DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2 and 4-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Martinez de la Cruz (WO 2021/008716 A1) in view of Xiong (US 2017/0054710 A1).

Regarding claim 1, Martinez de la Cruz discloses: A method, comprising: 
determining, by a device, that a network function of a network has been instantiated to facilitate communication via the network; 
Refer to at least pg. 2, ll. 16-22 and pg. 8, ll. 34-pg. 9, ll. 2 of Martinez de la Cruz with respect to instantiating a virtualized network function.
receiving, by the device and from [a] certificate authority, the certificate; 
Refer to at least pg. 2, ll. 30-pg. 3, ll. 2 of Martinez de la Cruz with respect to receiving a certificate for a respective NF from a certificate authority.
generating, by the device, a certificate profile to enable other network functions of the network to authenticate communications with the network function, wherein the certificate profile identifies: 
the certificate, and 
Refer to at least the abstract, pg. 9, ll. 21-24, and pg. 11, ll. 17-22 of Martinez de la Cruz with respect to a registering NF and associated profile (including the certificate) which is registered at a network function repository (NRF). 
a certification protocol; and 
Refer to at least pg. 12, ll. 1-5 and pg. 13, ll. 34-36 of Martinez de la Cruz with respect to caCertificates, which comprises the information necessary to validate the certificate. 
providing, by the device and to the network function, the certificate profile to cause the network function to use the certificate to communicate with the other network functions.
Refer to at least pg. 3, ll. 27-34, FIG. 5C, and pg. 19, ll. 20-36 of Martinez de la Cruz with respect to discovery via the NF profile, as well as communication based on the NF profiles at the NRF. 
Martinez de la Cruz discloses a NF obtaining a CA certificate, but does not appear to specify: requesting, by the device, a certificate authority to provide a certificate for the network function. However, Martinez de la Cruz in view of Xiong discloses: requesting, by the device, a certificate authority to provide a certificate for the network function.
Refer to at least the abstract and FIG. 1-2 of Xiong with respect to a virtualized network function manager providing requesting a certificate from a CA on behalf of a VNF/infrastructure manager. 
The teachings of Martinez de la Cruz and Xiong both concern core network VNFs and certificates. As such, they are considered to be within the same field of endeavor and combinable as such. 
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Martinez de la Cruz to include a proxy for certificate acquiring for at least the reasons provided in [0014] and [0187] of Xiong (i.e., increased security).

Regarding claim 2, Martinez de la Cruz-Xiong discloses: The method of claim 1, wherein determining that the network function has been instantiated comprises: 
receiving, from a network function orchestrator of the network, a notification that the network function was instantiated; and 
Refer to at least [0143] and [0149] of Xiong with respect to a network function orchestrator determining a need to instantiate a VNF instance.
determining, based on the notification, an identifier of the network function and a communication protocol of the network function, 
Refer to at least pg. 12, ll. 1-pg. 13, ll. 16 of Martinez de la Cruz with respect to VNF identifier and type/network code.
Refer to at least [0142], [0156]-[0157], [0192]-[0194], and [0219]-[0221] of Xiong with respect to certificate application information including a key and certificate format information.   
wherein the certificate authority is requested to generate the certificate based on the identifier and the communication protocol.
Refer to at least [0175] and [0204] of Xiong with respect to generating the certificate based on the certificate application information. 
This claim would have been obvious for substantially the same reasons as claim 1 above (i.e., increasing security via a proxy for requesting a certificate).

Regarding claim 4, Martinez de la Cruz-Xiong discloses: The method of claim 1, wherein the other network functions are configured to authenticate the communications with the network function based on the other network functions providing the certificate to the certificate authority in association with the certification protocol.
Refer to at least pg. 16, ll. 21-pg. 17, ll. 2 of Martinez de la Cruz with respect to VNFs validating each other’s certificates via the caCertificates to communicate. 

Regarding claim 5, Martinez de la Cruz-Xiong discloses:  The method of claim 1, wherein the certification protocol comprises at least one of: a certificate management protocol, a simple certificate enrollment protocol, or an enrollment over secure transport protocol.
Refer to at least pg. 3, ll. 4-9 and FIG. 5C of Martinez de la Cruz with respect to the TLS protocol and validating certificates. 

