Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Response to Arguments
Applicant's response with amendments filed 01/25/2022 have been received and entered. Applicant has amended claims 1-6, 13-17, 25-30, and 37. New and amended claims have been examined on the merits.
Applicant’s arguments, see Applicant Arguments pages 14-15, with respect to the Invocation of Provisions of U.S.C. 112(f) have been fully considered and are persuasive.  Examiner notes that while the Applicants do not dispute the interpretation of the Office Action with respect to U.S.C. 112(f), Applicants submit that the structure and algorithms corresponding to the means elements recited in claim 37 are not limited to only the interpretation of the Office Action.
Applicant’s arguments, see Applicant Arguments pages 15-19, with respect to the rejection(s) of the independent claim(s) 1 (13, 25, and 37) under 35 U.S.C. 103 have been fully considered and are persuasive. Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Skuratovich et al. (US 20170163693), hereinafter Skuratovich.
	The rest of applicant’s arguments are moot in view of new grounds of rejection set forth above. 
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 13, 25, and 37 are rejected under 35 U.S.C. 103 as being unpatentable over Skuratovich et al. (US 20170163693), hereinafter Skuratovich in view of 3GPP TR 33.833 V0.4.0 (IDS dated 05/20/2021; 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects Study on security issues to support Proximity Services), hereinafter 3GPP-TR.
	Regarding Claim 1, Skuratovich teaches
	A method of providing secure communications between a first computing device and a second computing device, comprising (Para [0027] A communication event is established between an initiating device and a responding device under the control of a remote communications controller. The communication event establishment procedure is secured using pre-exchanges session key data):
	determining, in a first application software in an application layer executing in a processor of the first computing device, first security key establishment information (Para [0061] In embodiments of the present subject matter, the secure connection used to pre-negotiate the session key data is a secure transport layer connection established between the initiating device and the responding device via the network 108. That is, a secure, end-to-end connection at the transport layer 114. That is, an end-to-end TCP secured using a TLS key.  Para [0097] In the application layer key exchange of block 402, IP is used to establish a logical, network layer connection 407 at the transport layer 306—such as a TCP connection—for the pre-call establishment phase; this connection is end-to-end between the client 205a and the call controller 210.  Para [0098] Over the network layer connection 407, security is added using TLS in this example, though other types of security protocol can be used instead. As noted, such security protocols operate in between the transport layer 306 and application layer 308, as shown in FIG. 4. These add more network roundtrips after connection establishment, but in exchange provide confidentiality and data integrity even if the underlying physical layer network is not secure).
	Skuratovich does not explicitly teach providing the first security key establishment information from the application layer to a communication layer of the first computing device in a format for transmission by the communication layer to the second computing device; receiving, in the first application software in the application layer from the communication layer of the first computing device, second security key establishment information received from the second computing device; determining a first security key by the first application software in the application layer based at least in part on the second security key establishment information received from the second computing device; and providing the first security key from the application layer to the communication layer for use by the communication layer in protecting transmissions of messages from the first application software to the second computing device.  
	In the same field of endeavor, 3GPP-TR teaches
	providing the first security key establishment information from the application layer to a communication layer of the first computing device in a format for transmission by the communication layer to the second computing device (p. 59, lines: 28-31 "UE_1 has sent a Direct-Connection-Request to UE_2.This message includes Nonce 1 (for session keygeneration), Supported algs (the list of algorithms that UE_1 is OK to use in this connection) and Key creation data (information needed to determine the method of key generation - the details of this are FFS)"; p. 47, lines: 32, 36-37 "The ProSe architecture shows the existence of two separate layers, the ProSe EPS layer and the ProSe APP layer", “The ProSe EPS layer consists of the rest of the mobile network functions required for ProSe, i.e., what is required to provide IP connectivity between UEs", p. 49, line: 23 "On top of the ProSe EPS layer, the ProSe APP layer provides stronger security functions such as end-to-end encryption"); Examiner notes that as these two layers exist in a ProSe architecture, the upper layer, ProSe APP, provides messages to the lower layer, ProSe EPS, and as APP layer provides end-to-end encryption, it is implied that the messages that are sent from the APP layer to the EPS layer are generated in an encrypted format, therefore adapted to be transferred to the second device encrypted.
