DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Response to Arguments
Applicant's arguments filed 05/02/2022 have been fully considered but they are not persuasive. Applicant argues, on page 11 second paragraph, that it is not clear that Griot’s use of “provisioned” is the same as “sending” or “transmitting’ to the UE. The examiner respectfully disagrees. The broadest reasonable interpretation of the “sending” credentials in the claim includes provisioning the credentials since the end result is receiving the credentials at the UE.
Applicant’s arguments with respect to claim(s) 1-20 regarding the limitation “device-based identifier in a username field, password based on the device-based identifier in a password field” have been considered but are moot because the new ground of rejection does not rely on any reference applied in the prior rejection of record for any teaching or matter specifically challenged in the argument.
Applicant argues, on page 12 third paragraph, that at the current step of the claim under rejection, that authentication has already taken place by citing Grot [0052]. The examiner respectfully disagrees. Griot [0116] discloses sending the message after authentication has already taken place.
Applicant argues, on page 12 third paragraph, that there is no teaching in Griot that such “credentials” are analogous to the claimed “connection information”. The examiner respectfully disagrees. The broadest reasonable interpretation of “connection information” includes any information assisting the UE to connect to a network. Therefore, any element of Griot credentials (e.g., username, password, PIN, security keys, etc.) can be considered as a connection information.
  Applicant argues, on page 13 second paragraph, that Griot’ credentials are used as part of authentication process and not as part of connecting to the service. The examiner respectfully disagrees. Since authentication is part of connecting to the network,  any element of Griot credentials (e.g., username, password, PIN, security keys, etc.) can be considered as a connection information.
In response to applicant’s argument, on page 14 third paragraph to page 15 first paragraph,  that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007).  In this case, Rao hash function is used to enhance the simple authentication of Griot for improving the security, as a knowledge available to one of ordinary skill in the art.
Therefore, independent claims 1, 8, and 15 are maintained rejected. The dependent claims are not patentable for depending from the independent claims.
 

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. Independent claims 1, 8, and 15 recite “the connection profile comprising the device based identifier in a username field, a password based on the device-based identifier in a password field, and connection information for a wireless communication service". The original specification does not support this limitation.  For example, Fig. 3 shows one field 315 for the connection profile comprising the username, password that is transmitted to the user device. Paragraph [0063] discloses the user device transmitting an authentication request comprising a username in a username field and a password in password filed. Independent claims recite “the request comprises the device-based identifier from the username field and the password from the password field”. The original specification does not support this limitation.  Paragraph [0063] discloses the request comprises authentication identifier that is different from the username.  Paragraph [0063] discloses the username in a username field and a password in password filed but does not disclose username from a username field nor a password from a password filed. Dependent claims 2-7,21, and 24-26 are rejected for depending from a rejected independent claim 1. Dependent claims 9-14 22, and 27 are rejected for depending from a rejected independent claim 8. Dependent claims 16-20, 23, and 28-29 are rejected for depending from a rejected independent claim 15. 

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-14, 21-22, and 24-28 are rejected under 35 U.S.C. 103 as being unpatentable over Griot et al. (US 2015/0282042 A1) in view of Aaltonen et al. (US 20080216153 A1), and in further view of Rao et al. (US 2015/0128254 A1).

