DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination (RCE) under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on May 9, 2022 has been entered.

Response to Amendments
	This office action is responsive to application 16/766,293 and the RCE filed on May 9, 2022.  Claims 1, 3-4, 8-9, 11, and 13 were amended, and claims 1-11, 13, and 15 remain pending in the application.

Response to Arguments
	The Examiner has fully considered the Applicant’s arguments filed with the RCE, and the Examiner responds as provided below.
	Regarding the Applicant’s response at page 5 of the Remarks that concerns the objection to claim 3, Applicant’s amendment to claim 3 remedies the issue and the objection is withdrawn.
Regarding the Applicant’s response at page 5 of the Remarks that concerns the § 112(b) rejection to claim 8, the Applicant’s amendment does not adequately remove the associated ambiguity and the § 112(b) is maintained as detailed below..
 	Regarding the Applicant’s response at pages 5-7 of the Remarks that concerns the § 103 rejection of independent claims 1, 9, 11, and 13, the Applicant’s arguments in conjunction with the claim amendments are persuasive, and consequently the Examiner conducted a new prior art search. The Applicant’s arguments are now moot with respect to the independent claims because the arguments do not apply to some of the references currently used in the rejection of the aforementioned claims as detailed below.

Claim Objections
Claim 4 is objected to because of the following informalities: “wherein” seemingly should not have been removed from the claim via the amendment.  Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Independent claims 1 and 11 and dependent claims 6, 8, and 15 – i.e., those claims that recite a “second security context” – are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.  Each of these claims recites “a second security context,” but a “first security context” is not recited.  This is ambiguous – why recite a “second security context” if a “first security context” is not recited?  Either a “first security context” should also be recited within the independent claims or the limitation of “a second security context” should be amended to read “a security context.”  The Examiner observes that claim 1 recites “an encryption operation” and “a second security context for a second encryption operation.”  From this, one can infer that the “encryption operation” is for a “first encryption operation,” but this need not necessarily be the case.  Accordingly, the claims should be amended to remove the ambiguity surrounding the “second security context.” 
Additionally, dependent claim 8 was amended to remove “the first security context and,” but now the claim reads “selecting between the second security context….”  Again, ambiguity remains because one cannot “select between” when only one option exists, which is to say, one cannot “select between the second security context…” when the second security context is the only option.
Dependent claims 2-7 are similarly rejected under § 112(b) for the reasons provided above because they depend upon rejected base claims.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The following conventions apply to the mapping of the prior art to the claims:
Italicized text – claim language.
Parenthetical plain text – Examiner’s citation and explanation.
Quotation marks – language quoted from a prior art reference.
Underlining – language quoted from a claim.
Brackets – material altered from either a prior art reference or a claim, which includes the Examiner’s explanation that relates a claim limitation to the quoted material of a reference.
Braces – a limitation taught by another reference, but the limitation is presented with the mapping of the instant reference for context.
Numbered footnote – a first phrase to be moved upwards to the primary reference analysis.
Lettered footnote – a second phrase to be moved after the movement of the first phrase from which it was lifted, or more succinctly, move numbered material first, lettered material last.
A.	Claims 1-11, 13 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Liao et al. (US 2019/0387401, “Liao”) in view of Sharma (US 2015/0365822, “Sharma”).
Liao discloses
A method (abstract, Fig. 15) of operating a terminal node (Figs. 12 & 15, ¶ [0239], “IoT-UE 1201” serves a terminal node), 
wherein a first static parameter is known by the terminal node and a first node (Fig. 13, ¶ [0240], “…it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 [serving as a first node] is expressed by a shared symmetric key kASME [as a first static parameter that is known by the terminal node and the first node because it is “shared”], from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection.”), 
the method comprising: 
using the first static parameter for an encryption operation between the terminal node and the first node (¶ [0240], “…it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 is expressed by a shared symmetric key kASME, from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection,” where KASME is use[d] for an encryption operation via the key kNASenc that ensures “confidentiality” between the AMF and IoT-UE through encryption), 
generating a second static parameter (Fig. 13, ¶¶ [0246]-[0248], “kgNBgrp” serves as a second static parameter) based on the first static parameter (Fig. 13, ¶ [0216], “The group key hierarchy 1301 is shown on the right hand side in FIG. 13 in parallel to keys generated during an extensible authentication protocol (EAP)-AKA [authentication and key agreement] procedure, which has been adapted to the new 5GS architecture from EPS-AKA and shown as a 5G-AKA key hierarchy 1302 on the [left],” i.e., the generat[ed] key kgNB of the base station gNB is based upon authentication and key agreement procedure that associates the AMF, IoT-UE, and gNB with each, and thus the second static parameter represented by the key kgNBgrp is based on the key KASME as the first static parameter that is produced via EAP-AKA) and 
1… that is known to both the terminal node and the first node (¶ [0223], “At least two alternatives for the idgrp may be considered. In a first alternative, the idgrp is a long term fixed ID for a group. As such, the idgrp can be assumed to be known by IoT-UEs [as the terminal] (e.g., pre-installed in IoT-UE's SIM card),” and ¶ [0246], i.e., the AMF generated kgNBgrp based on know[ing] idgrp.), 
2 …; and 
negotiating, using the second static parameter, a second security context (¶ [0248], “In an IoT-UE group context allocation and credentials generation process 1530, the gNB 1202 establishes a group context for the IoT-UE 1201, which includes at least idUE, Algid, AlgU se , and kUE grp… kUE grp←KDFk gNB grp (N1, N2, idUE, cUE, AlgU se , kgNB),” i.e., kUE-grp is us[ed] as the second static parameter to create kUEgrp that creates a second security context) for a second encryption operation (¶¶ [0249]-[0251], “From kUE grp, the IoT-UE 1201 derives two keys, kUEInt grp and kUEEnc grp, used for, respectively, integrity protection and encryption [as a second encryption operation] of control and data plane.”) between the terminal node and a second node (Figs. 13 and 28, ¶ [0248], “In an IoT-UE group context allocation and credentials generation process 1530, the gNB 1202 [as a second node] establishes a group context [as a second security context kUEgrp in which keys are shared between IoTs-UEs and a base station gNB (see Fig. 28)] for the IoT-UE 1201,”) that has received the second static parameter from the first node (¶ [0246], “The AMF 1202 delivers [and thus received] the kgNB grp [as the second static parameter] to the gNB 1202 [as the second node]…”).  