	receiving, in the first application software in the application layer from the communication layer of the first computing device, second security key establishment information received from the second computing device (p. 59 line: 33 - p. 60, line: 2 "UE_2 sends the Direct-Security-Mode-Command to UE_1. It includes the DKSI to indicate which KD to use, Nonce 2 to allow a session key to be calculated and the chosen algs parameter to indicate which security algorithms the UEs will use to protect the data.  UE 2 also returns the Supported algs parameter and part of the Key creation data to protect them from man-in-the-middle attack"; p. 47, lines: 32, 36-37 "The ProSe architecture shows the existence of two separate layers, the ProSe EPS layer and the ProSe APP layer", "The ProSe EPS layer consists of the rest of the mobile network functions required for ProSe, i.e., what is required to provide IP connectivity between UEs” ); Examiner notes that as these two layers exist in a ProSe architecture, the lower layer, ProSe EPS, used for communication with other entities, provides messages to the upper layer, ProSe APP.
	determining a first security key by the first application software in the application layer based at least in part on the second security key establishment information received from the second computing device (p. 60 , lines: 3-6 "UE 2 calculates KD-Sess from KD and Nonce 1 and Nonce 2 and then derives the confidentiality and integrity keys based on the chosen algorithms (see subclause 6.4.1.6.1). It integrity protect the Direct-Security-Mode-Command before sending it to UE_1. UE 1 performs the same key calculation"); and
	providing the first security key from the application layer to the communication layer for use by the communication layer in protecting transmissions of messages from the first application software to the second computing device (p. 60, lines: 7-9 " 2. UE_1 send an integrity protected Direct-security-mode complete message to UE-2. After this all messages are integrity and confidentiality protected except possibly rekeying messages”).
	It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method of Skuratovich to incorporate the teachings by 3GPP-TR such that the method of Skuratovich includes providing the first security key establishment information from the application layer to a communication layer of the first computing device in a format for transmission by the communication layer to the second computing device; receiving, in the first application software in the application layer from the communication layer of the first computing device, second security key establishment information received from the second computing device; determining a first security key by the first application software in the application layer based at least in part on the second security key establishment information received from the second computing device; and providing the first security key from the application layer to the communication layer for use by the communication layer in protecting transmissions of messages from the first application software to the second computing device. One would have been motivated to make such combination so that a ProSe-enabled UE uses different security contexts for ProSe one-to-one communication with different ProSe- enabled UEs (3GPP-TR, section 5.4.1.3, top of page 23).
	Regarding Claims 13, 25 and 37,
Claims 13, 25 and 37 are rejected for similar reasons as in claim 1.
Claims 2, 14, and 26 are rejected under 35 U.S.C. 103 as being unpatentable over Skuratovich et al. (US 20170163693), hereinafter Skuratovich in view of 3GPP TR 33.833 V0.4.0 (IDS dated 05/20/2021; 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects Study on security issues to support Proximity Services), hereinafter 3GPP-TR in view of Suh (US 20160262019), hereinafter Suh in view of Delsol et al. (US 9876821), hereinafter Delsol.
	Regarding Claim 2, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The combination of Skuratovich and 3GPP-TR does not explicitly teach receiving from the communication layer in the first application software in the application layer third security key establishment information sent by the second computing device.
	In the same field of endeavor Suh teaches
	The method of claim 1, further comprising: receiving from the communication layer in the first application software in the application layer third security key establishment information sent by the second computing device (Para [0020] The subject matter of the present invention to be described later is to provide a method that enables various devices that operate as User Equipment (UE) to perform safe communication by performing mutual discovery and mutual communication with each other, transferring related information, and performing a security procedure.  Para [0022] On the other hand, in the case where the UE performs D2D communication by receiving related information and security related information transferred thereto and performing a security procedure, various modifications may be made within a range that does not deviate from the scope of the present invention).
	It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method of Skuratovich and 3GPP-TR to incorporate the teachings by Suh such that the method of Skuratovich and 3GPP-TR includes receiving from the communication layer in the first application software third security key establishment information sent by the second computing device. One would have been motivated to make such combination in order to provide enabling a terminal (device) to mutually provide or receive information between terminals or by the assistance of a network, to receive security key related information, or to perform a security procedure using the security key (Suh, [Abstract]).
	The combination of Skuratovich, 3GPP-TR, and Suh does not explicitly teach wherein determining the first security key by the first application software in the application layer based at least in part on the second security key establishment information received from the second computing device comprises determining the first security key based at    least in part on the second security key establishment information and the third security key establishment information.