Regarding claim 1, Griot et al. teach a method comprising:
receiving from a user device, a request for a connection profile (Griot [0054] the UE 106 may include a network/service connecting component 306, as described further herein, to request information regarding network service)wherein the request for the connection profile comprises a device-based identifier of the user device (Griot [0092]  transmitting a request to establish a connection with the network ... the request may include an IMSI or other substantially unique identifier of the UE 106. In one example, credential requesting component 810 may use an International Mobile Station Equipment Identity (IMEI) in the request)
sending, based on validating the device-based identifier (Griot [0038] credentials can include an identifier of the UE (e.g., international mobile subscriber identity (IMSI))to the user device, a connection profile (Griot [0038] credentials for the service can be provisioned to the UE by the eNB or other network component) comprising a username in a username field, a password in a password field (Griot [0038] credentials can include ..username/password pairs) and a connection information for a wireless communication service (Griot [0038] credentials can include an identifier of the UE (e.g., international mobile subscriber identity (IMSI), ... and/or similar credentials that present a UE with a challenge to access the network);
receiving a request to access the wireless communication service (Griot [0052] UE 106 can request attachment), wherein the request comprises the device-based identifier from the username field and  the password from the password field (Griot [0051] the UE 106 can provide the appropriate username/password PIN, etc. for the service); and
sending, based on authenticating the user device,, to the user device, a message (Griot [0116] Once the authentication is performed, authentication component 1314 can communicate an authentication status back to the UE 106) indicating the user device is authorized to access the one or more services of the wireless communication service (Griot [0116] which is received by authentication requesting component 1310 and used to determine whether to communicate with the network)via the connection information in the connection profile (Griot [0100] connection establishing component 312 can establish the authenticated connection with the network (e.g., with network entity 304) based at least in part on the credentials).
Griot et al. do not teach
the device-based identifier in a username field, a password based on the device-based identifier in a password field ; and
authenticating, based on determining that a result of inputting the device-based identifier into a predefined function matches the password, the user device; and 
sending the message based on authenticating the user device.
In a similar endeavor, Aaltonen et al. teach
the device-based identifier in a username field (Aaltonen [0014] utilizing an identifier already affiliated with the device as a username comprises using an International Mobile Equipment Identity (IMEI), a Media Access Control (MAC) address, or an International Mobile Subscriber Identity (IMSI) as the username), a password based on the device-based identifier in a password field (Aaltonen [0012] A password and an authentication key are generated based on at least the username).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified Griot et al. by incorporating Aaltonen et al. to arrive at the invention.
The motivation of doing so would have facilitated authentication and automatic logons (See  Aaltonen [0011]).
The combination of Griot et al. and Aaltonen et al. does not teach
authenticating, based on determining that a result of inputting the device based identifier into a predefined function matches the password, the user device 
In a similar endeavor, Rao teaches
authenticating, based on determining that a result of inputting the device based identifier into a predefined function matches the password, the user device (Rao [0059] whether string 572 and password 140 are identical to one another, Fig. 5 step 580 Grant access. Note: the device-based identifier is interpreted as the username from Aaltonen [0014])
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified the combination of Griot et al. and Aaltonen by incorporating Rao hash function for authenticating the user device to arrive at the invention.
The motivation of doing so would have improved the authentication security.

Regarding claim 2, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 1, wherein the device-based identifier comprises one or more of an international mobile subscriber identifier (IMSI) or  an international mobile equipment identifier (IMEI) (Griot [0105] UE 106 may identify itself by using its IMEI).

Regarding claim 3, , the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 1, wherein the request to access the wireless communication service further comprises an extensible authentication protocol tunneled transport layer security request (Griot [0115] authentication requesting component 1310 can determine the type of EAP authentication.. the EAP authentication type can include at least one of EAP-transport layer security (EAP-TLS), EAP-tunneled TLS) having an inner identifier and an outer identifier, wherein the inner identifier comprises the device-based identifier (Griot [0038] credentials can include ..username/password pairs) and the outer identifier comprises the authentication identifier (Griot [0113] a new IE indicating EAP authentication, a specific IMSI or other UE identifier. Note: authentication identifier is interpreted as the IE indicating EAP authentication and the username is interpreted as the device-based identifier since Griot [0038] teaches the username as the UE identifier).

Regarding claim 4, the combination of Griot et al. and Rao et al. teaches the method of claim 1 further comprising generating, based on inputting the device-based identifier into a predefined function (Rao [0044] password 140 is a hash value generated from a data set of username 155, serial number 420.Note: the username is interpreted as the device-based identifier since Aaltonen [0014] teaches the username as the UE identifier)
The motivation of doing so would have improved the security.

Regarding claim 5, the combination of Griot et al. and Rao et al. teaches the method of claim 1, further comprising:
receiving, from the user device, a request for the connection profile (Griot [0092] transmitting a request to establish a connection with the network), wherein the request comprises one or more of an international mobile equipment identifier (IMEI) or an international mobile subscribe identifier (IMSI) (Griot [0092] the request may include an IMSI or other substantially unique identifier of the UE 106. In one example, credential requesting component 810 may use an International Mobile Station Equipment Identity (IMEI) in the request); and 
validating, based on one or more of the IMEI or the IMSI, the request, wherein the connection profile is transmitted in response to validating the request (Griot [0072] the credentials expected are USIM credentials that can be validated by an AAA server at an HPLMN of the UE 106, Griot [0038] credentials for the service can be provisioned to the UE by the eNB or other network component).

