Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
1.	In a preliminary amendment dated 06/09/2020, claims 1-7, 11-20 and 27-29 have been amended. Claims 8-10 and 21-26 have been canceled. Claims 1-7, 11-20 and 27-29 have been examined.

Information Disclosure Statement
2.	The information disclosure statements (IDS) submitted on 06/29/2020 and 06/09/2021 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Claim Objections
3.	Claims 12-13 are objected to because of the following informalities:
Claim 12 recites, “…extracting the first authentication key…” and claim 13 recites, “…extracting the second authentication key…” However, there is no prior “a first authentication key” or “a second authentication key” in claims 12 and 13 or claim 1, which they depend on.
Appropriate correction is required.


Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:



4.	Claim 28 is rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.  The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because:
Claim 28 is directed towards “A computer program”. While the claimed “computer program” is intended to be “executed on an electronic device” to perform “the method according to claim 1”, the claim itself only contains a “computer program”. Software per se is not one of the four categories of patent eligible subject matter (note MPEP 2106).

5.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


s 3 and 16 rejected under 35 U.S.C. 102(a)(1) as being anticipated by Hakola et al. (U.S. Patent Application Publication 2013/0159522; hereafter “Hakola”).

	For claim 3, Hakola teaches a message authentication method of a communication network system, wherein the communication network system comprises an authentication server and an access control device (note Figure 7, S-GW and eNodeB), and the message authentication method comprises:
	the authentication server receiving a communication mutual authentication request sent by the access control device (note paragraph [0042], step 401, service gateway receives D2D verification request);
	the authentication server authenticating the communication mutual authentication request (note paragraph [0042], step 403, service gateway verifies whether D2D communication is authorized);
	when the communication mutual authentication request is authenticated successfully, the authentication server sending a mutual authentication response message to the access control device (note paragraph [0042], step 405, service gateway sends service response message).


	For claim 16, Hakola teaches an authentication server, wherein, the authentication server is applied to a communication network system, the communication network system comprises the authentication server and an access control device (note Figure 7, S-GW and eNodeB), and the authentication server comprises:

	a processor configured to execute the instructions (note paragraph [0058], processor) to perform the message authentication method according to claim 3 (note claim rejection above). 


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

7.	Claims 1, 12-14 and 28-29 are rejected under 35 U.S.C. 103 as being unpatentable over Agiwal et al. (U.S. Patent Application Publication 2016/0295406; hereafter “Agiwal”), and further in view of Muhanna et al. (U.S. Patent Application Publication 2018/0115539; hereafter “Muhanna”).

	For claim 1, Agiwal teaches a message authentication method of a communication network system, wherein the communication network system comprises an authentication server, an access control device and a plurality of mobile apparatuses, the plurality of mobile apparatuses comprise a first mobile apparatus and 
	the access control device receiving a communication establishment request sent by the first mobile apparatus (note paragraph [0067], operation 103 MME receives D2D establishment request from UE2);
	the access control device sending a communication mutual authentication request to the authentication server in response to the communication establishment request (note paragraph [0068], operation 106, MME transmits a D2D key request message to HSS/ProSe server);
	the access control device receiving a mutual authentication response message sent by the authentication server in response to the communication mutual authentication request (note paragraph [0069], operation 109, MME receives D2D key response from HSS/ProSe server);
	the access control device sending a mutual authentication message to the first mobile apparatus (note paragraph [0070], operation 111, MME transmits D2D key response to UE2).

	Agiwal differs from the claimed invention in that they fail to teach:
	the access control device authenticating the mutual authentication response message; and
	when the mutual authentication response message is authenticated successfully, the access control device sending a mutual authentication message to the first mobile apparatus.

