DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 06/21/2022.
In the instant Amendment, claims 5, 8 and 19 have been amended; and claims 1, 9 and 16 are independent claims.  Claims 1-20 have been examined and are pending.  This Action is made FINAL.

Response to Arguments
Applicants’ arguments in the instant Amendment, filed on 06/21/2022, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant’s argument: “the Examiner has failed to establish a prima facie case of obviousness.”
The Examiner disagrees with the Applicants. The Examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art.  See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007).  In this case, Yang teaches Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys and Nagarajamoorthy teaches a method for generating and encrypting the digital certificate using the public key in the CSR to join the wireless network. Yang and Nagarajamoorthy are both from the same analogous art and therefore they are combinable. One of the ordinary skill in the art before the effective filing date of the claimed invention would been motivated to combine the two references to drive at applicant invention.  Therefore as the metes and bounds of the limitation of been met as noted above; the examiner finds this argument not persuasive.
Applicant’s arguments: “Applicant respectfully submits the combination of Yang with Nagarajamoorthy fails to teach or suggest "sending, based on the update to the network credentials, one or more messages comprising updated network credentials, wherein the updated network credentials are encrypted using the public key" as recited by claims 1, 9 and 16.” 
The Examiner disagrees with the Applicants. The Examiner respectfully submits that Yang discloses sending, based on the update to the network credentials, one or more messages comprising updated network credentials (Yang: ¶0060 as the network public key PKnw used by the UE 102 for encryption of the SUCI is no longer valid, the cellular wireless network entity can provide an update to the UE 102). More specifically, Yang discloses techniques for protecting subscriber identity in messages communicated over an unauthenticated connection between a wireless device, e.g., a user equipment (UE), and wireless network entities by encrypting a subscription permanent identifier (SUPI) to form a subscription concealed identifier (SUCI) [a subscription id (i.e. a network credential)] using a one-time ephemeral asymmetric key [] Asymmetric key pairs can be one-time use and/or be updated over time [0031], if authentication with a wireless network entity fails and the UE has a separate secure connection to a trusted cellular wireless network entity, such as to a trusted server through a Wi-Fi connection, the UE can obtain an updated network public key and generate a new SUCI to use for authentication [0033] and the UE sends UL messages that include different one-time SUCIs, corresponding one-time ephemeral UE public keys, and a network public key identifier. When the network public key is updated, e.g., by an over the air (OTA) update over a secure connection between the UE and a cellular wireless network server and/or by a downlink (DL) message sent to the UE by a network entity, e.g., by the cellular wireless network entity or by a third-party server providing carrier bundle updates, previously generated unused one-time SUCIs are discarded and additional new one-time SUCIs generated based on newly derived encryption keys based on the updated network public key and additional one-time ephemeral UE secret keys [0036]. However, Nagarajamoorthy discloses wherein the updated network credentials are encrypted using the public key (Nagarajamoorthy: ¶0061 the digital certificate can be a network credential [] the gateway's authentication server can extract the client device's public key from the CSR, and use the client device's public key to encrypt the new digital certificate). More specifically, Nagarajamoorthy discloses at step 718, the gateway 104 can send the encrypted digital certificate to the trusted authenticator 202 in an enrollment response message. In some embodiments the enrollment response message can be an SCEP (Simple Certificate Enrollment Protocol) message. In other embodiments the enrollment response message can be any other type of message that includes the encrypted digital certificate [0062].  Therefore as the metes and bounds of the limitation of been met as noted above; the examiner finds this argument not persuasive.