Regarding claim 6, the combination of Griot et al. and Rao et al. teaches the method of claim 1, further comprising 
determining a type of authentication based on the authentication identifier (Griot
[0052] UE 106 can indicate an authentication type as well. MME 112 can provide the credentials (and/or requested authentication type) to AAA server 122); and
switching, based on the type of authentication, from a first authentication procedure to a second authentication procedure, wherein the first authentication procedure is based on user provided credentials (Griot [0038] credentials can include ..username/password pairs) and the second authentication procedure is based on generated credentials, wherein the generated credentials are based on the device-based identifier (Griot [0038] credentials can include an identifier of the UE (e.g., international mobile subscriber identity (IMSI)).

Regarding claim 7, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 1, wherein the connection profile comprises an authentication identifier and an encryption key (Griot [0072] credentials stored for a plurality of subscription providers, which may include username/password or PIN values, security keys).

Regarding claim 8, Griot et al. teach a method comprising:
receiving a device-based identifier associated with a wireless communication service and a user device (Griot [0038] a UE .. can provide the appropriate credentials; . .  credentials can include an identifier of the UE),
determining, based on the device-based identifier, a service identifier for the wireless communication service (Griot [0045] provide network identification information and service identification information to one or more UEs); 
storing a username in a username field and a password in a password field (Griot [0051] credentials stored at the UE 106 for a given subscription provider , Griot [0038] credentials can include ... username/password pairs) ; 
generating a connection profile comprising an association of the service identifier (Griot [0036] The service identification information can include one or more identifiers relating to a network service offered by a network node ) with the username field and the password field (Griot [0038] credentials can include ..username/password pairs); 
sending, based on a request from the user device (Griot [0052] MME 112 can provide the credentials (and/or requested authentication type) to AAA server 122. The AAA server 122 can authenticate the UE 106 to access one or more services on service provider network 104... the credentials for a particular usage or service indicated by eNB 108 for UE 106 based on one or more policies for the UE 106 in policy server 126),  the connection profile (Griot [0038] credentials for the service can be provisioned to the UE by the eNB or other network component); 
receiving an authentication request for accessing the wireless communication service via an access point associated with the service identifier, wherein the authentication request comprises the username field and  the password (Griot [0051] eNB 108 may request a username/password, personal identification number (PIN), etc. from the UE 106, and the UE 106 can provide the appropriate username/password PIN, etc. for the service); and
sending, based on authenticating the user device, an authorization to access the one or more services of wireless communication service (Griot [0116] Once the authentication is performed, authentication component 1314 can communicate an authentication status back to the UE 106) via the service identifier (Griot [0042] It is to be appreciated that verifying credentials by the AAA server 122 can additionally include verifying the credentials for a particular usage or service).
Griot et al. do not teach
the device-based identifier in a username field and a password based on the device-based identifier in a password field; and 
sending, based on a result of inputting the device-based identifier into a predefined function matching the password, an authorization to access the wireless communication service.
In a similar endeavor, Aaltonen et al. teach
the device-based identifier in a username field (Aaltonen [0014] utilizing an identifier already affiliated with the device as a username comprises using an International Mobile Equipment Identity (IMEI), a Media Access Control (MAC) address, or an International Mobile Subscriber Identity (IMSI) as the username)and a password based on the device-based identifier in a password field (Aaltonen [0012] A password and an authentication key are generated based on at least the username).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified Griot et al. by incorporating Aaltonen et al. to arrive at the invention.
The motivation of doing so would have facilitated authentication and automatic logons (See  Aaltonen [0011]).
The combination of Griot et al. and Aaltonen et al. does not teach
sending, based on a result of inputting the device-based identifier into a predefined function matching the password, an authorization to access the wireless communication service.
In a similar endeavor, Rao et al. teach
sending, based on a result of inputting the device-based identifier into a predefined function matching the password, an authorization to access the wireless communication service (Rao [0059] determine whether string 572 matches password 140, i.e., whether string 572 and password 140 are identical to one another, and Rao Fig. 5 step 580 Grant access).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified the combination of Griot et al. and Aaltonen.by incorporating Rao hash function for authentication to arrive at sending the authorization if the password is matched, thus arriving at the invention.
The motivation of doing so would have improved the security.