	 In the same field of endeavor, Delsol teaches
	wherein determining the first security key by the first application software in the application layer based at least in part on the second security key establishment information received from the second computing device comprises determining the first security key based at    least in part on the second security key establishment information and the third security key establishment information (Col. 6, lines 32-37, As will be described in more detail below, in order to allow for this separate ciphering, common shared security information is provided to the two mobile telephones 3 from which they can generate a common shared security key to encrypt their direct communications).
	It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method of Skuratovich, 3GPP-TR, and Suh to incorporate the teachings by Delsol such that the method of Skuratovich, 3GPP-TR, and Suh includes wherein determining the first security key by the first application software based at least in part on the second security key establishment information received from the second computing device comprises determining the first security key based at least in part on the second security key establishment information and the third security key establishment information. One would have been motivated to make such combination in order to provide so that common shared security base value is used as (or makes it possible to generate) the common security key that is used for exchanging integrity protected and ciphered messages on the established D2D link (Delsol, Col. 12, lines 3-7).
Regarding Claims 14 and 26,
Claims 14 and 26 are rejected for similar reasons as in claim 2.		
Claims 3-10, 15-22, and 27-34 are rejected under 35 U.S.C. 103 as being unpatentable over Skuratovich et al. (US 20170163693), hereinafter Skuratovich in view of 3GPP TR 33.833 V0.4.0 (IDS dated 05/20/2021; 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects Study on security issues to support Proximity Services), hereinafter 3GPP-TR in view of Delsol et al. (US 9876821), hereinafter Delsol in view of Pan et al. (US 20160262019), hereinafter Pan. 
	 Regarding Claim 3, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The combination of Skuratovich and 3GPP-TR does not explicitly teach selecting, by the first application software in the application layer, a key establishment algorithm to be used in determining content of the first security key establishment information.
	In the same field of endeavor Delsol teaches
	The method of claim 1, further comprising: selecting, by the first application software in the application layer, a key establishment algorithm to be used in determining content of the first security key establishment information (Col. 11, lines 1-6, The "RRC Connection Reconfiguration" message includes the D2D radio bearer configuration information (such as the radio parameters for the D2D link, including the transmit/receive power, frequency to be used etc.) and security configuration, such as the above described base1 value and ciphering algorithm to be used).
	It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method of Skuratovich, and 3GPP-TR to incorporate the teachings by Delsol such that the method of Skuratovich, and 3GPP-TR includes selecting, by the first application software in the application layer, a key establishment algorithm to be used in determining content of the first security key establishment information. One would have been motivated to make such combination in order to provide so that common shared security base value is used as (or makes it possible to generate) the common security key that is used for exchanging integrity protected and ciphered messages on the established D2D link (Delsol, Col. 12, lines 3-7).
	The combination of Skuratovich, 3GPP-TR, and Delsol does not explicitly teach indicating the selected key establishment algorithm in the first security key establishment information.
	In the same field of endeavor Pan teaches 
	indicating the selected key establishment algorithm in the first security key establishment information (Para [0117] a UE Security Capabilities IE set to indicate the list of algorithms that the initiating UE supports for the security establishment of this direct link).	
	It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method of Skuratovich, 3GPP-TR, and Delsol to incorporate the teachings by Pan such that the method of Skuratovich, 3GPP-TR, and Delsol includes indicating the selected key establishment algorithm in the first security key establishment information. One would have been motivated to make such combination in order to provide so that the first UE negotiates a security configuration with the second UE for encrypting or decrypting data from the first service (Pan, Col. 12, Para [0005]).
	Regarding Claim 4, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The method of claim 1, further comprising: receiving from the communication layer in a second application software in the application layer executing in the processor of the first computing device fourth security key establishment information sent by the second computing device (Pan, Para [0047] At transmitter system 210, the modulated signals from receiver system 250 are received by antennas 224, conditioned by receivers 222, demodulated by a demodulator 240, and processed by a RX data processor 242 to extract the reserve link message transmitted by the receiver system 250. Processor 230 then determines which pre-coding matrix to use for determining the beamforming weights then processes the extracted message);
	determining a second security key by the second application software in the application layer based at least in part on the fourth security key establishment information received from the second computing device (Delsol, Col. 6, lines 32-37, As will be described in more detail below, in order to allow for this separate ciphering, common shared security information is provided to the two mobile telephones 3 from which they can generate a common shared security key to encrypt their direct communications); and
	determining, by the second application software in the application layer, from information in the fourth security key establishment information received from the second computing device, key establishment algorithm to be used from the second application software to the second computing device (Pan, Para [0117] a UE Security Capabilities IE set to indicate the list of algorithms that the initiating UE supports for the security establishment of this direct link).
