DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-2, 4-8, 10-14, 16-17, and 19-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by 3GPP TS 33.501 (Security architecture and procedures for 5G system, 2019-09-25, V15.6.0).

Regarding claim 1, 3GPP TS 33.501 teaches  A method for registration, wherein the method comprises: 
determining, by first access and mobility management function (AMF) according to a local policy, whether to perform horizontal derivation on a first key (6.9.3 the source AMF shall use local policy to determine whether to perform horizontal KAMF derivation); 
sending, by the first AMF to a second AMF, a first security context when the first AMF determines to not perform the horizontal derivation (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF. Note: the first AMF in the claim is interpreted as the source AMF in 3GPP and the second AMF in the claim is interpreted as the target AMF in 3GPP ) ;and 
protecting, by the second AMF, an authentication request message using the first security context (6.9.3 The target AMF shall reset the NAS COUNTs to zero and derive new NAS keys (KNASint and KNASenc) from the new KAMF using the selected NAS algorithm identifiers as input. The target AMF shall integrity protect the NAS Security Mode Command message with the new KNASint key.) and sending, by the second AMF to a user equipment (UE), authentication request information (6..9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC including replayed UE security capabilities, the selected NAS algorithms and the ngKSI for identifying the new KAMF from which the UE shall derive a new KAMF to establish a new NAS security context between the UE and target AMF) when the second AMF receives no indication information of the horizontal derivation (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF) and when the second AMF determines to perform the primary authentication (6.9.3 If the target AMF, according to its local policy, decides to not use the KAMF received from the source AMF, it can perform a re-authentication procedure to the UE to establish a new NAS security context).

Regarding claim 2, 3GPP TS 33.501 teaches The method of claim 1, further comprising generating, by the first AMF, the first security context after authentication by the first AMF and the UE (6.7.2 The NAS SMC shown in Figure 6.7.2-1 shall be used to establish NAS Security context between the UE and the AMF), wherein the first security context comprises the first key (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).


Regarding claim 4, 3GPP TS 33.501 teaches The method of claim 1, further comprising: 
sending, by the first AMF to the second AMF, the indication information when the first AMF determines to perform the horizontal derivation (6.9.3 If the source AMF determines to perform horizontal KAMF derivation, the source AMF shall derive a new key KAMF from the currently active KAMF . . . The source AMF shall transfer the new KAMF, the new ngKSI, the UE security capability, the  keyAmfHDerivationInd to the target AMF); and 
performing, by the second AMF, a non-access stratum security mode command (NAS SMC) when the second AMF receives the indication information (6.9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC including replayed UE security capabilities).

Regarding claim 5, 3GPP TS 33.501 teaches The method of claim 4, further comprising sending, by the first AMF to the second AMF, a second security context when the first AMF determines to perform the horizontal derivation on a second key (6.9.3 If the source AMF determines to perform horizontal KAMF derivation, the source AMF shall derive a new key KAMF from the currently active KAMF . . . The source AMF shall transfer the new KAMF, the new ngKSI, the UE security capability, the  keyAmfHDerivationInd to the target AMF. Note: the second key is interpreted as the currently active KAMF and the first key is interpreted as the new  KAMF), wherein the second security context is based on the first security context (6.9.3 the source AMF shall derive a new key KAMF from the currently active KAMF), and wherein performing the NAS SMC comprises performing, by the second AMF, the NAS SMC using the second security context (6.9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC).

