Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)	the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)	the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)	the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action. Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office action.
This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: network component in claim 11-20.
Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
Allowable Subject Matter
Claim 1-20 are allowed.
The following is an examiner’s statement of reasons for allowance: 
The prior art, Nimry et al (US 10,430,350), discloses a computing system that performs techniques relating to the secure storage, maintenance, and retrieval of data. Techniques described in this disclosure may prevent, limit, or otherwise insulate the data from unauthorized access by hackers, rogue devices, and unauthorized users. In some examples, a computing system may store a file by fracturing the file into multiple data blocks, encrypting the data blocks or the data stored within the data blocks, and storing the data blocks in scattered locations on a network. Further, the computing system may occasionally move at least some of the stored data blocks, and may, upon moving such data blocks, reencrypt the moved data blocks with a different encryption key. Still further, the computing system may inject fake data and/or fake data blocks into the system.
The prior art, Miguel (US 2018/0260576), discloses a method of encrypting data in a network system. The method may include generating within a trusted network of the network system an associated private key based on an attribute associated with an user, a homomorphically encrypted associated private key based on the associated private key via homomorphic encryption, and a homomorphic key pair. The method may also include transmitting the homomorphically encrypted associated private key from the trusted network to a non-trusted network of the network system. The method may further include generating within the trusted network encrypted data based on said data, and a homomorphically and attribute based encrypted control key. The method may further include transmitting the encrypted data, and the homomorphically and attribute based encrypted control key, from the trusted network to the non-trusted network.
The prior art, Hamid (US 10,055,601), discloses a first access key, which is provided by a key server for decrypting a file and the encrypted file is published on a public network by a first user. Every time the secured file is accessed by a second user, the first access key is provided by the key server to decipher the file. The first user can control access to the file by deleting the first access key on the key server, thus denying the second user access to the access key preventing de-encryption of the secured file.
The prior art, Lee et al (US 2017/0013453), discloses that a network may support a number of client devices. In such a network, a client device transmits a request to communicate with a network, establishes a security context, and receives one or more encrypted client device contexts from the network. An encrypted client device context enables reconstruction of a context at the network for communication with the client device, where the context includes network state information associated with the client device. The client device transmits a message (e.g., including an uplink data packet) to the network that includes at least one encrypted client device context. Since the network device can reconstruct the context for the client device based on an encrypted client device context, the network device can reduce an amount of the context maintained at the network device in order to support a greater number of client devices.
The prior art, Donahue et al (US 2016/0323736), discloses that an encryption key is used to decode messages sent to control devices, such as devices connected by the Internet of Things. For security, at least a portion of the encryption key is send to a receiving device via a first communication technology and a remaining portion of the encryption key is sent to the receiving device via a second communication technology different or disparate from the first communication technology.
The prior art, Narayan et al (US 9,413,730), discloses an encryption key management system and method implements enterprise managed encryption key for an enterprise using encryption for cloud-based services. In some embodiments, the enterprise deploys a key agent on the enterprise data network to distribute encryption key material to the network intermediary on a periodic basis. The network intermediary receives the encryption key material from the enterprise and stores the encryption key material in temporary storage and uses the received encryption key material to derive a data encryption key to perform the encryption of the enterprise's data. In this manner, the enterprise can be provided with the added security assurance of maintaining and managing its own encryption key while using cloud-based data storage services. The encryption key management system and method can be applied to ensure that the enterprise's one or more encryption keys do not leave the enterprise's premises.
The prior art, Wilson et al (US 2016/0182471), discloses sending and receiving data over unsecured networks. In an example a security broker is provided between a first network and a second network where the security level of the first network is different from the security level of the second network. A user in the first network is given control over the level of security to be applied to data being supplied to an application in the second network. The security broker  is arranged to supply data encrypted using a security scheme to the application in the second network and to supply decrypted data using the security scheme to a computing device associated with the first network.
The prior art, Stuntebeck et al (US 2016/0105463), discloses receiving a request to instantiate a communication connection from an application, a secure session may be established between the application and a remote application. Input from a user of the application may be received, subjected to at least one management policy, and transmitted to the remote application.
The prior art, Yadav et al (US 8,959,607), discloses techniques to enable secure communication among devices in a mesh network using a group temporal key. An authenticator device associated with a mesh network stores a pairwise master key for each of a plurality of devices in a mesh network upon authentication of the respective devices. Using the pairwise master key, the authenticator device initiates a handshake procedure with a particular device in the mesh network to mutually derive a pairwise temporal key from the pairwise master key. The authenticator device encrypts and signs a group temporal key using the pairwise temporal key for the particular device and sends the group temporal key encrypted and signed with the pairwise temporal key to the particular device.