	The motivation/rationale to combine the references is similar to claim 3 above.
	Regarding Claim 5, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The method of claim 1, further comprising: providing by the first application software from the application layer to the communication layer further security key establishment information for transmission to the second computing device (Pan, Para [0049] FIG. 4 is a simplified block diagram of the program code 312 shown in FIG. 3 in accordance with one embodiment of the invention. In this embodiment, the program code 312 includes an application layer 400, a Layer 3 portion 402, and a Layer 2 portion 404, and is coupled to a Layer 1 portion 406. The Layer 3 portion 402 generally performs radio resource control. The Layer 2 portion 404 generally performs link control. The Layer 1 portion 406 generally performs physical connections);
	receiving by the first application software in the application layer from the communication layer further security key establishment information received from the second computing device (Suh, Para [0023] On the other hand, as shown in FIG. 1, an embodiment of the present invention proposes a management method that makes it possible to transfer related information, to perform a security procedure, and to perform safe communication when various devices including a communication UE that is the basic object of the present invention intend to perform D2D communication in an EUTRAN or 3GPP environment); and   
	using the further security key establishment information by the first application software in determining the first security key (Delsol, Col. 6, lines 32-37, As will be described in more detail below, in order to allow for this separate ciphering, common shared security information is provided to the two mobile telephones 3 from which they can generate a common shared security key to encrypt their direct communications).
	The motivation/rationale to combine the references is similar to claim 2 and claim 3 above.
	Regarding Claim 6, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The method of claim 1, further comprising: providing data packets by the first application software in the application layer to the communication layer for transmission to the second computing device, protecting the data packets by the communication layer using the first security key (Pan, Para [0385] Referring back to FIGS. 3 and 4, in one exemplary embodiment of a first UE for supporting multiple services on a one-to-one sidelink communication link between the first UE and a second UE, the device 300 includes a program code 312 stored in the memory 310. The CPU 308 could execute program code 312 to enable the first UE (i) to initiate a first service, (ii) to establish the one-to-one sidelink communication link for the first service, (iii) to negotiate a security configuration with the second UE for encrypting or decrypting data from the first service, (iv) to initiate a second service, and (v) to encrypt or decrypt data from the second service with the security configuration used by the first service), and
	transmitting the protected data packets to the second computing device (Pan, Para [0193] Upon reception of the Direct Communication Request message, the UE-2 could transmit a Direct Communication Accept message to the UE1. The Direct Communication Accept message could include: [0194] Accepted PC5 QoS parameters).
	The motivation/rationale to combine the references is similar to claim 3 above.
	Regarding Claim 7, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The method of claim 6, further comprising: transmitting the protected data packets to the second computing device by the communication layer via a PC5 protocol (Pan, Para [0061] This solution addresses Key Issue #1 on the support of eV2X Group Communication, Key Issue #9 on the support of the unicast/multicast communication over PC5 and Key Issue #4 on the support of PC5 QoS framework enhancement for eV2X, focusing on the following aspects: [0062] Identifiers for the unicast 
communication, e.g. L2 ID).
	The motivation/rationale to combine the references is similar to claim 3 above.
	Regarding Claim 8, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	wherein the first application software is a vehicle-to- everything (V2X) application executing in the processor of the first computing device, which is a first in-vehicle computing device of a first vehicle, and the second computing device is a second in-vehicle computing device of a second vehicle (Pan, Para [0071] TS 23.303 [8] has defined the procedures for the establishment and maintenance of secure L2 link over PC5, as in clause 5.4.5. These procedures can be enhanced and adapted for the V2X use, subject to the decisions above regarding signalling protocol choice, security handling, etc. Some addition considerations for the V2X for the link/group handling is required though. For V2X communication, not all UEs will be supporting or use unicast communication. In addition, not all services may be run over the same channel or RAT (e.g. LTE V2X vs. NR V2X). With V2X, there is no discovery channel like that of ProSe (i.e. PC5-D), and there is no assumption on the configuration from network as that of Public Safety use).