	Muhanna teaches:
	the access control device authenticating the mutual authentication response message (note paragraph [0029], master device authenticates the authentication request message 340 by comparing received M_AUTN and G_RAND with the calculated values and paragraph [0039], master device authenticates received IAS (authentication response) message using MAC signature); and
	when the mutual authentication response message is authenticated successfully, the access control device sending a mutual authentication message to the first mobile apparatus (note paragraph [0029], if message authentication is successful, message 350 is sent to UE and paragraph [0039], if message authentication is successful, message 450 is sent to UE).

	It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the D2D communication request and response of Agiwal and the authentication of response messages received from an authentication server of Muhanna to form a system where the MME authenticates messages received from the HSS/ProSe server before transmitting the D2D response to UE. One of ordinary skill would have been motivated to combine Agiwal and Muhanna because authenticated messages received from the authentication server would provide verification of the integrity of the key messages for D2D communication (note paragraphs [0032] and [0039] of Muhanna).


	For claim 12, the combination of Agiwal and Muhanna teaches claim 1, further comprising:
	generating a first authentication key sequence according to a first initial authentication key and a random number ra (note paragraphs [0045]-[0046], sequence of security keys is generated using new random number for each new connection and secret key of UE);
	extracting the first authentication key from the first authentication key sequence (note paragraphs [0045] and [0069], connection specific security key is generated).

	For claim 13, the combination of Agiwal and Muhanna teaches claim 1, further comprising:
	generating a second authentication key sequence according to a second initial authentication key and a random number ra (note paragraphs [0045]-[0046], sequence of security keys is generated using new random number for each new connection and secret key of UE);
	extracting the second authentication key from the second authentication key sequence (note paragraphs [0045] and [0072], connection specific security key is generated).

	For claim 14, the combination of Agiwal and Muhanna teaches an access control device, wherein, the access control device is applied to a communication network system, the communication network system comprises an authentication server, the 
	a memory, wherein instructions are stored on the memory (note paragraph [0166] of Agiwal, memory storing instructions);
	a processor configured to execute the instructions (note paragraph [0168] of Agiwal, instructions executed by graphic processing device) to perform the message authentication method according to claim 1 (note claim 1 rejection above). 

	For claim 28, the combination of Agiwal and Muhanna teaches a computer program, comprising a computer readable code (note paragraph [0167] of Agiwal, program including code), when the computer readable code is executed on an electronic device (note paragraph [0168] of Agiwal, instructions executed by graphic processing device), and the electronic device performing the method according to claim 1 (note claim 1 rejection above).

	For claim 29, the combination of Agiwal and Muhanna teaches a non-transitory computer readable storage medium (note paragraph [0166] of Agiwal, storage medium), wherein the storage medium is configured to store storing a computer program according to claim 28 (note paragraphs [0166]-[0167] of Agiwal, medium storing software program).

s 5 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over the combination of Agiwal and Muhanna as applied to claim 1 above, and further in view of Wang et al. (U.S. Patent Application Publication 2018/0376318; hereafter “Wang”).

	For claim 5, Agiwal teaches a communication method of a communication network system, wherein, the communication network system comprises an authentication server, an access control device and a plurality of mobile apparatuses, the mobile apparatuses comprise a first mobile apparatus and a second mobile apparatus (note Fig. 1 and paragraph [0065], UE1, UE2, MME and HSS/ProSe server), the first mobile apparatus stores a first authentication key (note paragraph [0111], each UE stores a secret key); and the communication method comprises:
	the first mobile apparatus receiving a mutual authentication message sent by the access control device (note paragraph [0106], operation 333, UE1 receives D2D message from HSS/ProSe via MME);
	the first mobile apparatus authenticating the mutual authentication message with the first authentication key (note paragraphs [0107] and [0109], operation 335, UE1 authenticates received message with MAC generating using secret key);
	when the mutual authentication message is authenticated successfully, the first mobile apparatus sending an apparatus mutual authentication request to the second mobile apparatus (note paragraph [0107], operation 339, when D2D message is authenticated, UE1 sends D2D message to UE2);


