Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s Preliminary Amendment filed on 15 February 2021. Claims 21-25 have been canceled. Claims 1-11, 13-16, and 18-20 have been amended. Claims 1-20 remain pending. 

Information Disclosure Statement
4.	The Information Disclosure Statement respectfully submitted on 15 December 2021 has been considered by the Examiner.

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claims 1, 6, 11, and 16 are rejected under 35 U.S.C. 102(a) (1) as being anticipated by Ericsson et al., “More Details On Fast Path Security Protocol”.
Referring to the rejection of claim 1, Ericsson et al. discloses a method for user plane security in a wireless communication system, the method being performed in a core network, CN, node and comprises: (See Ericsson et al., page 1, Section 5.7.4.2 Small Data Fast Path in User Plane and Figure 5.7.4.2.2-1, security context for the user plane in a wireless communication system performed in a core network CN (i.e. MME)
receiving a first message from a wireless terminal, WT, the first message including an indication that the WT supports an additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 1. Initial attach with an MME and provide the UE (i.e. wireless terminal, WT for security capability for small data fast path)
sending a second message to the WT in response to the received first message, the second message including an indication that the CN supports the additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 4. The CN (i.e. MME) initiates the NAS Security Mode Command procedure with a WT (i.e. UE) to establish security, in the same message the MME indicates which cryptographic algorithms are to be used with small data transfer security)
and sending a third message to a separate CN node, the third message comprising an indication that the additional security layer is to be used in communication with the WT. (See Ericsson et al., Figure 5.7.4.2.4-1, Step 6. The MME sends a Create Session Request to the selected SGW (i.e. separate CN Node together with the small data transfer security context)