Applicant’s argument: “The combination of Yang with Nagarajamoorthy is not properly supported.”
The Examiner disagrees with the Applicants. In response to applicant's argument that the combination of Yang with Nagarajamoorthy is not properly supported, it has been held that a prior art reference must either be in the field of applicant’s endeavor or, if not, then be reasonably pertinent to the particular problem with which the applicant was concerned, in order to be relied upon as a basis for rejection of the claimed invention.  See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992).  In this case, Yang teaches Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys and Nagarajamoorthy teaches a method for generating and encrypting the digital certificate using the public key in the CSR to join the wireless network. Yang and Nagarajamoorthy are both from the same analogous art and therefore they are combinable. Therefore as the metes and bounds of the limitation of been met as noted above; the examiner finds this argument not persuasive.
The Examiner respectfully suggests that the claims be further amended and details in the specification be incorporated to distinguish the claimed invention over prior art of record.  Should the Applicant desire an interview to further clarify the claim interpretation/rejections, please contact the Examiner at (571) 270 7857 to schedule an interview.   
A substantially similar rejection to the previous non-final rejection follows below.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person.


Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over YANG et al. (“Yang,” US 2021/0092603) in view of Nagarajamoorthy et al. (“Nagarajamoorthy,” US 2018/0167812).

Regarding claim 1: Yang discloses a method comprising:
receiving, by a first computing device, from a second computing device:
a first request, to communicate via a network, that comprises network credentials associated with the network, and a public key associated with the second computing device (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)] along with an associated ephemeral UE public key ePKue);
determining an update to the network credentials (Yang: ¶0059 at 560, the cellular wireless network entity 516 can determine that the network public key identifier PKnw ID is not valid, as the more recently generated network key pair {PKnw', SKnw'} can supersede use of the previously generated network key pair {PKnw, SKnw});
sending, based on the update to the network credentials, one or more messages comprising updated network credentials (Yang: ¶0060 as the network public key PKnw used by the UE 102 for encryption of the SUCI is no longer valid, the cellular wireless network entity can provide an update to the UE 102);
receiving, from the second computing device, a second request, to communicate via the network, that comprises the updated network credentials (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message that includes the updated SUCI'); and
allowing, based on the second request, the second computing device to communicate via the network (Yang: ¶0060 at 1034, the UE 102 receives from the cellular wireless network entity 516 an authentication success indication. At 1036, the UE 102 establishes a secure connection with the cellular wireless network entity).
Yang does not explicitly disclose wherein the updated network credentials are encrypted using the public key.
However, Nagarajamoorthy discloses wherein the updated network credentials are encrypted using the public key (Nagarajamoorthy: ¶0061 the digital certificate can be a network credential [] the gateway's authentication server can extract the client device's public key from the CSR, and use the client device's public key to encrypt the new digital certificate).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagarajamoorthy with the system/method of Yang to include wherein the updated network credentials are encrypted using the public key. One would have been motivated to granting network access to the client device when the trusted authenticator approves the potential new connection (Nagarajamoorthy: ¶0008).

Regarding claim 2: Yang in view of Nagarajamoorthy discloses the method of claim 1.
Yang further discloses wherein the public key comprises a time to live ("TTL") element, and wherein sending the one or more messages comprising the updated network credentials is based on: determining that the TTL element of the public key is unexpired (Yang: ¶0079 at a time indicated by 902, a first network public key K1 is established for use over a time period indicated as the K1 lifetime [] as indicated in FIG. 9, the K1 and K2 lifetimes span an overlapping time period 912, where both the first key K1 and the second key K2 can be validly used before the first key K1 expires at time 906).

Regarding claim 3: Yang in view of Nagarajamoorthy discloses the method of claim 1.
Yang further discloses wherein sending the one or more messages comprising the updated network credentials comprises at least one of: sending, until a time to live ("TTL") element associated with the public key expires, the one or more messages comprising the updated network credentials; or
sending, until the second request to communicate via the network is received, the one or more messages comprising the updated network credentials (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message that includes the updated SUCI').

Regarding claim 4: Yang in view of Nagarajamoorthy discloses the method of claim 1.
Yang further discloses wherein the one or more messages comprise at least one of a network message, a broadcast frame, an Internet Protocol packet, or a beacon frame (Yang: ¶0056 at 524, the cellular wireless network entity 516 sends a downlink (DL) message to the UE 102).