Liao doesn’t disclose
	1 …a third parameter…
	2 wherein the third parameter is a subscriber identity associated with the terminal node;
Sharma, however, discloses
	1 {generating a second static parameter based on…} a third parameter { that is known to both the terminal node and the first node} … (Fig. 9, ¶ [0152], “At the start of the security procedure illustrated, a mobile communication device 3 wishing to initiate communication in the pico cell 5-1, 5-2 sends a non access stratum (NAS) message requesting attachment (e.g. an ‘NAS ATTACH REQUEST’ message) to the MME 112 (transparently via the macro base stations 5-1) at S910 including information identifying the SIM card 530 of the mobile communication device 3 (e.g. the ‘international mobile subscriber identity (IMSI)’ [as a third parameter, and via this communication the subscriber identity becomes known to both the terminal node and the first node]);” and ¶ [0123], “The SIM 530 comprises a USIM/UICC security module 532 for obtaining and storing the permanent key ‘K’ 534-1 which, in operation, is used for generating the other security parameters [such as a second static parameter] used for communication security.”)
	2 wherein the third parameter is a subscriber identity associated with the terminal node (Fig. 9, ¶ [0152], “At the start of the security procedure illustrated, a mobile communication device 3 wishing to initiate communication in the pico cell 5-1, 5-2 sends a non access stratum (NAS) message requesting attachment (e.g. an ‘NAS ATTACH REQUEST’ message) to the MME 112 (transparently via the macro base stations 5-1) at S910 including information identifying the SIM card 530 of the mobile communication device 3 (e.g. the ‘international mobile subscriber identity (IMSI)’ [as a third parameter);”);
	Regarding the combination of Liao and Sharma, it would have been obvious for one of ordinary skill in the art before the effective filing date of the claimed invention to have modified the security context system of Liao to have included the subscriber identity feature of Liao. One of ordinary skill in the art would have been motivated to incorporate the subscriber identity feature of because discusses a “group enrollment and security control procedure 1220,” see Liao Fig. 12 and ¶¶ [0213]-[0214], and Sharma discloses a “subscriber identity module” with an accompanying “international mobile subscriber identy” that can be “used for generating the other security parameters used for communication security” within the “group” of Liao.  See Sharma ¶ [0123].
Regarding Claim 2
Liao in view of Sharma (“Liao-Sharma”) discloses the method of claim 1, and Liao further discloses
wherein the first static parameter (Fig. 13, ¶ [0240]) and the second static parameter (¶¶ [0246]-[0248]) are cryptographic keys (Fig. 13, ¶¶ [00]-[00], i.e., KASME and kgNB grp are cryptographic keys).  
Regarding Claim 3
Liao-Sharma discloses the method of claim 2, and Liao further discloses 
wherein a cryptographic key derivation scheme is used by the terminal node and the first node to generate the first static parameter and the second static parameter (Figs. 13 and 15, at least ¶¶ [0245]-[0251], i.e., the keys KASME and kgNBgrp as the first and second static parameters are generate[d] through the extensive cryptographic key derivation scheme that is employed by at the terminal node as the IoT-UE and the first node as the “AMF” to develop a “group context”).  
Regarding Claim 4
Liao-Sharma discloses the method of claim 1, and Liao further discloses 
the first node is a subscriber identity associated with the terminal node or a cryptographic scheme ID (¶¶ [0223], [0246], i.e., idgrp that is known by the IoT-UE and AMF is an ID for the “group context” for managing keys and is thus a cryptographic scheme ID).  
