DETAILED ACTION
This is in response to Application # 17/274,561.  Claims 1-16 have been examined.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .  In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.


Claims 1-6, 9, 11-16 are rejected under 35 U.S.C. 103 as being unpatentable by Tinnakornsrisuphap et al. (US 2010/0125899; included in IDS) hereafter Tin in view of Townsley (US 2008/0198858; included in IDS).

Regarding Claim 1,
A system for use in a mobile communication network, the system comprising: 

at least one receiver; at least one transmitter; and at least one processor configured to: use the at least one receiver to receive from a client device located in the mobile communication network a request to connect to a home area network [Tin: 0030; in the example of FIG. 1, the access terminal 102 is connected to an IP network 110 as represented by a communication link 118 (e.g., via a wireless or wired connection); the access point 106 may connect to a router 120 as represented by a communication link 122, the router 120 may connect to the Internet 124 as represented by a communication link 126, the security gateway 112 may connect to the Internet 124 as represented by a communication link 128, and the security gateway 112 may connect to the IP network 110 as represented by a communication link 130; 0048; the access terminal 102 may attempt to locate the security gateway that is associated with the access point 106 so that the access terminal 102 may gain access to its local network; 0048; this may involve, for example, the access terminal 102 sending a message to one or more security gateways to find the security gateway 

determine an identifier of a residential gateway in the home area network or of a fixed-line network to which the home area network is coupled [Tin: residential gateway == femto access point; 0048; this may involve, for example, the access terminal 102 sending a message to one or more security gateways to find the security gateway that has established a tunnel to the access point 106; in conjunction with this message, the access terminal 102 sends its authentication information to the security gateway; the security gateway then takes appropriate action to authenticate the authentication information (e.g., by communicating with the authentication server 114); for example, the security gateway may send the subscription information for the access terminal 102 to the authentication server 114; the authentication server 114 maintains a list a femto access points that may be accessed as part of the subscription profile for the access terminal 102 (i.e., the access terminal subscription profile determines whether a given user is authorized to use a given femto access point); based on an identifier (e.g., NAI) received during authentication (e.g., an identifier obtained as a result of a message sent by the access terminal 102 to the security gateway 112), the authentication server 114 returns one or more femto identifiers to the security gateway, e.g., 

use the at least one transmitter to transmit a request for an address … in the home area network to the residential gateway or the fixed-line network corresponding to the determined identifier [Tin: 0049; as represented by block 210, in conjunction with setting up the protocol tunnel 138, an address on the local network is obtained for the access terminal 102; for example, the security gateway 112 may send a message to the access point 106 requesting a local address on behalf of the access terminal 102; as one example, in a CSA dedicated to remote IP access, the security gateway 112 sends a DHCP request or router solicitation via the tunnel 142 to the access point 106 to request a remote IP address for the access terminal 102; the access point 106 may then send a request to the router 120 for the local address], 

use the at least one receiver to receive the address … from the residential gateway or the fixed-line network, use the at least one transmitter to transmit the address to the client device [Tin: 0049; once the access point 106 obtains the local address, the access point 106 sends the local address to the security gateway 112; the security gateway 112 then forwards the local address to the access terminal 102], 

use the at least one receiver and the at least one transmitter to establish a tunnel with the residential gateway [Tin: 0040; the security gateway 112 forwards any packets 

use the at least one transmitter to establish a forwarding rule at a forwarding function of the mobile communication network, the forwarding rule … and ensuring that data received from the client device destined for a destination address … is forwarded to the residential gateway through the tunnel [Tin: 0051; as represented by block 214, once the protocol tunnel 138 is established, packets may be routed between the access terminal 102 and the access point 106 via the protocol tunnels 138 and 142; here, the security gateway 112 routes packets it receives via one tunnel to the other tunnel; a forwarding policy is established at the time of setting up the protocol tunnels; thus, when a packet is received via a given tunnel, that packet is forwarded based on the policy; here, the security gateway 112 may identify a packet from a given tunnel based on, for example, the IPsec protocol header encapsulating the packet; in some cases, the security gateway 112 inspects the packets to obtain an identifier of the source (e.g., the access terminal 102) and/or the destination (e.g., the access point 106) for the packet; the security gateway 112 may then determine the appropriate tunnel for forwarding the packet based on this extracted identifier information].