	The motivation/rationale to combine the references is similar to claim 3 above.
	Regarding Claim 9, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	wherein the communication layer of the first computing device is a PC5 layer of the first computing device (Pan, Para [0129] Upon receipt of the DIRECT_COMMUNICATION_ACCEPT message, …UE shall use the established link for all one-to-one communication (including additional PC5 Signalling messages) to the target UE. Para [0185] … During the Layer-2 link establishment, the UE-1 could transmit a Direct Communication Request message to the UE-2. Possibly, the Direct Communication Request message could include: ... [0189] An identity of a V2X application; [0190] IP Address Config; [0191] Security information; [092] Requested PC5 QoS parameters).
	The motivation/rationale to combine the references is similar to claim 3 above.
	Regarding Claim 10, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The method of claim 1, further comprising: establishing, using the first security key, a communication layer security context with a communication layer of the second computing device (Delsol, Col. 12, lines 2-8, In accordance with this embodiment, the common shared security base value is sent from the network to each of the mobile telephones 3-1 and 3-2 and is used as (or makes it possible to generate) the common security key that is used for exchanging integrity protected and ciphered messages on the established D2D link between them--instead of using one of the pre-stored security base values).
	The motivation/rationale to combine the references is similar to claim 3 above.
	Regarding Claims 15 and 27, 
Claims 15 and 27 are rejected for similar reasons as in claim 3.
	Regarding Claims 16 and 28, 
Claims 16 and 28 are rejected for similar reasons as in claim 4.
	Regarding Claims 17 and 29, 
Claims 17 and 29 are rejected for similar reasons as in claim 5.
	Regarding Claims 18 and 30, 
Claims 18 and 30 are rejected for similar reasons as in claim 6.
	Regarding Claims 19 and 31, 
Claims 19 and 31 are rejected for similar reasons as in claim 7.
	Regarding Claims 20 and 32, 
Claims 20 and 32 are rejected for similar reasons as in claim 8.
	Regarding Claims 21 and 33, 
Claims 21 and 33 are rejected for similar reasons as in claim 9.
	Regarding Claims 22 and 34, 
Claims 22 and 34 are rejected for similar reasons as in claim 10.
 Claims 11, 23, and 35 are rejected under 35 U.S.C. 103 as being unpatentable over Skuratovich et al. (US 20170163693), hereinafter Skuratovich in view of 3GPP TR 33.833 V0.4.0 (IDS dated 05/20/2021; 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects Study on security issues to support Proximity Services), hereinafter 3GPP-TR in view of Jin et al. (US 20210127362), hereinafter Jin.
	Regarding Claim 11, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The combination of Skuratovich and 3GPP-TR does not explicitly teach wherein: the first security key establishment information and the second security key establishment information comprise information needed to be exchanged between two applications to enable the two applications to agree on a key; information content of the first security key establishment information and the second security key establishment information are transparent to the communication layer; the same security key establishment information may be used in an independent run of the key establishment to derive a key for protecting communications between apps; and a root key is a 256-bit key.
	In the same field of endeavor Jin teaches
	wherein: the first security key establishment information and the second security key establishment information comprise information needed to be exchanged between two applications to enable the two applications to agree on a key (Para [0371] In addition, in the V2X service, since the service varies according to the destination L2 ID (DST ID), an encryption technique is required that prevents a terminal without authority for the corresponding service from decoding the corresponding data. For example, the SLRB is transmitted for each specific service, and the corresponding SLRB has a root key for encryption for each DST ID. In this case, the actual key for encryption is generated as a root key characterized by the DST ID, and additional information necessary for the actual key may be included in the PDCP header. … );
	information content of the first security key establishment information and the second security key establishment information are transparent to the communication layer (Para [0375] In addition, in step 2i-20, the V2X server performs the procedure of providing the root key. That is, the root key extracted from the DST ID is assigned to the terminal, …);
	the same security key establishment information may be used in an independent run of the key establishment to derive a key for protecting communications between apps (Para [0375]  … and the terminal may generate (or derive) an encryption key used for actual encryption by applying the DST ID to the root key); and
	a root key is a 256-bit key (Para [0377] … Similar to algorithm execution in terminal, in the reception terminal (or applicable to the base station), a key stream block for encryption can be obtained by inputting a key for encryption of the user plane obtained from the Root Key (Key_V2X) (2i-25) and encryption parameters (COUNT, Bearer, Direction, Length (length of the key stream block)) as input parameters).