Regarding claim 6, 3GPP TS 33.501 teaches The method of claim 5, wherein the second security context further comprises a third key based on the first key (6.9.3 The UE shall derive new NAS keys (KNASint and KNASenc) from the new KAMF. Note: the third key is interpreted as the new NAS keys)

Regarding claim 7, 3GPP TS 33.501 teaches A system for registration, wherein the system comprises: 
a first access and mobility management function (AMF) (6.9.3 the source AMF)configured to: 
determine, according to a local policy, whether to perform horizontal derivation on a first key (6.9.3 the source AMF shall use local policy to determine whether to perform horizontal KAMF derivation); and 
send, to a second AMF, a first security context when the first AMF determines not to perform the horizontal derivation (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF. Note: the first AMF in the claim is interpreted as the source AMF in 3GPP and the second AMF in the claim is interpreted as the target AMF in 3GPP); and 
the second AMF coupled to the first AMF and configured to: 
protect an authentication request message using the first security context (6.9.3 The target AMF shall reset the NAS COUNTs to zero and derive new NAS keys (KNASint and KNASenc) from the new KAMF using the selected NAS algorithm identifiers as input. The target AMF shall integrity protect the NAS Security Mode Command message with the new KNASint key) and send, to a user equipment (UE), authentication request information (6.9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC including replayed UE security capabilities, the selected NAS algorithms and the ngKSI for identifying the new KAMF from which the UE shall derive a new KAMF to establish a new NAS security context between the UE and target AMF) when the second AMF receives no indication information of the horizontal derivation (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF) and when the second AMF determines to perform the primary authentication (6.9.3 If the target AMF, according to its local policy, decides to not use the KAMF received from the source AMF, it can perform a re-authentication procedure to the UE to establish a new NAS security context).

Regarding claim 8, 3GPP TS 33.501 teaches The system of claim 7, wherein the first AMF is further configured to generate the first security context after authentication by the first AMF and the UE (6.7.2 The NAS SMC shown in Figure 6.7.2-1 shall be used to establish NAS Security context between the UE and the AMF), and wherein the first security context comprises the first key (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).

Regarding claim 10, 3GPP TS 33.501 teaches The system of claim 7, wherein the first AMF is further configured to send, to the second AMF, the indication information when the first AMF determines to perform the horizontal derivation (6.9.3 If the source AMF determines to perform horizontal KAMF derivation, the source AMF shall derive a new key KAMF from the currently active KAMF . . . The source AMF shall transfer the new KAMF, the new ngKSI, the UE security capability, the  keyAmfHDerivationInd to the target AMF) and wherein the second AMF is further configured to perform a non-access stratum security mode command (NAS SMC) when the second AMF receives the indication information  (6.9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC including replayed UE security capabilities).

Regarding claim 11, 3GPP TS 33.501 teaches The system of claim 10, wherein the first AMF is further configured to send, to the second AMF, a second security context when the first AMF determines to perform the horizontal derivation on a second key (6.9.3 If the source AMF determines to perform horizontal KAMF derivation, the source AMF shall derive a new key KAMF from the currently active KAMF . . . The source AMF shall transfer the new KAMF, the new ngKSI, the UE security capability, the  keyAmfHDerivationInd to the target AMF. Note: the second key is interpreted as the currently active KAMF and the first key is interpreted as the new  KAMF), wherein the second security context is based on the first security context (6.9.3 the source AMF shall derive a new key KAMF from the currently active KAMF), and wherein the second AMF is further configured to perform the NAS SMC using the second security context  (6.9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC)..

Regarding claim 12, 3GPP TS 33.501 teaches The system of claim 11, wherein the second security context further comprises a third key based on the first key (6.9.3 The UE shall derive new NAS keys (KNASint and KNASenc) from the new KAMF. Note: the third key is interpreted as the new NAS keys).