However, Tin does not teach requesting or receiving “a range of addresses in the home area network.”


Townsley teaches:
use the at least one transmitter to transmit a request for … a range of addresses in the home area network to the residential gateway or the fixed-line network … use the at least one receiver to receive … the range of addresses from the residential gateway or the fixed-line network … the forwarding rule including the range of addresses and ensuring that data received from the client device destined for a destination address in the range of addresses is forwarded to the residential gateway through the tunnel [Townsley: 0068; the RGs (routing gateways) authenticate each other and obtain a list of all RGs known by either to be in the VPN; they also learn what private L3 addresses are used on each LAN; 0119; in step 580, an L2 or L3 packet is received at an RG 150 on the LAN 152 that is for forwarding to a remote LAN; any method for forwarding may be used; an L3 header destination field holds data that indicates a private IP address in a site address range selected by a particular remote LAN; 0120; in step 582, the data packet received on the LAN 152 is bridged or routed in a tunnel packet sent over an appropriate pseudo wire 140].

It would have been obvious for POSITA before the effective filing date of the invention to combine the teachings of Tin and Townsley so that each device looks at the VPN 

Regarding Claim 2,
Tin teaches:
wherein the address is a private address [Tin: 0051; the security gateway 112 inspects the packets to obtain an identifier of the source (e.g., the access terminal 102) and/or the destination (e.g., the access point 106) for the packet; the security gateway 112 may then determine the appropriate tunnel for forwarding the packet based on this extracted identifier information].

However, Tin does not teach replacing the address in the received data with a public address before transmitting the data to a destination address outside the range of addresses.

Townsley teaches:
the forwarding rule ensures that the forwarding function replaces the address in the received data with a public address before transmitting the data to a destination address outside the range of addresses [Townsley: a destination address outside the range of addresses = destination is a public address; replace == NAT processing; 0041; when the destination address is a public L3 address (e.g., 9.1.1.1) RG 150a applies standard NAT processing and changes the contents of source address field 186 to indicate a public L3 address of the RG 150a (e.g., 9.0.0.0); 0118; the site-facing IP for such addresses, the RG performs NAT/PAT functions].

It would have been obvious for POSITA before the effective filing date of the invention to combine the teachings of Tin and Townsley so that each device looks at the VPN truly as a single LAN, which can be important for broadcast and link-local multicast protocols running on a host [Townsley: 0118].

Regarding Claim 3,
wherein the at least one processor is further configured to obtain the identifier of the residential gateway from a database which associates identifiers of client devices with identifiers of residential gateways [Tin: 0048; for example, the security gateway may send the subscription information for the access terminal 102 to the authentication server 114; the authentication server 114 maintains a list a femto access points that may be accessed as part of the subscription profile for the access terminal 102 (i.e., the access terminal subscription profile determines whether a given user is authorized to use a given femto access point); based on an identifier (e.g., NAI) received during authentication (e.g., an identifier obtained as a result of a message sent by the access terminal 102 to the security gateway 112)].

Regarding Claim 4,
Tin teaches:
based on an identifier (e.g., NAI) received during authentication (e.g., an identifier obtained as a result of a message sent by the access terminal 102 to the security gateway 112), the authentication server 114 returns one or more femto identifiers to the security gateway, e.g., identifying the femto access points that the access terminal 102 is allowed to access (assuming the access terminal 102 is successfully authenticated)].

However, Tin does not teach transmitting a request for “… range of addresses ….”



Townsley teaches:
transmit the request for … the range of addresses in dependence on the identifier of the client device being associated with the identifier of the residential gateway [Townsley: 0068; the RGs (routing gateways) authenticate each other and obtain a list of all RGs known by either to be in the VPN; they also learn what private L3 addresses are used on each LAN].

It would have been obvious for POSITA before the effective filing date of the invention to combine the teachings of Tin and Townsley so that each device looks at the VPN truly as a single LAN, which can be important for broadcast and link-local multicast protocols running on a host [Townsley: 0118].