Regarding claim 9, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 8, wherein the device-based identifier further comprises one or more of an international mobile subscriber identifier (IMSI) or  an international mobile equipment identifier (IMEI) associated with the user device (Griot [0105] UE 106 may identify itself by using its IMEI) 

Regarding claim 10, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 8, wherein the authentication request comprises an extensible authentication protocol tunneled transport layer security request (Griot [0115] authentication requesting component 1310 can determine the type of EAP authentication.. the EAP authentication type can include at least one of EAP-transport layer security (EAP-TLS), EAP-tunneled TLS) having an inner identifier and an outer identifier, wherein the inner identifier comprises the device-based identifier (Griot [0038] credentials can include ..username/password pairs) and the outer identifier comprises an authentication identifier. (Griot [0113] a new IE indicating EAP authentication, a specific IMSI or other UE identifier. Note: authentication identifier is interpreted as the IE indicating EAP authentication and the username is interpreted as the UE identifier since Aaltonen [0014] teaches the username as the UE identifier).
The motivation of doing so would have the same stored login credentials for many applications used on the device for automatic login.

Regarding claim 11, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 10, further comprising:
authenticating the user device based on a type of authentication indicated by the authentication identifier (Griot [0112] determine to perform EAP authentication, Griot [0115] authentication requesting component 1310 can determine the type of EAP authentication), wherein the type of authentication is associated with the wireless communication service (Griot [0070] establishing an authenticated connection with the one or more UEs based at least in part on the service information).

Regarding claim 12, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 10, wherein the connection profile comprises the authentication identifier and an encryption key (Griot [0072] credentials stored for a plurality of subscription providers, which may include username/password or PIN values, security keys).

Regarding claim 13, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 8, further comprising:
receiving, from the user device, a request for the connection profile (Griot [0092] transmitting a request to establish a connection with the network), wherein the request for the connection profile comprises one or more of an international mobile equipment identifier (IMEI) or an international mobile subscriber identifier (IMSI) (Griot [0092] the request may include an IMSI or other substantially unique identifier of the UE 106. In one example, credential requesting component 810 may use an International Mobile Station Equipment Identity (IMEI) in the request); and 
validating, based on one or more of the IMEI or the IMSI, the request, wherein the connection profile is sent in response to validating the request (Griot [0072] the credentials expected are USIM credentials that can be validated by an AAA server at an HPLMN of the UE 106, Griot [0038] credentials for the service can be provisioned to the UE by the eNB or other network component)).

Regarding claim 14, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 8, wherein the predefined function comprises a one way hash function (Rao [0021] Hashing is a non-reversible, or one-way, operation with no complementary operation).
The motivation of doing so would have improved the authentication process.

Regarding claim 21, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 1, wherein the connection information comprises one or more of an encryption key (Griot [0072] credentials stored for a plurality of subscription providers, which may include username/password or PIN values, security keys), a certificate, a service set identifier (SSID), or combinations thereof.

Regarding claim 22, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches  the method of claim 8, wherein the connection information comprises one or more of an encryption key (Griot [0072] credentials stored for a plurality of subscription providers, which may include username/password or PIN values, security keys), a certificate, a service set identifier (SSID), or combinations thereof.

Regarding claim 24, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches the method of claim 1, wherein the request to access the wireless communication service further comprises an authentication identifier ((Griot [0113] a new IE indicating EAP authentication, a specific IMSI or other UE identifier. Note: authentication identifier is interpreted as the IE indicating EAP authentication.

Regarding claim 25, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches the method of claim 1, further comprising: 
inputting the device-based identifier into a predefined function (Rao [0059] processor 340 uses username 155, serial number 515, shared secret 525, selected authorization level 565, and current time 315 to (i) generate a string 572, in accordance with hash function 232B,); and 
determining that a result of inputting the device-based identifier into the predefined function matches the password (Rao Fig. 5 steps 570, 575, and 580, Rao [0059] processor 340 uses username 155, serial number 515, shared secret 525, selected authorization level 565, and current time 315 to (i) generate a string 572, in accordance with hash function 232B, and (ii) determine whether string 572 matches password 140, i.e., whether string 572 and password 140 are identical to one another);.
The motivation of doing so would have improved the security.

