DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Amendments
	This office action responds to the amendments filed on December 14, 2021 for application 16/766,293.  Claims 1, 3, 5-6, 9, 11, and 13 were amended, claims 12 and 14 were cancelled, and claim 15 was added as a new claim.  Claims 1-11, 13, and 15 remain pending in the application.

Response to Arguments
	The Examiner has fully considered the Applicant’s arguments filed on December 14, 2021, and the Examiner responds as provided below.
	Regarding the Applicant’s response at page 6 of the Remarks that concerns the objections to the drawings (i.e., various reference numerals appear in the drawings but are not discussed in the specification), the amendments to the specification cure the deficiencies and the corresponding objections are withdrawn.
	Regarding the Applicant’s response at page 6 of the Remarks that concerns the § 112(b) rejections of claims 3, 6-8, 12, and 14, the amendments to claims 3 and 6 and the cancellation of claims 12 and 14 adequately address the corresponding issues of indefiniteness and the corresponding § 112(b) rejections are withdrawn.


Claim Objections
Claim 3 is objected to because of the following informalities: “and the first node using to generate the first static parameter” should read “and the first node to generate the first static parameter” (i.e., delete “using”).  Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 8 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  Claim 8 recites the limitation "first security context,” but there is insufficient antecedent basis for this 

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

(NOTE: within the Examiner’s parenthetical explanations below, material within quotation marks is language quoted from the prior art reference, underlined material is language quoted from the claims, and material within brackets is material altered from either a prior art reference or a claim.  Regarding the reconstruction of the claims, a numbered footnote indicates a primary phrase to be first moved upwards to the first cited reference, while a lettered footnote indicates a secondary phrase to be moved after the movement of the primary phrase from which it was lifted.  Or more succinctly, move numbered material first, lettered material last.)
A.	Claims 1-11, 13, and 15 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Liao et al. (US 2019/0387401, “Liao,” which claims priority to US Provisional Applications Nos. 62/486,197 (filed on Apr. 17, 2017); 62/566,731 (filed on Oct. 2, 2017), and 62/588,033 (filed on Nov. 17, 2017)).
Regarding Claim 1
Liao discloses
A method (abstract, Fig. 15) of operating a terminal node (Figs. 12 & 15, ¶ [0239], “IoT-UE 1201” serves a terminal node), 
wherein a first static parameter is known by the terminal node and a first node (Fig. 13, ¶ [0240], “…it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 [serving as a first node] is expressed by a shared symmetric key kASME [as a first static parameter that is known by the terminal node and the first node because it is “shared”], from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection.”), 
the method comprising: 
using the first static parameter for an encryption operation between the terminal node and the first node (¶ [0240], “…it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 is expressed by a shared symmetric key kASME, from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection,” where KASME is use[d] for an encryption operation via the key kNASenc that ensures “confidentiality” between the AMF and IoT-UE through encryption), 
generating a second static parameter (Fig. 13, ¶¶ [0246]-[0248], “kgNBgrp” serves as a second static parameter) based on the first static parameter (Fig. 13, ¶ [0216], “The group key hierarchy 1301 is shown on the right hand side in FIG. 13 in parallel to keys generated during an extensible authentication protocol (EAP)-AKA [authentication and key agreement] procedure, which has been adapted to the new 5GS architecture from EPS-AKA and shown as a 5G-AKA key hierarchy 1302 on the [left],” i.e., the generat[ed] key kgNB of the base station gNB is based upon authentication and key agreement procedure that associates the AMF, IoT-UE, and gNB with each, and thus the second static parameter represented by the key kgNBgrp is based on the key KASME as the first static parameter that is produced via EAP-AKA) and a third parameter  (¶ [0246], “…and kgNB grp←KDFk AMF grp (idgrp, idgNB, cgNB) is the group key for the gNB 1202,” and “The AMF 1202 delivers the kgNB grp to the gNB 1202,” i.e., the AMF, which possesses the key KASME (as the first static parameter) generat[es] the key kgNB grp as the second static parameter using the third parameter “idgrp.”) that is known to both the terminal node and the first node (¶ [0223], “At least two alternatives for the idgrp may be considered. In a first alternative, the idgrp is a long term fixed ID for a group. As such, the idgrp can be assumed to be known by IoT-UEs [as the terminal] (e.g., pre-installed in IoT-UE's SIM card),” and ¶ [0246], i.e., the AMF generated kgNBgrp based on know[ing] idgrp.), and 
negotiating, using the second static parameter, a second security context (¶ [0248], “In an IoT-UE group context allocation and credentials generation process 1530, the gNB 1202 establishes a group context for the IoT-UE 1201, which includes at least idUE, Algid, AlgU se , and kUE grp… kUE grp←KDFk gNB grp (N1, N2, idUE, cUE, AlgU se , kgNB),” i.e., kUE-grp is us[ed] as the second static parameter to create kUEgrp that creates a second security context) for a second encryption operation (¶¶ [0249]-[0251], “From kUE grp, the IoT-UE 1201 derives two keys, kUEInt grp and kUEEnc grp, used for, respectively, integrity protection and encryption [as a second encryption operation] of control and data plane.”) between the terminal node and a second node (Figs. 13 and 28, ¶ [0248], “In an IoT-UE group context allocation and credentials generation process 1530, the second node] establishes a group context [as a second security context kUEgrp in which keys are shared between IoTs-UEs and a base station gNB (see Fig. 28)] for the IoT-UE 1201,”) that has received the second static parameter from the first node (¶ [0246], “The AMF 1202 delivers [and thus received] the kgNB grp [as the second static parameter] to the gNB 1202 [as the second node]…”).  
Regarding Claim 2
Liao discloses the method of claim 1, and Liao further discloses