Regarding claim 13, 3GPP TS 33.501 teaches A method for registration, wherein the method comprises: 
receiving, by a first access and mobility management function (AMF) from a second AMF, a first security context (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF. Note: the first AMF in the claim is interpreted as the target AMF in 3GPP and the second AMF in the claim is interpreted as the source AMF in 3GPP); and 
determining, by the first AMF, whether to perform primary authentication (6.9.3 If the target AMF, according to its local policy, decides to not use the KAMF received from the source AMF, it can perform a re-authentication procedure to the UE to establish a new NAS security context); 
protecting, by the first AMF, an authentication request message using the first security context (6.9.3 The target AMF shall reset the NAS COUNTs to zero and derive new NAS keys (KNASint and KNASenc) from the new KAMF using the selected NAS algorithm identifiers as input. The target AMF shall integrity protect the NAS Security Mode Command message with the new KNASint key) and sending, to a user equipment (UE), authentication request information (6.9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC including replayed UE security capabilities, the selected NAS algorithms and the ngKSI for identifying the new KAMF from which the UE shall derive a new KAMF to establish a new NAS security context between the UE and target AMF) when the first AMF receives no indication information of the horizontal derivation performed on a first key (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF) and when the first AMF determines to perform the primary authentication (6.9.3 If the target AMF, according to its local policy, decides to not use the KAMF received from the source AMF, it can perform a re-authentication procedure to the UE to establish a new NAS security context).


Regarding claim 14, 3GPP TS 33.501 teaches The method of claim 13, further comprising generating, by the second AMF, the first security context after authentication by the second AMF and the UE, (6.7.2 The NAS SMC shown in Figure 6.7.2-1 shall be used to establish NAS Security context between the UE and the AMF), and wherein the first security context comprises the first key (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).

Regarding claim 16, 3GPP TS 33.501 teaches A first access and mobility management function (AMF) (6.9.3 the target AMF) comprising: 
a transceiver configured to receive, from a second AMF, a first security context (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF Note: the first AMF in the claim is interpreted as the target AMF in 3GPP and the second AMF in the claim is interpreted as the source AMF in 3GPP); and 
a processor coupled to the transceiver and configured to: 
determine to perform primary authentication (6.9.3 If the target AMF, according to its local policy, decides to not use the KAMF received from the source AMF, it can perform a re-authentication procedure to the UE to establish a new NAS security context); and 
protect an authentication request message using the first security context (6.9.3 The target AMF shall reset the NAS COUNTs to zero and derive new NAS keys (KNASint and KNASenc) from the new KAMF using the selected NAS algorithm identifiers as input. The target AMF shall integrity protect the NAS Security Mode Command message with the new KNASint key), and wherein the transceiver is further configured to send, to a user equipment (UE), authentication request information (6.9.3 If the target AMF decides to use the key KAMF received from source AMF (i.e., no re-authentication), it shall send the  K_AMF_change_flag set to 1 to the UE in the NAS SMC including replayed UE security capabilities, the selected NAS algorithms and the ngKSI for identifying the new KAMF from which the UE shall derive a new KAMF to establish a new NAS security context between the UE and target AMF) when the first AMF receives no indication information of the horizontal derivation performed on a first key (6.9.3 If the source AMF determines not to perform horizontal KAMF derivation, the source AMF shall transfer current security context to the target AMF) and when the first AMF determines to perform the primary authentication (6.9.3 If the target AMF, according to its local policy, decides to not use the KAMF received from the source AMF, it can perform a re-authentication procedure to the UE to establish a new NAS security context).

Regarding claim 17, 3GPP TS 33.501 teaches The first AMF of claim 16, wherein the first security context is based on authentication by the second AMF and the UE (6.7.2 The NAS SMC shown in Figure 6.7.2-1 shall be used to establish NAS Security context between the UE and the AMF), and wherein the first key is the first key in the first security context (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).

Regarding claim 19, 3GPP TS 33.501 teaches The method of claim 5, wherein the second key is an AMF key (KAMF) (6.9.3 the source AMF shall derive a new key KAMF from the currently active KAMF. Note: the second key is interpreted as the currently active KAMF).

Regarding claim 20, 3GPP TS 33.501 teaches The system of claim 11, wherein the second key is an AMF key (KAMF) (6.9.3 the source AMF shall derive a new key KAMF from the currently active KAMF. Note: the second key is interpreted as the currently active KAMF).

.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim(s) 3, 9, 15, and 18  are rejected under 35 U.S.C. 103 as being unpatentable over 3GPP in view of Ericsson (Discussion about the AMF re-allocation due to slicing, S3-192887, 3GPP TSG-SA WG3 Meeting #96, August, 2019 ).

