Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Examiner’s Amendment
	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee. (See MPEP § 1302.04)
Authorization for this examiner’s amendment was given in a telephone interview with Mr. David Hall on 2/9/2022.

The claims have been amended as follows: 

1.    (Currently Amended) An access regulating device for a communication terminal using a communication network, the access regulating device comprising processing circuitry configured to: 
obtain an indication that the communication terminal is a potentially compromised communication terminal; 
analyse the obtained indication; 
select a type of communication restriction based on the analysis, where a first type of communication restriction comprises barring the communication terminal from using the 
inform at least one network node responsible for handling communication restrictions of the type selected for the communication terminal in order for the communication network to effectuate the communication restriction;
wherein the indication comprises a confidence setting, the analysis comprises analysing the confidence setting, and the selecting of a type of communication restriction is performed if the confidence setting exceeds a confidence threshold.

2.         (Previously Presented) The access regulating device according to claim 1, wherein the limiting of use comprises limiting the use to a low-priority tunnel.

3.         (Previously Presented) The access regulating device according to claim 2, wherein the communication terminal uses a first assigned bearer before the selection of the type of communication restriction and the limiting of use comprises selecting a bearer for use by the communication terminal with lower priority than the first assigned bearer, and wherein the bearer is an evolved packet system bearer.

4.         (Canceled) 

5.         (Previously Presented) The access regulating device according to claim 1, wherein the communication terminal communicates using narrowband Internet-of-Things.



7.         (Previously Presented) The access regulating device according to claim 1, wherein the access regulating device is implemented through least a part of a server in a data centre.

8.         (Currently Amended) The access regulating device according to claim 1, wherein the limiting of use comprises limiting 

9.         (Canceled) 

10.       (Previously Presented) The access regulating device according to claim 1, wherein the indication comprises a time of determining that the communication terminal is potentially compromised and the analysing comprises investigating the time of determining, where the first type of restriction is selected if the time of determining is older than an age threshold and the second type of restriction is selected if the time of determining is younger than the age threshold.

11.       (Previously Presented) The access regulating device according to claim 1, wherein the selecting of type of communication restriction is based on policy rules provided for the communication terminal.



13.       (Previously Presented) The access regulating device according to claim 1, the processing circuitry being configured to: 
obtain a further indication of a potential compromise and perform a re-evaluation of the selected type of restriction based on the further indication.

14-15.  (Canceled) 

16.       (Currently Amended) A method for regulating access of a communication terminal to a communication network comprising at least one network node responsible for handling communication restrictions, the method being performed in an access regulating device and comprising 
obtaining an indication that the communication terminal is a potentially compromised communication terminal, 
analysing the obtained indication, 
selecting a type of communication restriction based on the analysis, where a first type of communication restriction comprises barring the communication terminal from using the communication network and a second type of communication restriction comprises limiting the use of the communication network by the communication terminal, and informing at least one ;
wherein the indication comprises a confidence setting, the analysis comprises analysing the confidence setting, and selecting the type of communication restriction is performed if the confidence setting exceeds a confidence threshold.

17.       (Previously Presented) The method according to claim 16, wherein the communication terminal uses a first assigned bearer before the selection of the type of communication restriction and the limiting of use comprises selecting a bearer with lower priority than the first assigned bearer.

18.       (Previously Presented) The method according to claim 16, wherein the limiting of use comprises limiting the communication bandwidth assigned to the communication terminal.

19.       (Canceled)

20.       (Previously Presented) The method according to claim 16, wherein the indication comprises a time of determining that the communication terminal is potentially compromised and the analysing comprises investigating the time of determining, where the first type of restriction is selected if the time of determining is older than an age threshold and the second type of restriction is selected if the time of determining is younger than the age threshold.



22.       (Previously Presented) The method according to claim 16, further comprising: obtaining a further indication of a potential compromise and performing a re-evaluation of the determined restriction based on the further indication.

23-26.  (Canceled) 

27.       (Currently Amended) A communication system including a host computer comprising: 
processing circuitry configured to provide user data; and 
a communication interface configured to forward the user data to a communication network for transmission to a communication terminal, 
wherein the communication network comprises at least one node responsible for handling communication restrictions and an access regulating device having processing circuitry configured to: 
            obtain an indication that the communication terminal is a potentially compromised communication terminal, 
            analyse the obtained indication, 

            inform at least one network node responsible for handling communication restrictions of the type selected for the communication terminal in order for the communication network to effectuate the communication restriction;
wherein the indication comprises a confidence setting, analyzing the obtained indication comprises analysing the confidence setting, and selecting the type of communication restriction is performed if the confidence setting exceeds a confidence threshold.

28-32.  (Canceled) 

Allowable Subject Matter
	The following is an examiner’s statement of reasons for allowance: 

Regarding independent claims 1, 16, 27 the prior art of record, specifically (US 20040162070) teaches An access regulating device for a communication terminal using a communication network, the access regulating device comprising processing circuitry configured to; (paragraph 22);
However, none of the prior art cited alone or in combination provides the motivation to teach; obtain an indication that the communication terminal is a potentially compromised communication terminal; analyse the obtained indication; select a type of communication restriction based on the analysis, where a first type of communication restriction comprises barring the communication terminal from using the communication network and a second type of communication restriction comprises limiting the use of the communication network by the communication terminal; and inform at least one network node responsible for handling communication restrictions of the type selected for the communication terminal in order for the communication network to effectuate the communication restriction; wherein the indication comprises a confidence setting, the analysis comprises analysing the confidence setting, and the selecting of a type of communication restriction is performed if the confidence setting exceeds a confidence threshold. 
Since the disclosed dependent claims are depend on one of the above independent claims, therefore they are also patentable.
Claims 1-3, 5-8, 10-13, 16-18, 20-22, 27 are patentable.    
Conclusion
The prior art made of record and not relied upon is considered relevant to applicant's specification: Bull, Peter, et al. "Flow based security for IoT devices using an SDN gateway." 2016 IEEE 4th international conference on future internet of things and cloud (FiCloud). IEEE, 2016: provides: With near exponential growth predicted in the number of Internet of Things (IoT) based devices within networked systems there is need of a means of providing their flexible and secure integration. Software Defined Networking (SDN) is a concept that allows for the centralised control and configuration of network devices, and also provides opportunities for the dynamic control of network traffic. This paper proposes the use of an SDN gateway as a distributed means of monitoring the traffic originating from and directed to IoT based devices. This gateway can then .

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”

Any inquiry concerning this communication or earlier communications from the examiner should be directed to SHARAD RAMPURIA whose telephone number is (571)272-7870 and e-mail address is sharad.rampuria@uspto.gov.  The examiner can normally be reached on M-F: 9-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Charles Appiah can be reached on 571-272-7904.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications 


/SHARAD RAMPURIA/
Primary Patent Examiner
        Art Unit 2641