Regarding Claim 5,
wherein the at least one processor is further configured to determine an association between an identifier of the client device and the identifier of the residential gateway based on information received from a network server and store the association in the database before receiving the request to connect to the home area network from the client device [Tin: 0048; the access terminal 102 sends its authentication information to the security gateway; the security gateway then takes appropriate action to 

Regarding Claim 6, which recites a client device having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Regarding Claim 9, which recites a residential gateway having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Regarding Claim 11, which recites a method having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Regarding Claim 12, which recites a method having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Regarding Claim 13, which recites a method having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Regarding Claim 14, which recites a non-transitory computer-readable medium having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Regarding Claim 15, which recites a non-transitory computer-readable medium having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Regarding Claim 16, which recites a non-transitory computer-readable medium having the same claim limitations as those in claim 1 above, the same rationale of rejection as presented in claim 1 is applicable.

Claims 7-8 and 10 are rejected under 35 U.S.C. 103 as being unpatentable by Tin in view of Townsley and further in view of Murakami (US 2013/0227660; included in IDS)

Regarding Claim 7,
In Tin-Townsley combination, Tin teaches that the authentication server 114 returns one or more femto identifiers to the security gateway, e.g., identifying the femto access points that the access terminal 102 is allowed to access (assuming the access terminal 102 is successfully authenticated) [Tin: 0048].

within the home area network to a residential gateway, receive a token from the residential gateway … before transmitting the request to the mobile communication network, the further request comprising the token.

Murakami teaches:
wherein the at least one processor is further configured to connect directly from within the home area network to a residential gateway, receive a token from the residential gateway and transmit to a network server a further request to register an association between the client device and the residential gateway before transmitting the request to the mobile communication network, the further request comprising the token [Murakami: 0041; In step S501, the terminal device 1 sends a request message to the registration server 3 via the home gateway 2; 0044; In step S505, the processing unit 36 of the registration server 3 sends a response message including the token generated at the token generating unit 33 and access information of the home gateway 2; upon receiving the response message from the registration server 3, the terminal device 1 extracts the access information from the response message, and sends a message including the token using the access information; 0047; in step S509, the processing unit 36 of the registration server 3 verifies whether or not the token and the identifier obtained from the connectivity server 5 are the same as that generated in step S504 and read out in step S503; if they are the same, the processing unit 36 of the registration server 3 determines that the authentication succeeded, and sends a message indicating a positive response to inform the connectivity server 5 of the gateway 2 sends the identifier and the secret value of the home gateway 2, i.e. GUID#1 and SECRET#1 in this embodiment, to the terminal device 1 in step S512; the terminal device 1 stores the identifier and the secret value; with the sequence described above, the terminal device 1 obtains the identifier and the secret value, and can establish a connection with the connectivity server 5].

It would have been obvious for POSITA before the effective filing date of the invention to combine the teachings of Tin, Townsley, and Murakami in order to provide a method for providing a secret value to a client device [Murakami: 0007].

Regarding Claim 8,
wherein the at least one processor is further configured to use the at least one receiver to receive an identifier of the residential gateway from the network server in response to the further request and include the identifier of the residential gateway in the request before transmitting the request [Tin: residential gateway == femto access point; 0048; this may involve, for example, the access terminal 102 sending a message to one or more security gateways to find the security gateway that has established a tunnel to the access point 106; in conjunction with this message, the access terminal 102 sends its authentication information to the security gateway; the security gateway then takes appropriate action to authenticate the authentication information (e.g., by an identifier obtained as a result of a message sent by the access terminal 102 to the security gateway 112), the authentication server 114 returns one or more femto identifiers to the security gateway, e.g., identifying the femto access points that the access terminal 102 is allowed to access (assuming the access terminal 102 is successfully authenticated)].

Regarding Claim 10, which recites a residential gateway having the same claim limitations as those in claim 7 above, the same rationale of rejection as presented in claim 7 is applicable.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.  JP 2004-528761 teaches that the gateway application also obtains an access identifier for the second wireless network via a communication interface and via an intermediate network, and the access identifier for use in accessing the second wireless network [para. 0026].
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAAD A WAQAS whose telephone number is (571)270-5642. The examiner can normally be reached 8:30 - 5:00 PM.

If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Asad M Nawaz can be reached on (571) 272-3988. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

SAAD A. WAQAS
Primary Examiner
Art Unit 2468



/Saad A. Waqas/Primary Examiner, Art Unit 2468