Regarding claim 3, 3GPP TS 33.501 teaches The method of claim 1, 
wherein the first security context comprises the first key (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).
3GPP TS 33.501 does not explicitly teach 
wherein the first security context is from a third AMF.
In a similar endeavor, Ericsson teaches
wherein the first security context is from a third AMF (Ericsson 3.3.1 steps 8, 9, and 11. The Default AMF stores the received MM/UE context including the 5G security context received from the Initial AMF, and replies to Initial AMF. The Default AMF decides to redirect/re-allocate to the Target AMF. . . The Default AMF transfers the RR message and the UE/MM Context to the Target AMF).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified 3GPP TS 33.501 by incorporating Ericsson default AMF directing the context to the target AMF to arrive at the invention 
The motivation of doing so would have transferred the context from a source target to a target AMF when the target AMF cannot directly fetch the UE from the initial AMF.

Regarding claim 9, 3GPP TS 33.501 teaches The system of claim 7, wherein the first security context comprises the first key (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).
3GPP TS 33.501 does not explicitly teach 
wherein the first security context is from a third AMF.
In a similar endeavor, Ericsson teaches
wherein the first security context is from a third AMF (Ericsson 3.3.1 steps 8, 9, and 11. The Default AMF stores the received MM/UE context including the 5G security context received from the Initial AMF, and replies to Initial AMF. The Default AMF decides to redirect/re-allocate to the Target AMF. . . The Default AMF transfers the RR message and the UE/MM Context to the Target AMF).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified 3GPP TS 33.501 by incorporating Ericsson default AMF directing the context to the target AMF to arrive at the invention 
The motivation of doing so would have transferred the context from a source target to a target AMF when the target AMF cannot directly fetch the UE from the initial AMF.

Regarding claim 15, 3GPP TS 33.501 teaches The method of claim 14, wherein the first security context comprises the first key (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).
3GPP TS 33.501 does not explicitly teach 
wherein the first security context is from a third AMF.
In a similar endeavor, Ericsson teaches
wherein the first security context is from a third AMF (Ericsson 3.3.1 steps 8, 9, and 11. The Default AMF stores the received MM/UE context including the 5G security context received from the Initial AMF, and replies to Initial AMF. The Default AMF decides to redirect/re-allocate to the Target AMF. . . The Default AMF transfers the RR message and the UE/MM Context to the Target AMF).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified 3GPP TS 33.501 by incorporating Ericsson default AMF directing the context to the target AMF to arrive at the invention 
The motivation of doing so would have transferred the context from a source target to a target AMF when the target AMF cannot directly fetch the UE from the initial AMF.


Regarding claim 18, 3GPP TS 33.501 teaches The first AMF of claim 17, wherein the first security context comprises the first key (6.9.2.3.4 	The UE shall compute the horizontally derived KAMF using the KAMF from the current 5G NAS security context identified by the ngKSI included in the NASC).
3GPP TS 33.501 does not explicitly teach 
wherein the first security context is from a third AMF.
In a similar endeavor, Ericsson teaches
wherein the first security context is from a third AMF (Ericsson 3.3.1 steps 8, 9, and 11. The Default AMF stores the received MM/UE context including the 5G security context received from the Initial AMF, and replies to Initial AMF. The Default AMF decides to redirect/re-allocate to the Target AMF. . . The Default AMF transfers the RR message and the UE/MM Context to the Target AMF).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the examined application to have modified 3GPP TS 33.501 by incorporating Ericsson default AMF directing the context to the target AMF to arrive at the invention 
The motivation of doing so would have transferred the context from a source target to a target AMF when the target AMF cannot directly fetch the UE from the initial AMF.

.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAID M ELNOUBI whose telephone number is (571)272-9732. The examiner can normally be reached Monday-Friday 9:30AM to 6:00PM ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kathy Wang-Hurst can be reached on 571-270-5371. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/SAID M ELNOUBI/Examiner, Art Unit 2644