	Agiwal differs from the claimed invention in that they fail to teach:
	when a mutual authentication response message is authenticated successfully, the first mobile apparatus receiving a mutual authentication message sent by the access control device

	Muhanna teaches:
	when a mutual authentication response message is authenticated successfully, the first mobile apparatus receiving a mutual authentication message sent by the access control device (note paragraph [0029], if message authentication is successful, message 350 is sent to UE and paragraph [0039], if message authentication is successful, message 450 is sent to UE)

	It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the D2D communication request and response of Agiwal and the authentication of response messages received from an authentication server of Muhanna to form a system where the MME authenticates messages received from the HSS/ProSe server before transmitting the D2D response to UE. One of ordinary skill would have been motivated to combine Agiwal and Muhanna because authenticated messages received from the authentication server would provide verification of the 


	The combination of Agiwal and Muhanna differs from the claimed invention in that they fail to teach:
	the first mobile apparatus receiving an apparatus mutual authentication response message sent by the second mobile apparatus in response to the apparatus mutual authentication request;
	the first mobile apparatus authenticating the apparatus mutual authentication response message with the first authentication key;
	when the apparatus mutual authentication response message is authenticated successfully, the first mobile apparatus and the second mobile apparatus communicating with each other.

	Wang teaches:
	the first mobile apparatus receiving an apparatus mutual authentication response message sent by the second mobile apparatus in response to the apparatus mutual authentication request (note paragraphs [0067]-[0068], UE1 receives M2 from UE2 in response to M1);
	the first mobile apparatus authenticating the apparatus mutual authentication response message with the first authentication key (note paragraph [0068], UE1 verifies M2)
1 receives M2 from UE2 communicate with each other after successful mutual authentication).

	It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the combination of Agiwal and Muhanna and the UE request and response mutual authentication of Wang. It would have been obvious because combining prior art elements (D2D communication authorization of the combination of Agiwal and Muhanna and mutual authentication of two UE of Wang) according to known methods would yield the predictable results of authorizing D2D communication by a key server (the combination of Agiwal and Muhanna) where the UE devices perform a request and response mutual authentication to verify the identities of both devices (Wang).


	For claim 18, the combination of Agiwal, Muhanna and Wang teaches a first mobile apparatus, wherein the first mobile apparatus is applied to a communication network system, the communication network system comprises an authentication server, an access control device and a plurality of mobile apparatuses, the plurality of mobile apparatuses comprise a first mobile apparatus and a second mobile apparatus (note Fig. 1 and paragraph [0065] of Agiwal, UE1, UE2, MME and HSS/ProSe server), 
	a memory, wherein instructions are stored on the memory (note paragraph [0166] of Agiwal, memory storing instructions);
	a processor configured to execute the instructions (note paragraph [0168] of Agiwal, instructions executed by graphic processing device) to perform the communication method according to claim 5 (note claim 5 rejection above). 


9.	Claim 27 is rejected under 35 U.S.C. 103 as being unpatentable over the combination of Agiwal, Muhanna and Wang as applied to claim 5 above, and further in view of Hakola.

	For claim 27, Agiwal teaches a communication network system using the message authentication method according to claim 1, comprising: an authentication server, an access control device and a plurality of mobile apparatuses, the plurality of mobile apparatuses comprise a first mobile apparatus and a second mobile apparatus (note Fig. 1 and paragraph [0065], UE1, UE2, MME and HSS/ProSe server); wherein,
	the first mobile apparatus is configured to send a communication establishment request to the access control device (note paragraph [0102], operation 323, UE1 transmits a D2D key request to MME);
	the access control device is configured to send a communication mutual authentication request to the authentication server in response to the communication 
	when the communication mutual authentication request is authenticated successfully, configured for the authentication server is further configured to send a mutual authentication response message to the access control device (note paragraph [0105], operation 331, MME receives D2D key response from HSS/ProSe server);
	the first mobile apparatus is further configured to receive a mutual authentication message sent by the access control device (note paragraph [0106], operation 333, UE1 receives D2D key response from MME);
	the first mobile apparatus is further configured to authenticate the mutual authentication message with the first authentication key (note paragraphs [0107] and [0109], operation 335, UE1 authenticates received message with MAC generating using secret key);
	when the mutual authentication message is authenticated successfully, configured for the first mobile apparatus is further configured send an apparatus mutual authentication request to the second mobile apparatus (note paragraph [0107], operation 339, when D2D message is authenticated, UE1 sends D2D message to UE2);