Referring to the rejection of claim 6, Ericsson et al. discloses a method for user plane security in a wireless communication system, the method being performed in a wireless terminal, WT, and comprises: (See Ericsson et al., page 1, Section 5.7.4.2 Small Data Fast Path in User Plane and Figure 5.7.4.2.2-1, security context for the user plane in a wireless communication system, performed in a wireless terminal WT (i.e. UE)
sending a first message to a core network, CN, node, the first message including an indication that the WT supports an additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 1. Initial attach with an MME and provide the UE (i.e. wireless terminal, WT for security capability for small data fast path)
receiving a second message from the CN node in response to the send first message, the second message including an indication that the CN supports the additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 4. The CN (i.e. MME) initiates the NAS Security Mode Command procedure with a WT (i.e. UE) to establish security, in the same message the MME indicates which cryptographic algorithms are to be used with small data transfer security)
and determining an integrity protection key in response to the received second message, for use of the additional security layer in communication with a separate CN node. (See Ericsson et al., Figure 5.7.4.2.4-1, Step 11. The UE (i.e. WT) creates small data transfer security, Figure 5.7.4.2.5-1, Step 3. The UE performs protection (integrity and/or encryption) of the small data using the security protocol called SDTSec and the small data transfer security content, Figure 5.7.4.2.5-1, Step 7. The S-GW (i.e. separate CN node) receives the GTP-U PDU including the protected small data and terminates SDTSec (integrity check and/or decryption) using the small data transfer security context)
Referring to the rejection of claim 11, Ericsson et al. discloses a core network, CN, node for user plane security in a wireless communication system, the CN node comprising: a processing circuitry; and a computer program product storing instructions that, when executed by the processing circuitry, causes the CN node to: (See Ericsson et al., page 1, Section 5.7.4.2 Small Data Fast Path in User Plane and Figure 5.7.4.2.2-1, security context for the user plane in a wireless communication system performed in a core network CN (i.e. MME)
receive a first message from a wireless terminal, WT, the first message including an indication that the WT supports an additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 1. Initial attach with an MME and provide the UE (i.e. wireless terminal, WT for security capability for small data fast path)
send a second message to the WT in response to the received first message, the second message including an indication that the CN supports the additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 4. The CN (i.e. MME) initiates the NAS Security Mode Command procedure with a WT (i.e. UE) to establish security, in the same message the MME indicates which cryptographic algorithms are to be used with small data transfer security)
and send a third message to a separate CN node, the third message comprising an indication that the additional security layer is to be used in communication with the WT. (See Ericsson et al., Figure 5.7.4.2.4-1, Step 6. The MME sends a Create Session Request to the selected SGW (i.e. separate CN Node together with the small data transfer security context)
Referring to the rejection of claim 16, Ericsson et al. discloses a wireless terminal, WT, for user plane security in a wireless communication system, the WT comprising: a processing circuitry; and a computer program product storing instructions that, when executed by the processing circuitry, causes the WT to: (See Ericsson et al., page 1, Section 5.7.4.2 Small Data Fast Path in User Plane and Figure 5.7.4.2.2-1, security context for the user plane in a wireless communication system, performed in a wireless terminal WT (i.e. UE)
send a first message to a core network, CN, node, the first message including an indication that the WT supports an additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 1. Initial attach with an MME and provide the UE (i.e. wireless terminal, WT for security capability for small data fast path)
receive a second message from the CN node in response to the send first message, the second message including an indication that the CN supports the additional security layer; (See Ericsson et al., Figure 5.7.4.2.4-1, Step 4. The CN (i.e. MME) initiates the NAS Security Mode Command procedure with a WT (i.e. UE) to establish security, in the same message the MME indicates which cryptographic algorithms are to be used with small data transfer security)
and determine an integrity protection key in response to the received second message, for use of the additional security layer in communication with a separate CN node. (See Ericsson et al., Figure 5.7.4.2.4-1, Step 11. The UE (i.e. WT) creates small data transfer security, Figure 5.7.4.2.5-1, Step 3. The UE performs protection (integrity and/or encryption) of the small data using the security protocol called SDTSec and the small data transfer security content, Figure 5.7.4.2.5-1, Step 7. The S-GW (i.e. separate CN node) receives the GTP-U PDU including the protected small data and terminates SDTSec (integrity check and/or decryption) using the small data transfer security context)
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 2-5, 7-10, 12-15, and 17-20 are rejected under 35 U.S.C. 103 as being unpatentable over Ericsson et al., “More Details On Fast Path Security Protocol” in view of Chen et al. (WO 2008/098515).
Ericsson et al. discloses the invention as described above, however, Ericsson et al. fail to explicitly disclose additional security layers. 
	Chen et al. discloses a method and system for selecting a user plane algorithm.
Referring to the rejection of claims 2 and 12, (Ericsson et al. modified by Chen et al.) discloses further comprising: determining that the received additional security layer is supported by the CN. (See Ericsson et al., Figure 5.7.4.2.4-1, Step 3. The MME derives the small data transfer security context from K_ASME. 
See Chen et al., Figure 5, Step 503, The MME/UPE selects a user plane security algorithm and a control plane algorithm in the default IP bearer, and the selection needs to be based on the security capability of the UE, and may further be based on an algorithm, a network policy, and a UE request that are allowed to be used by the UE in the UE subscription information)
Therefore, it would have been obvious to one of ordinary skill in the art, before the effective filing date of the invention to combine Ericsson et al.’s method and system for providing security for a small data fast path solution modified with Chen et al.’s method and system for selecting a user plane algorithm.
Motivation for such an implementation would enable selecting a user plane algorithm, so that different services with different security requirements are provided in the SAE/LTE network, and different levels of security protection may be provided for different users. (See Chen et al., Abstract)
Referring to the rejection of claims 3, 7, 8, 13, 17, and 18, (Ericsson et al. modified by Chen et al.) discloses wherein the first message is an initial attach message, the second message is a non-access, NAS, security mode command message, and the third message is a create session request message. (See Chen et al., Figure 5, Steps 501, The UE sends an attach request to the MME/UPE, and the UE may need to carry its own security capability information in the attach request. Step 504, the MME/UPE sends the security algorithm of the user plane and the control plane to the UE in the NAS security mode command. After receiving the algorithm, the UE may also need to return a security mode command response to the network, and the response message may further carry the received algorithm and/or the security capabilities of the UE and Step 508, the MME completes the PCRF interaction with the SAE-GW, and completes the update of the user routing area in the SAE-GW.)
The rationale for combining Ericsson et al. in view of Chen et al. is the same as claim 2.

Referring to the rejection of claims 4, 9, 14, and 19, (Ericsson et al. modified by Chen et al.) discloses wherein the indication in the first message is signalled by a spare bit in a security capability information element, IE. (See Chen et al., Figure 5, Step 501, the UE may need to carry its own security capability information in the attach request)
The rationale for combining Ericsson et al. in view of Chen et al. is the same as claim 2.
Referring to the rejection of claims 5, 10, 15, and 20, (Ericsson et al. modified by Chen et al.) discloses wherein the CN node is a mobility management entity, MME, and the separate CN node is a serving gateway, S-GW. (See Chen et al., Figure 5, MME/UPE and SAE-GW)
The rationale for combining Ericsson et al. in view of Chen et al. is the same as claim 2.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871. The examiner can normally be reached IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/COURTNEY D FIELDS/Examiner, Art Unit 2436                                                                                                                                                                                                        April 9, 2022

/KENDALL DOLLY/Primary Examiner, Art Unit 2436