The prior art, Barnes et al (US 8,401,155), discloses methods for secure recording in a customer center environment are provided. The system receives data related to a communication at a media distribution device. A key is provided by a key server to the media distribution device to encrypt the received data. In addition, an identifier may be associated with the received data. The key and the identifier are stored in a database associated with the key server. The encrypted data is recorded the a recorder, where it is accessible to authorized users within the customer center. Upon request, the key is provided to the authorized user to decrypt the encrypted data for play back. The customer center environment may include a user interface for viewing customer contacts. The contact may be organized into folders and annotations associated with the customer contacts may be received.
The prior art, Crandell (US 2009/0300356), discloses remote storage encryption system includes a data storage unit and a key server having a key management module configured to communicate with a client device. The key management module stores at least one key access map that maps at least one access credential to at least one encryption key to determine which encryption key to provide to the client device. An exemplary method includes mapping the at least one access credential to the at least one encryption key, receiving a request for the encryption key from a remote requestor, accepting the access credential with the request, validating the access credential against a previously stored version thereof, retrieving the encryption key associated with the access credential based on the mapping, and sending the key to the remote requester.
The prior art, Lo et al (US 2009/0264098), discloses configuring devices for wireless communication are disclosed. A method may include transmitting an activation key from an activation broker to a wireless agent. The method may also include transmitting the activation key from the activation broker to a wireless registrar. At least one of the transmission of the activation key to the wireless agent and the transmission of the activation key to the wireless registrar may include transmitting the activation key via a short-range wireless communication technology. In addition, the activation key may include information for authenticating wireless communication between the wireless agent and a wireless access point.
The prior art, Waller (2007/0250904), discloses enforcing at least one privacy policy in relation to user data, the system comprising: a user system, a broker system, and a service provider system, the user system being operable to: encrypt the user data using a symmetric encryption algorithm and an encryption key generated in dependence on said at least one privacy policy and a master key associated with the user system; and transmit the encrypted user data to the service provider in the form of a digital container that includes the encrypted user data and said at least one privacy policy; and the broker system being operable to: receive a request from the service provider to access the user data, the request including said at least one privacy policy; verify that the request complies with said at least one privacy policy; and if so, regenerate the encryption key in dependence on the master key and at least one privacy policy supplied by the service provider, whereby the service provider system is able to decrypt the user data using a symmetric decryption algorithm and the regenerated encryption key.
The prior art, Zhang (US 2005/0240760), discloses a  method for authentication authorization and accounting (AAA) in an interworking between at least two networks. The at least two networks are capable of communicating with a broker and include a first network and a second network to user certificate from a user device corresponding to a user of the first network. The first network to user certificate is signed by at a first network private key and includes a broker to first network certificate and a user public key. The broker to first network certificate is signed by a broker private key and includes a first network public key. A session key is sent from the second network to the user device when the broker to first network certificate and the first network to user certificate are determined to be authentic by the second network based upon the broker public key and the first network public key, respectively. The session key is encrypted with the user public key. The session key is permitting the user device to access the second network.
The prior art, Lewis (US 6,453,159), discloses a multi-level encryption scheme is provided for a wireless network. A first level of encryption is provided primarily for wireless communications taking place between a mobile terminal and an access point. In addition, a second, higher level of encryption is provided which is distributed beyond the wireless communications onto the system backbone itself. Through a key distribution server/access point arrangement, the second level of encryption provides a secure means for distributing the encryption scheme of the first level without compromising the integrity of the network.
However, the prior art, either alone or in combination does not expressly disclose ”operations performed by at least one network component included in a core mobile communication network, the operations performed by the at least one network component comprising: receiving, at the network component, first data from the network-enabled device, wherein the network-enabled device is outside of the core mobile communication network; encrypting, by the network component, the first data via a security key; transmitting, via an in-band communication channel of the core mobile communication network, the first encrypted data to the application server, wherein the application server is outside of the core mobile communication network; receiving, at the network component and from the application server, an instruction to modify the security key, wherein the instruction is received via a separate communication channel of the core mobile communication network; responsive to receiving the instruction, modifying the security key; receiving, at the network component, second data from the network-enabled device; encrypting, by the network component, the second data via the modified security key; and transmitting, via the in-band communication channel, second encrypted data to the application server.”
Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee.  Such submissions should be clearly labeled “Comments on Statement of Reasons for Allowance.”
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KENDALL DOLLY whose telephone number is (571)270-1948. The examiner can normally be reached Monday-Thursday 8am-5pm(EST) and Friday 8am-12pm(EST).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.




/KENDALL DOLLY/
Primary Examiner, Art Unit 2436