ANDSF node (200) then transmits (s60), to the user terminal (100), credentials (70) for allowing the user terminal (100) to connect to said access network).
.

8.	Claims 5-9 and 14-16 are rejected under 35 U.S.C. 103 as being unpatentable over Bajko et al. US Patent Application Publication No. 2006/0280305 (hereinafter Bajko) in view of Garcia Martin et al. US Patent Application Publication No. 2016/0183180 (hereinafter Garcia) in further view of Escott et al. US Patent Application Publication No. 2011/0314287 (hereinafter Escott).
Regarding claim 5, Bajko in view of Garcia discloses the method as claimed in claim 4, 
Bajko in view of Garcia does not explicitly discloses wherein the parameter is forwarded by a Mobile Equipment to Universal Subscriber Identity Module, USIM, in correspondence with the authentication measure used by the USIM with a specific procedure.
However, in analogues art, Escott discloses wherein the parameter is forwarded by a Mobile Equipment to Universal Subscriber Identity Module, USIM, in correspondence with the authentication measure used by the USIM with a specific procedure (see Escott par. 0081, the wireless device 600 may include secured processing within the universal integrated circuit card (UICC) 608. The UICC 608 may be removably coupled to the wireless device 600. The UICC 608 may be pre-provisioned with subscriber security credentials (e.g., subscriber-specific key 607 and/or subscriber identity 609), such as initial authentication and key agreement (AKA) credentials. Alternatively, secured processing may be performed within a universal subscriber identity module (USIM)). 
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Bajko and Garcia 

Regarding claim 6, Bajko in view of Garcia discloses the method as claimed in claim 4,           Bajko in view of Garcia does not explicitly discloses wherein the UE is configured to: receive a
plurality of identifiers supported by the network node in one of broadcasted mode or a pre-provisioned mode, and select the authentication measure based on the parameter containing information.
	However, in analogues art, Escott discloses receive a plurality of identifiers supported by
the network node in one of broadcasted mode or a pre-provisioned mode, and select the authentication measure based on the parameter containing information (see Escott pars. 0080-0083, The trusted environment 606 may be pre-provisioned (or securely embedded) with at least some security credentials (e.g., device-specific key 605 and/or device identity 611. the wireless device 600 may include secured processing within the universal integrated circuit card (UICC) 608. The UICC 608 may be removably coupled to the wireless device 600. The UICC 608 may be pre-provisioned with subscriber security credentials (e.g., subscriber-specific key 607 and/or subscriber identity 609), such as initial authentication and key agreement (AKA) credentials).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Bajko and Garcia in order for a wireless device to include a device identifier associated with the device-specific key. Additionally, the wireless device may be pre-provisioned with a subscriber-specific key  (see Escott par. 0083).

Regarding claim 7, Bajko in view of Garcia discloses the method as claimed in claim 6, 
Bajko in view of Garcia does not explicitly discloses wherein the UE is configured to: protect the parameter containing the authentication measure using a public key and a first key, and send the protected parameter to a core network to prevent unauthorized modification.
However, in analogues art, Escott discloses protect the parameter containing the authentication measure using a public key and a first key, and send the protected parameter to a core network to prevent unauthorized modification (see Escott pars. 0010-0012, device authentication may be performed by using a shared secret key to encrypt/decrypt certain exchanges between the device and the network entity. In another example, device authentication may be performed by: (a) receiving data from the network entity that is encrypted with a public key of the device. A security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be generated as a function of at least a first key obtained from subscriber authentication and a second key obtained from device authentication. Additionally, the security key may also be a function of a network nonce and a device nonce. The security key may then be used to secure communications between the device and a serving network. Note that the security key may be separately generated by the device and the network entity, so it is not transmitted over the air). 
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Bajko and Garcia in order to include a security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be used to secure communications between the device and a serving network (see Escott Abstract).

Regarding claim 8, Bajko in view of Garcia in further view of Escott discloses the method as claimed in claim 7, 
(see Escott par. 0079).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Bajko and Garcia in order to include a security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be used to secure communications between the device and a serving network (see Escott Abstract).

Regarding claim 9, Bajko in view of Garcia in further view of Escott discloses the method as claimed in claim 8, 
Escott further discloses wherein the UE is configured to store and use an identifier associated with the third key to identify at least one of an intermediate key generated upon authentication and related information (see Escott par. 0098).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Bajko and Garcia in order to include a security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be used to secure communications between the device and a serving network (see Escott Abstract).

Regarding claim 14, Bajko in view of Garcia discloses the method as claimed in claim 13, 
Bajko in view of Garcia does not explicitly discloses wherein the network node sends the part of the parameter to the UE upon protection, wherein the protection is based on a first key and a second key.
(see Escott par. 0010, A security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be generated as a function of at least a first key obtained from subscriber authentication and a second key obtained from device authentication).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Bajko and Garcia in order to include a security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be used to secure communications between the device and a serving network (see Escott Abstract).

Regarding claim 15, Bajko in view of Garcia in further view of Escott discloses the method as claimed in claim 14, 
Escott further discloses wherein the second key is stored in a server along with a third key (see Escott pars.  0088, 0097).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Bajko and Garcia in order to include a security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be used to secure communications between the device and a serving network (see Escott Abstract).

Regarding claim 16, Bajko in view of Garcia in further view of Escott discloses the method as claimed in claim 15, 
(see Escott par. 0079).
Therefore it would have been obvious to a person of ordinary skill in the art before the effective filing date of the application to incorporate the teachings of Escott into the system of Barrett and Garcia in order to include a security key may then be generated that binds the subscriber authentication and the device authentication. The security key may be used to secure communications between the device and a serving network (see Escott Abstract).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMUEL AMBAYE whose telephone number is (571)270-7635. The examiner can normally be reached M-F 9:00 AM - 6:00 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey Pwu can be reached on (571) 272-6798. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and 



/SAMUEL AMBAYE/Examiner, Art Unit 2433             


                                                                                                                                                                                                                                                                                                                                                                             /FATOUMATA TRAORE/Primary Examiner, Art Unit 2436