Regarding claim 5: Yang in view of Nagarajamoorthy discloses the method of claim 1.
Yang further discloses wherein determining the update to the network credentials is based on at least one of:
receiving, from a user device, an instruction associated with the network;
receiving, from an administrative device, the instruction associated with the network; or
determining, based on a network rule, the update to the network credentials (Yang: ¶0077 at 802, the UE 102 initiates a network attach procedure with a cellular wireless network entity 516, which may be not trusted by the UE 102 until authentication is successful).

Regarding claim 6: Yang in view of Nagarajamoorthy discloses the method of claim 1.
Yang further discloses receiving, from the second computing device via the network, at least one communication (Yang: ¶0029 fig. 5B step 518; ¶0055 at 518, the UE 102 communicates an UL message to the cellular wireless network entity 516).

Regarding claim 7: Yang in view of Nagarajamoorthy discloses the method of claim 1.
Yang further discloses receiving, by the second computing device, the one or more messages (Yang: ¶0056 at 524, the cellular wireless network entity 516 sends a downlink (DL) message to the UE 102); and
sending, by the second computing device to the first computing device, the second request to communicate via the network (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message).
Nagarajamoorthy further discloses decrypting, by the second computing device, the updated network credentials using a private key associated with the public key (Nagarajamoorthy: ¶0064 at step 722, the new client device 102 can decrypt the encrypted digital certificate [i.e., network credential] using its private key generated during step 708).
The motivation is the same that of claim 1 above.
 
Regarding claim 8: Yang in view of Nagarajamoorthy discloses the method of claim 1.
Yang further discloses wherein the one or more messages comprise a plurality of messages, and wherein each message of the plurality of messages: is associated with one computing device of a plurality of computing devices (Yang: ¶0036 the UE sends UL messages that include different one-time SUCIs, corresponding one-time ephemeral UE public keys).
Nagarajamoorthy further discloses comprises the updated network credentials encrypted using a public key corresponding to the one computing device (Nagarajamoorthy: ¶0061 the digital certificate can be a network credential [] the gateway's authentication server can extract the client device's public key from the CSR, and use the client device's public key to encrypt the new digital certificate).
The motivation is the same that of claim 1 above.

Regarding claim 9: Yang discloses a method comprising:
determining by a second computing device:
a public key, and a private key associated with the public key (Yang: ¶0048 the UE 102 generates ephemeral key pairs, which include an ephemeral UE public key [] and an ephemeral UE private key);
sending to a first computing device:
the public key, and a first request, to communicate via a network, that comprises network credentials associated with the network (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)] along with an associated ephemeral UE public key ePKue);3626141.0347U1
receiving, from the first computing device, one or more messages comprising updated network credentials (Yang: ¶0060 as the network public key PKnw used by the UE 102 for encryption of the SUCI is no longer valid, the cellular wireless network entity can provide an update to the UE 102); and
sending, to the first computing device, a second request, to communicate via the network, that comprises the updated network credentials (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message that includes the updated SUCI').
Yang does not explicitly disclose wherein the updated network credentials are encrypted using the public key and decrypting the updated network credentials using the private key.
However, Nagarajamoorthy discloses wherein the updated network credentials are encrypted using the public key (Nagarajamoorthy: ¶0061 the digital certificate can be a network credential [] the gateway's authentication server can extract the client device's public key from the CSR, and use the client device's public key to encrypt the new digital certificate); and
decrypting the updated network credentials using the private key (Nagarajamoorthy: ¶0064 at step 722, the new client device 102 can decrypt the encrypted digital certificate [i.e., network credential] using its private key generated during step 708).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagarajamoorthy with the system/method of Yang to include the updated network credentials are encrypted using the public key and decrypting the updated network credentials using the private key.
One would have been motivated to granting network access to Yang client device when the trusted authenticator approves the potential new connection (Nagarajamoorthy: ¶0008).