wherein the first static parameter (Fig. 13, ¶ [0240]) and the second static parameter (¶¶ [0246]-[0248]) are cryptographic keys (Fig. 13, ¶¶ [00]-[00], i.e., KASME and kgNB grp are cryptographic keys).  
Regarding Claim 3
Liao discloses the method of claim 2, and Liao further discloses 
wherein a cryptographic key derivation scheme is used by the terminal node and the first node using to generate the first static parameter and the second static parameter (Figs. 13 and 15, at least ¶¶ [0245]-[0251], i.e., the keys KASME and kgNBgrp as the first and second static parameters are generate[d] through the extensive cryptographic key derivation scheme that is employed by at the terminal node as the IoT-UE and the first node as the “AMF” to develop a “group context”).  
Regarding Claim 4
Liao discloses the method of claim 1, and Liao further discloses 
wherein the third parameter that is known to both the terminal node and the first node is a subscriber identity associated with the terminal node or a cryptographic scheme ID (¶¶ [0223], [0246], i.e., idgrp that is known by the IoT-UE and AMF is an ID for the “group context” for managing keys and is thus a cryptographic scheme ID).  
Regarding Claim 5
Liao discloses the method of claim 1, and Liao further discloses 
wherein the terminal node is a terminal accessing a network via a radio access network of the network (Figs. 12 and 15, ¶ [0250], “Then, the gNB 1202 sends a (R)AN [(radio) access network] IoT-UE group enrollment request message 1532 to the IoT-UE 1201 [as a terminal accessing RAN]), 
wherein the first node is an Access and Mobility Management Function (AMF) (Fig. 13, ¶ [0240], “…it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 [serving as a first node]),Page 2 of 8DOCKET NO.: 106693.300006/2017P00893WOPATENTApplication No.: 16/766,293 
Office Action Dated: September 28, 2021wherein the second node is at least one of a Session Management Function (SMF), User Plane Function (UPF), and a base station of the radio access network of the network (Figs. 13 and 28, ¶ [0248], “In an IoT-UE group context allocation and credentials generation process 1530, the gNB 1202 [as a second node and a base station]).  
Regarding Claim 6
Liao discloses the method of claim 1, and Liao further discloses 
further comprising sending a message to the network (Fig. 15, ¶ [0242], “The process 1500 begins when the IoT-UE 1201 generates a random nonce N1 of bit length LN, and issues an IoT-UE group enrollment request 1510 [as a message to the network] to the AMF 1114”) wherein the message includes an indicator wherein the value of the indicator indicates if the message is encrypted based on the second security context (Fig. 12, ¶ [0240], “it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 is expressed by a shared symmetric key kASME, from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection,” i.e, the indicator comprises the two keys kNASint and kNASenc whose use through the specific value of the keys indicate[s] that the message 1510, which is an IoT-UE Group Enrollment Request, was not encrypted based on the second security context (i.e., kUEgrp), as kUEgrp cannot exist prior to enrollment into the group).
Regarding Claim 7
Liao discloses the method of claim 6, and Liao further discloses
wherein the message is a non-Access Stratum control message (¶ [0240], “Fig. 12, ¶ [0240], “it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 is expressed by a shared symmetric key kASME, from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection.” i.e., a control plane message employing NAS keys is a non-Access Stratum (NAS) control message), 
wherein the message is transmitted piggybacked to a Radio Resource Control message (¶ [0258], “The IoT-UE group enrollment request 1510 [as the message] in FIG. 15 can be piggybacked into the message ‘1. Attach Request” in FIG. 16,’” where the message from the UE to the eNB comprises an RRC message in LTE/5G).  
Regarding Claim 8
Liao discloses the method of claim 6, and Liao further discloses 
further comprising: selecting between the first security context (¶ [0240], i.e., the security context based kASME) and the second security (¶ [0248], i.e., the security context based on kUEgrp) context based on an originating transmission protocol layer (Fig. 16, ¶ [0435], “In the embodiment shown, the non-access stratum (NAS) protocols 2406 form the highest stratum of the control plane between the UE 2101 and the MME 2121 [or the MME shown in Fig. 16].”) of payload of the respective instance of the message (¶ [0240], i.e. the message relying upon the first security context that uses kASME, and thus has its payload regulated by kNASint and kNASenc, is select[ed] upon this basis).  
Regarding Independent Claim 9
With respect to independent claim 9, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claim 9. Therefore, claim 9 is rejected, for similar reasons, under the grounds set forth for claim 1. 	
Regarding Claim 10
Liao discloses the method of claim 9, and Liao further discloses
wherein the first node and the second node are part of the same trusted domain (¶ [0240], “”negotiating security parameters and capabilities with the AMF 1114 [as the first node], the IoT-UE 1201, and the gNB 1202 [as the second node]; a trust association [or domain] between any gNB and AMF (resp. eNB and MME in EPS) can be implemented, for example, via network domain security using IPSec, which allows secure (confidential and integrity protected) communication between the two;…”).  
Regarding Independent Claim 11
mutatis mutandis, to the subject matter of claim 11. Therefore, claim 11 is rejected, for similar reasons, under the grounds set forth for claim 1.
Regarding Independent Claim 13
With respect to independent claim 13, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claim 13. Therefore, claim 13 is rejected, for similar reasons, under the grounds set forth for claim 1.
Regarding Dependent Claim 15
With respect to dependent claim 15, a corresponding reasoning as given earlier for dependent claim 6 applies, mutatis mutandis, to the subject matter of claim 13. Therefore, claim 15 is rejected, for similar reasons, under the grounds set forth for claim 6.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For 



/D'Arcy Winston Straub/Examiner, Art Unit 2491                                                                                                                                                                                                        



/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491