Regarding claim 6, Martinez de la Cruz-Xiong discloses: The method of claim 1, wherein the certificate authority is a first intermediate certificate authority associated with a first network infrastructure, the method further comprising: instantiating a second intermediate authority associated with a second network infrastructure that is different from the first network infrastructure.
Refer to at least pg. 1, ll. 33-38 and pg. 16, ll. 21-30 of Martinez de la Cruz with respect to intermediate CAs and their certificates; validation via such. 

Regarding claim 7, it is rejected for substantially the same reasons as claim 1 above (i.e., the citations concerning core network VNFs—e.g., the abstract of Martinez de la Cruz).

Regarding independent claim 8, it is substantially similar to independent claim 1 above but further specifies a core network and containerized network functions. The Martinez de la Cruz and Xiong references are drawn to core networks and virtualized network functions (e.g., the citations in claim 1 above—“An NF 107 can be implemented… as a virtualised function instantiated on an appropriate platform, e.g., on a cloud infrastructure”). Accordingly, claim 8 is rejected for substantially the same reasons as claim 1 above (i.e., the citations and obviousness rationale).

Regarding claim 9, Martinez de la Cruz-Xiong discloses: The device of claim 8, wherein the containerized network function is associated with a proxy of the containerized core network infrastructure, and wherein the certificate is associated with the proxy.
Refer to at least the abstract and [0016] and [0199] of Xiong with respect to a proxy for certificate applications. 
This claim would have been obvious for substantially the same reasons as claim 8 above.

Regarding claims 10-11, they are rejected for substantially the same reasons as claim 2 above (i.e., the citations and obviousness rationale).

Regarding claim 12, it is rejected for substantially the same reasons as claim 8 above (e.g., FIG. 2 of Xiong).

Regarding claim 13, it is rejected for substantially the same reasons as claim 8 above (e.g., caCertificates as per at least pg. 12, ll. 1-5 and pg. 13, ll. 34-36 of Martinez de la Cruz).

Regarding claim 14, it is rejected for substantially the same reasons as claim 4 above (i.e., the citations).

Regarding independent claim 15, it is substantially similar to independent claim 1 above, and is therefore likewise rejected for substantially the same reasons (i.e., the citations and obviousness rationale).

Regarding claim 16, it is rejected for substantially the same reasons as claim 2 above (i.e., the citations and obviousness rationale).

Regarding claims 18-19, they are substantially similar to claims 4-5 above, and are therefore likewise rejected.

Regarding claim 20, it is rejected for substantially the same reasons as claim 15 above (i.e., the citations concerning VNFs).

Claim 3 is is/are rejected under 35 U.S.C. 103 as being unpatentable over Martinez de la Cruz-Xiong as applied to claims 1-2 and 4-20 above, and further in view of Gupta (WO 2019/194665 A1).

Regarding claim 3, Martinez de la Cruz-Xiong does not fully disclose: wherein requesting the certificate authority to provide the certificate comprises: generating a request for the certificate, wherein the request identifies an application programming interface of the network function; and sending the request to the certificate authority, wherein the certificate authority is configured to generate the certificate based on the application programming interface. However, Martinez de la Cruz-Xiong in view of Gupta discloses: wherein requesting the certificate authority to provide the certificate comprises: generating a request for the certificate, wherein the request identifies an application programming interface of the network function; and sending the request to the certificate authority, wherein the certificate authority is configured to generate the certificate based on the application programming interface. 
Refer to at least [144] and [151] of Gupta with respect to generating an API invoker’s profile comprising an API invoker ID and API invoker certificate to be signed by, e.g., a certificate authority. 
The teachings of Martinez de la Cruz-Xiong and Gupta concern core network functions and certificates, and are considered to be within the same field of endeavor and combinable as such.
Therefore it would have been obvious to one of ordinary skill in the art before the filing date of Applicant’s invention to modify the teachings of Martinez de la Cruz-Xiong to further include API invoker information in the certificate application for at least the purpose of correctly specifying certificates based on their usage. 

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to VADIM SAVENKOV whose telephone number is (571)270-5751. The examiner can normally be reached 12PM-8PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jeffrey L Nickerson can be reached on (469) 295-9235. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Jeffrey Nickerson/Supervisory Patent Examiner, Art Unit 2432                                                                                                                                                                                                        




/V.S/      Examiner, Art Unit 2432