Regarding Claim 5
Liao-Sharma discloses the method of claim 1, and Liao further discloses 
wherein the terminal node is a terminal accessing a network via a radio access network of the network (Figs. 12 and 15, ¶ [0250], “Then, the gNB 1202 sends a (R)AN [(radio) access network] IoT-UE group enrollment request message 1532 to the IoT-UE 1201 [as a terminal accessing RAN]), 
wherein the first node is an Access and Mobility Management Function (AMF) (Fig. 13, ¶ [0240], “…it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 [serving as a first node]),Page 2 of 8DOCKET NO.: 106693.300006/2017P00893WOPATENTApplication No.: 16/766,293 
Office Action Dated: September 28, 2021wherein the second node is at least one of a Session Management Function (SMF), User Plane Function (UPF), and a base station of the radio access network of the network (Figs. 13 and 28, ¶ [0248], “In an IoT-UE group context allocation and credentials generation process 1530, the gNB 1202 [as a second node and a base station]).  
Regarding Claim 6
Liao-Sharma discloses the method of claim 1, and Liao further discloses 
further comprising sending a message to the network (Fig. 15, ¶ [0242], “The process 1500 begins when the IoT-UE 1201 generates a random nonce N1 of bit length LN, and issues an IoT-UE group enrollment request 1510 [as a message to the network] to the AMF 1114”) wherein the message includes an indicator wherein the value of the indicator indicates if the message is encrypted based on the second security context (Fig. 12, ¶ [0240], “it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 is expressed by a shared symmetric key kASME, from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection,” i.e, the indicator comprises the two keys kNASint and kNASenc whose use through the specific value of the keys indicate[s] that the message 1510, which is an IoT-UE Group Enrollment Request, was not encrypted based on the second security context (i.e., kUEgrp), as kUEgrp cannot exist prior to enrollment into the group).
Regarding Claim 7
Liao-Sharma discloses the method of claim 6, and Liao further discloses
wherein the message is a non-Access Stratum control message (¶ [0240], “Fig. 12, ¶ [0240], “it is assumed that the trust relationship between the IoT-UE 1201 and its registered AMF 1114 is expressed by a shared symmetric key kASME, from which two keys are derived kNASint and kNASenc, respectively for control plane messages integrity and confidentiality protection.” i.e., a control plane message employing NAS keys is a non-Access Stratum (NAS) control message), 
wherein the message is transmitted piggybacked to a Radio Resource Control message (¶ [0258], “The IoT-UE group enrollment request 1510 [as the message] in FIG. 15 can be piggybacked into the message ‘1. Attach Request” in FIG. 16,’” where the message from the UE to the eNB comprises an RRC message in LTE/5G).  
Regarding Claim 8
Liao-Sharma discloses the method of claim 6, and Liao further discloses 
further comprising: selecting between the second security (¶ [0248], i.e., the security context based on kUEgrp) context based on an originating transmission protocol layer (Fig. 16, ¶ [0435], “In the embodiment shown, the non-access stratum (NAS) protocols 2406 form the highest stratum of the control plane between the UE 2101 and the MME 2121 [or the MME shown in Fig. 16].”) of payload of the instance of the message (¶ [0240], i.e. the message relying upon the first security context that uses kASME, and thus has its payload regulated by kNASint and kNASenc, is select[ed] upon this basis).  
Regarding Independent Claim 9
With respect to independent claim 9, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claim 9. Therefore, claim 9 is rejected, for similar reasons, under the grounds set forth for claim 1. 	
Regarding Claim 10
Liao-Sharma discloses the method of claim 9, and Liao further discloses
wherein the first node and the second node are part of the same trusted domain (¶ [0240], “”negotiating security parameters and capabilities with the AMF 1114 [as the first node], the IoT-UE 1201, and the gNB 1202 [as the second node]; a trust association [or domain] between any gNB and AMF (resp. eNB and MME in EPS) can be implemented, for example, via network domain security using IPSec, which allows secure (confidential and integrity protected) communication between the two;…”).  
Regarding Independent Claim 11
With respect to independent claim 11, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claim 11. Therefore, claim 11 is rejected, for similar reasons, under the grounds set forth for claim 1.
Regarding Independent Claim 13
With respect to independent claim 13, a corresponding reasoning as given earlier for independent claim 1 applies, mutatis mutandis, to the subject matter of claim 13. Therefore, claim 13 is rejected, for similar reasons, under the grounds set forth for claim 1.
Regarding Dependent Claim 15
With respect to dependent claim 15, a corresponding reasoning as given earlier for dependent claim 6 applies, mutatis mutandis, to the subject matter of claim 13. Therefore, claim 15 is rejected, for similar reasons, under the grounds set forth for claim 6.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to D'ARCY WINSTON STRAUB whose telephone number is (303)297-4405. The examiner can normally be reached Monday-Friday 9:00-5:00 Mountain Time.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, ASHOKKUMAR B PATEL can be reached on (571)272-3972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/D'Arcy Winston Straub/Examiner, Art Unit 2491