Regarding claim 26, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches the method of claim 1, further comprising: 
determining, based on an authentication identifier, one or more services that the user device is authorized to access via the wireless communication service.

Regarding claim 27, the combination of Griot et al., Aaltonen et al.,  and  Rao et al. teaches the method of claim 8, wherein the password is based on a result of inputting the device-based identifier into a predefined function (Fig. 5 steps 570, 575, and 580, Rao [0059] processor 340 uses username 155, serial number 515, shared secret 525, selected authorization level 565, and current time 315 to (i) generate a string 572, in accordance with hash function 232B, and (ii) determine whether string 572 matches password 140, i.e., whether string 572 and password 140 are identical to one another).
The motivation of doing so would have improved the security.

Regarding claim 28, the combination of Griot et al. and Aaltonen et al. teaches  the method of claim 15, wherein the device-based identifier comprises device identifier information associated with the wireless communication service (Griot [0072] connection establishing component 312 may determine the credentials for the subscription provider based on subscription information of the UE 106 (e.g., IMSI, security root key (Ki) or other USIM credentials), etc. For example, connection establishing component 312 may determine a type of the network or subscription as related to LTE ) but does not teach
the password comprises a result of inputting the device-based identifier into a predefined function.
In a similar endeavor, Rao teaches 
the password comprises a result of inputting the device-based identifier into a predefined function (Rao Fig. 5 steps 570, 575, and 580, Rao [0059] processor 340 uses username 155, serial number 515, shared secret 525, selected authorization level 565, and current time 315 to (i) generate a string 572, in accordance with hash function 232B, and (ii) determine whether string 572 matches password 140, i.e., whether string 572 and password 140 are identical to one another).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified The combination of Griot et al. and Aaltonen.by incorporating Rao hash function for authenticating the user device to arrive at the invention.
The motivation of doing so would have improved the security.

Claims 15-19, 23, and 29  are rejected under 35 U.S.C. 103 as being unpatentable over Griot et al. (US 2015/0282042 A1) in view of Aaltonen et al. (US 20080216153 A1),

Regarding claim 15, Griot et al. teach A method comprising:
receiving a connection profile (Griot [0038] credentials for the service can be provisioned to the UE by the eNB or other network component) comprising a service identifier of a wireless communication service (Griot [0036] The service identification information can include one or more identifiers relating to a network service offered by a network node), a username in a username field and a password in a password field (Griot [0038] credentials can include ..username/password pairs) for accessing the wireless communication service (Griot [0038] to provide a hotspot for long term evolution (LTE) or other wireless communication service);
sending, to an access point associated with the service identifier, (Griot [0036] The service identification information can include one or more identifiers relating to a network service offered by a network node) an authentication request for accessing the wireless communication service (Griot [0052]  UE 106 can request attachment.. by specifying the credentials received from the service provider network 104), wherein the authentication request comprises the username and the password (Griot [0051] the UE 106 can provide the appropriate username/password PIN, etc. for the service);
receiving authorization to access the wireless communication service (Griot [0116] Once the authentication is performed, authentication component 1314 can communicate an authentication status back to the UE 106); and 
accessing the wireless communication service (Griot [00116] determine whether to communicate with the network).
Griot et al. do not teach
a device-based identifier of a user device in a username field and a password based on the device-based identifier in a password field 
portion of the device identifier information into a predefined function.
In a similar endeavor, Aaltonen et al. teach
the device-based identifier in a username field (Aaltonen [0014] utilizing an identifier already affiliated with the device as a username comprises using an International Mobile Equipment Identity (IMEI), a Media Access Control (MAC) address, or an International Mobile Subscriber Identity (IMSI) as the username), a password based on the device-based identifier in a password field (Aaltonen [0012] A password and an authentication key are generated based on at least the username).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified Griot et al. by incorporating Aaltonen et al. to arrive at the invention.
The motivation of doing so would have facilitated authentication and automatic logons (See  Aaltonen [0011]).