	It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method of Skuratovich and 3GPP-TR to incorporate the teachings by Jin such that the method of Skuratovich and 3GPP-TR includes wherein: the first security key establishment information and the second security key establishment information comprise information needed to be exchanged between two applications to enable the two applications to agree on a key; information content of the first security key establishment information and the second security key establishment information are transparent to the communication layer; the same security key establishment information may be used in an independent run of the key establishment to derive a key for protecting communications between apps; and a root key is a 256-bit key. One would have been motivated to make such combination so that the actual key for encryption is generated as a root key characterized by the DST ID, and additional information necessary for the actual key may be included in the PDCP header (Jin, Para [0371)).
Regarding Claims 23 and 35,
Claims 23 and 35 are rejected for similar reasons as in claim 11.
Claims 12, 24 and 36 are rejected under 35 U.S.C. 103 as being unpatentable over Skuratovich et al. (US 20170163693), hereinafter Skuratovich in view of 3GPP TR 33.833 V0.4.0 (IDS dated 05/20/2021; 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects Study on security issues to support Proximity Services), hereinafter 3GPP-TR in view of KIM et al. (US 20200100088), hereinafter KIM.
	Regarding Claim 12, the combination of Skuratovich and 3GPP-TR teaches all the limitations of claim 1 above,
	The combination of Skuratovich and 3GPP-TR does not explicitly teach transmitting the first security key establishment information to the second computing device on a control plane bearer of the communication layer, wherein the control plane bearer is a control plane bearer of a PC5 interface between the first computing device and the second computing device; protecting data packets from the first application software by the communication layer using the first security key; and transmitting the protected data packets to the second computing device on a user plane bearer of the communication layer.
	In the same field of endeavor KIM teaches
	The method of claim 1, further comprising: transmitting the first security key establishment information to the second computing device on a control plane bearer of the communication layer, wherein the control plane bearer is a control plane bearer of a PC5 interface between the first computing device and the second computing device (Para [0014] Preferably, the PC5 message may further include at least one of message type information indicating small data transmission or general data transmission, … activation transmission time information indicating a time for maintaining transmission the relay UE and the PC5 interface, a security parameter, and a unique sequence number for the transmission of the small data);	
	protecting data packets from the first application software by the communication layer using the first security key (Para [0319] The security association for the direct link between two ProSe-Enabled UEs is established by exchanging message contents associated with direct security mode establishment during the direct link setup procedure or a direct link rekeying procedure. After the direct security mode control procedure is successfully completed, the selected security algorithm and key are used for integrity protection and encryption of all PC5 signaling messages exchanged between UEs. In addition, the selected security algorithm and key are used for encrypting all data plane traffic exchanged between the UEs.); and
	transmitting the protected data packets to the second computing device on a user plane bearer of the communication layer (Para [0320] A UE that transmits a DIRECT_SECURITY_MODE_COMMAND message is referred to as a "commanding UE" and the other UE is referred to as the "peer UE").
	It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the method of Skuratovich and 3GPP-TR to incorporate the teachings by KIM such that the method of Skuratovich and 3GPP-TR includes transmitting the first security key establishment information to the second computing device on a control plane bearer of the communication layer, wherein the control plane bearer is a control plane bearer of a PC5 interface between the first computing device and the second computing device; protecting data packets from the first application software by the communication layer using the first security key; and transmitting the protected data packets to the second computing device on a user plane bearer of the communication layer. One would have been motivated to make such combination in order to provide performing a discovery procedure through the relay UE and a PCS interface; and transmitting a PCS message including the small data to the relay UE when it is verified that the relay UE has an ability to transmit the small data to the network in the discovery procedure (KIM, Para [0008)).
Regarding Claims 24 and 36,
Claims 24 and 36 are rejected for similar reasons as in claim 12.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAMID TALAMINAEI whose telephone number is (571)270-3283. The examiner can normally be reached Flexible, M-F 7:30 -5:30.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571) 272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/MOHAMMAD W REZA/Primary Examiner, Art Unit 2436                                                                                                                                                                                                        



/HAMID TALAMINAEI/Examiner, Art Unit 2436