Regarding claim 10: Yang in view of Nagarajamoorthy discloses the method of claim 9.
Yang further discloses wherein the first computing device comprises at least one of a gateway, a router, a network hub, a repeater, a bridge, or an access point, and wherein the second computing device comprises at least one of a user device, a tablet, a laptop, a desktop, a mobile device, a set-top box, a sensor, a camera, an appliance, or a smart device (Yang: ¶0029 client wireless communication devices, interconnected to an access point (AP); ¶0028 consumer electronic devices may relate to: a cellular phone or a smart phone, a tablet computer, a laptop computer, a notebook computer, a personal computer).

Regarding claim 11: Claim 11 is similar in scope to claim 2, and is therefore rejected under similar rationale.

Regarding claim 12: Claim 12 is similar in scope to claim 4, and is therefore rejected under similar rationale.

Regarding claim 13: Claim 13 is similar in scope to claim 3, and is therefore rejected under similar rationale.

Regarding claim 14: Claim 14 is similar in scope to claim 6, and is therefore rejected under similar rationale.

Regarding claim 15: Yang in view of Nagarajamoorthy discloses the method of claim 9.
Yang further discloses receiving, by the first computing device, from the second computing device: the first request to communicate via the network, and3726141.0347U1 the public key (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)] along with an associated ephemeral UE public key ePKue and the identifier PKnw ID for the network public key PKnw);
sending, by the first computing device, the one or more messages (Yang: ¶0056 at 524, the cellular wireless network entity 516 sends a downlink (DL) message to the UE 102); and
receiving, by the first computing device from the second computing device, the second request to communicate via the network (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message).

Regarding claim 16: Yang discloses a system comprising:
a first computing device configured to:
receive, from a second computing device, a first request, to communicate via a network, that comprises network credentials associated with the network (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)]); 
receive a public key associated with the second computing device (Yang: ¶0059 where the UL message includes [] an associated ephemeral UE public key);
determine an update to the network credentials (Yang: ¶0059 at 560, the cellular wireless network entity 516 can determine that the network public key identifier PKnw ID is not valid, as the more recently generated network key pair {PKnw', SKnw'} can supersede use of the previously generated network key pair {PKnw, SKnw});
send, based on the update to the network credentials, one or more messages comprising updated network credentials (Yang: ¶0060 as the network public key PKnw used by the UE 102 for encryption of the SUCI is no longer valid, the cellular wireless network entity can provide an update to the UE 102);
receive a second request, to communicate via the network, that comprises the updated network credentials (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message that includes the updated SUCI'); and
allow, based on the second request, the second computing device to communicate via the network (Yang: ¶0060 at 1034, the UE 102 receives from the cellular wireless network entity 516 an authentication success indication. At 1036, the UE 102 establishes a secure connection with the cellular wireless network entity); and
the second computing device configured to: after the second request, communicate via the network (Yang: ¶0060 at 1036, the UE 102 establishes a secure connection with the cellular wireless network entity).
Yang does not explicitly disclose wherein the updated network credentials are encrypted using the public key.
However, Nagarajamoorthy discloses wherein the updated network credentials are encrypted using the public key (Nagarajamoorthy: ¶0061 the digital certificate can be a network credential [] the gateway's authentication server can extract the client device's public key from the CSR, and use the client device's public key to encrypt the new digital certificate).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagarajamoorthy with the system/method of Yang to include wherein the updated network credentials are encrypted using the public key. One would have been motivated to granting network access to the client device when the trusted authenticator approves the potential new connection (Nagarajamoorthy: ¶0008).

Regarding claim 17: Claim 17 is similar in scope to claim 2, and is therefore rejected under similar rationale.

Regarding claims 18-20: Claims 18-20 are similar in scope to claims 4-6, and are therefore rejected under similar rationale.


Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439                                                                                                                                                                                                        


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439