Regarding claim 16, the combination of Griot et al. and Aaltonen et al. teaches  the method of claim 15, wherein the device-based identifier comprises one or more of an international mobile subscriber identifier (IMSI) or  an international mobile equipment identifier (IMEI) (Griot [0105] UE 106 may identify itself by using its IMEI).

Regarding claim 17, the combination of Griot et al. and Aaltonen et al.. teaches  the method of claim 15, wherein the connection profile comprises an authentication identifier and an encryption key (Griot [0072] credentials stored for a plurality of subscription providers, which may include username/password or PIN values, security keys).

Regarding claim 18, the combination of Griot et al. and Aaltonen et al. teaches  the method of claim 15, wherein the authentication request comprises an extensible authentication protocol tunneled transport layer security request (Griot [0115] authentication requesting component 1310 can determine the type of EAP authentication.. the EAP authentication type can include at least one of EAP-transport layer security (EAP-TLS), EAP-tunneled TLS) having an inner identifier and an outer identifier, wherein the inner identifier comprises the device-based identifier (Griot [0038] credentials can include ..username/password pairs) and the outer identifier comprises an authentication identifier. (Griot [0113] a new IE indicating EAP authentication, a specific IMSI or other UE identifier. Note: authentication identifier is interpreted as the IE indicating EAP authentication and the username is interpreted as the UE identifier since Aaltonen [0014]] teaches the username as the UE identifier).

Regarding claim 19, the combination of Griot et al. and Aaltonen et al. teaches  the method of claim 15, further comprising sending a request for the connection profile (Griot [0092] transmitting a request to establish a connection with the network), wherein the request for the connection profile comprises one or more of an international mobile equipment identifier (IMEI) or an international mobile subscriber identity (IMSI) or  an international mobile subscriber identifier (IMSI) (Griot [0092] the request may include an IMSI or other substantially unique identifier of the UE 106. In one example, credential requesting component 810 may use an International Mobile Station Equipment Identity (IMEI) in the request) wherein the connection profile is received in response to validation of the request based on one or more of the IMEI or the IMSI (Griot [0072] the credentials expected are USIM credentials that can be validated by an AAA server at an HPLMN of the UE 106, Griot [0038] credentials for the service can be provisioned to the UE by the eNB or other network component).

Regarding claim 23, the combination of Griot et al. and Aaltonen et al. teaches  the method of claim 15, wherein the connection information comprises one or more of an encryption key (Griot [0072] credentials stored for a plurality of subscription providers, which may include username/password or PIN values, security keys), a certificate, a service set identifier (SSID), or combinations thereof.

Regarding claim 29, the combination of Griot et al. and Aaltonen et al. teaches  the method of claim 15, wherein the authentication request further comprises an authentication identifier indicating a type of authentication associated with the wireless communication service (Griot [0113] a new IE indicating EAP authentication, a specific IMSI or other UE identifier. Note: authentication identifier is interpreted as the IE indicating EAP authentication ) and one or more services that the user device is authorized to access via the wireless communication service (Griot [0113] perform EAP authentication for hotspot network types).


Claim 20 is rejected under 35 U.S.C. 103 as being unpatentable over Griot et al., in view of Rao , and in further view of Lee et al. (US 2009/0125945 A1)

Regarding claim 20, the combination of Griot et al. and Aaltonen et al. teaches  the method of claim 19, but does not teach
 wherein sending the request for the connection profile is performed in response to booting up a user device.
In a similar endeavor, Lee et al. teach
wherein sending the request for the connection profile is performed in response to booting up a user device (Lee [0288] If the receiving device 1360 is booted, the application/UI manager 806 accesses the SD&S server 1320 and then makes a request for connection information).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have the combination of Griot et al. and Aaltonen et al. by incorporating Lee et al. to arrive at the invention.
The motivation of doing so would have started establishing a connection upon the user booting up the device.


Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAID M ELNOUBI whose telephone number is (571)272-9732. The examiner can normally be reached Monday-Friday 9:30AM to 6:00PM ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kathy Wang-Hurst can be reached on 571-270-5371. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SAID M ELNOUBI/Examiner, Art Unit 2644