	Agiwal differs from the claimed invention in that they fail to teach:
	the access control device is configured to authenticate the mutual authentication response message;


	Muhanna teaches:
	the access control device is configured to authenticate the mutual authentication response message (note paragraph [0029], master device authenticates the authentication request message 340 by comparing received M_AUTN and G_RAND with the calculated values and paragraph [0039], master device authenticates received IAS (authentication response));
	when the mutual authentication response message is authenticated successfully, the first mobile apparatus is further configured to receive a mutual authentication message sent by the access control device (note paragraph [0029], if message authentication is successful, message 350 is sent to UE and paragraph [0039], if message authentication is successful, message 450 is sent to UE);

	It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the D2D communication request and response of Agiwal and the authentication of response messages received from an authentication server of Muhanna to form a system where the MME authenticates messages received from the HSS/ProSe server before transmitting the D2D response to UE. One of ordinary skill would have been motivated to combine Agiwal and Muhanna because authenticated messages received from the authentication server would provide verification of the 

	The combination of Agiwal and Muhanna differs from the claimed invention in that they fail to teach:
	the second mobile apparatus is configured to send an apparatus mutual authentication response message to the first mobile apparatus in response to the apparatus mutual authentication request;
	the first mobile apparatus is further configured to authenticate the apparatus mutual authentication response message with the first authentication key;
	when the apparatus mutual authentication response message is authenticated successfully, the first mobile apparatus and the second mobile apparatus are further configured to communicate with each other.

	Wang teaches:
	the second mobile apparatus is configured to send an apparatus mutual authentication response message to the first mobile apparatus in response to the apparatus mutual authentication request (note paragraphs [0067]-[0068], UE2 sends M2 to UE1 in response to M1);
	the first mobile apparatus is further configured to authenticate the apparatus mutual authentication response message with the first authentication key (note paragraph [0068], UE1 verifies M2);
1 receives M2 from UE2 communicate with each other after successful mutual authentication).


	It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the combination of Agiwal and Muhanna and the UE request and response mutual authentication of Wang. It would have been obvious because combining prior art elements (D2D communication authorization of the combination of Agiwal and Muhanna and mutual authentication of two UE of Wang) according to known methods would yield the predictable results of authorizing D2D communication by a key server (the combination of Agiwal and Muhanna) where the UE devices perform a request and response mutual authentication to verify the identities of both devices (Wang).


	The combination of Agiwal, Muhanna and Wang differs from the claimed invention in that they fail to teach:
	the authentication server is configured to authenticate the communication mutual authentication request;

	Hakola teaches:


	It would have been obvious to one of ordinary skill in the art at the time of the invention to combine the combination of Agiwal, Muhanna and Wang and the authentication server authenticating the D2D request of Hakola. It would have been obvious because a simple substitution of one known element (authentication server authenticating D2D request of Hakola) for another (MME, i.e. access server, authenticating D2D request of Agiwal; note paragraph [0103]) would yield the predictable results of authenticating a UE is authorized for D2D communication before distributing keys to the UE for the D2D communication.

Allowable Subject Matter
10.	Claims 2, 4, 6-7, 11, 15, 17 and 19-20 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.


Conclusion
11.	The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.


12.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to DAVID J PEARSON whose telephone number is (571)272-0711. The examiner can normally be reached 6:00 - 5:30 pm; Monday through Thursday.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on (571)272-3787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/David J Pearson/Primary Examiner, Art Unit 2438