Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


Claim(s) 1-20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by EGNER et al. (US 10,194,320 A1), hereinafter EGNER.
Regarding claim 1, EGNER discloses an Internet gateway (the local service broker 204, see col. 11 lines 26-44), comprising: 
a receiver configured to receive, from a device, a request to provision an embedded subscriber identity module (eSIM) of the device (the client IHS 202 in an embodiment may operate the eSIM credential provisioning and verification system, or an agent or API for the system to request an ISMI and eSIM credentials from the local service broker 204 for later use accessing the network via MEC 208, see col. 11 lines 11-25); and 
a processor configured to: 
in response to receiving the request to provision the eSIM of the device, cause the eSIM of the device to be provisioned with a profile, provisioning the eSIM giving the device an ability to authenticate with a base station for communicating, via the base station, over a cellular communication protocol (the local service broker 204 may execute code instructions of the eSIM credential provisioning and authentication system to determine whether the client IHS 202 requesting an IMSI and eSIM credentials is trustworthy, see col. 11 lines 45-53); 
after causing the eSIM to be provisioned, determine whether at least one criterion is met, the at least one criterion being for retaining the ability of the device to authenticate with the base station or denying the device the ability to authenticate with the base station (the local service broker 204 in an embodiment may access the transaction history block chain associated with the client IHS 202, and determine, based on past payment history and past trust references associated with the client IHS 202 whether client IHS 202 may be trusted, see col. 11 lines 45-53); and 
in response to determining that the at least one criterion is met, output data indicating that the at least one criterion is met; and 
a transmitter configured to transmit the data indicating that the at least one criterion is met (If the local service broker 204 executing code instructions of the eSIM credential provisioning and authentication system in an embodiment determines client IHS 202 may be trusted, it may assign one of the pool of IMSIs available to the client IHS 202, generate one or more variables used to determine valid eSIM credentials, and determine the valid eSIM credentials from the one or more generated variables, as described in greater detail below, see col. 11 lines 54 to col. 12 line 6). 
Regarding claim 2, EGNER discloses the Internet gateway is configured to provide Internet coverage using over a local area network (LAN) communication protocol and the receiver is configured to receive the request over the LAN communication protocol (the local service broker 204 and the HIS communicate over LAN, see col. 14 lines 36-64).

Regarding claim 3, EGNER discloses the LAN communication protocol is an Institute of Electrical and Electronics Engineers (IEEE) 802.11 communication protocol (the local service broker 204 and the HIS communicate over IEEE 802.11 protoocl, see col. 14 lines 36-64).

Regarding claim 4, EGNER discloses the device is configured to access the Internet via the Internet gateway and over the LAN communication protocol when the device is within a proximity of the Internet gateway (MEC 208 in an embodiment may be connected to an internet backbone and cloud network for connection to internet resources or other cloud connected resources. For example, cloud connectivity may be via wired Ethernet connectivity to backhaul connection of the greater internet infrastructure, see col. 13 lines 26-53). 

Regarding claim 5, EGNER discloses the data indicating that the at least one criterion is met is addressed to a server, and wherein the server is configured to maintain a list of devices able to authenticate with the base station (as it assigns IMSIs in an embodiment, it may notify the authentication server 206 of these assignments to allow the authentication server 206 to maintain a valid identification of all information handling systems accessing the network 200, see col. 11 lines 26-44).

Regarding claim 6, EGNER discloses the server is configured to keep the device in the list of devices able to authenticate with the base station if the at least one criterion is for retaining the ability of the device to authenticate with the base station (the authentication server 206 in such embodiment may then compare the eSIM credentials and IMSI received from the client information handling system 202 with the eSIM credentials associated with that IMSI in storage at the authentication server 206. If the credentials match, the authentication server 206 in an embodiment may then grant the client information handling system 202 access to the enterprise network 200. Conversely, if the credentials do not match, the authentication server 206 may then deny the client information handling system 202 access to the enterprise network 200, see col. 12 line 38-65).

Regarding claim 7, EGNER discloses the server is configured to remove the device from the list of devices able to authenticate with the base station if the at least one criterion is for denying the device the ability to authenticate with the base station (If the credentials match, the authentication server 206 in embodiments of the present disclosure may grant the client information handling system 202 access to the roaming network. Conversely, if the credentials do not match, the authentication server 206 in embodiments of the present disclosure may deny the client information handling system 202 access to the roaming network, see col. 12 line 66 to col. 13 line 25).

Regarding claim 8, EGNER discloses the at least one criterion for retaining the ability of the device to authenticate with the base station is met when the device has communicated with the Internet gateway at least a minimum number of times in a preceding duration of time, or the at least one criterion for denying the device the ability to authenticate with the base station is met when the device has not communicated with the Internet gateway at least a minimum number of times in a preceding duration of time (the local service broker 204 in an embodiment may access the transaction history block chain associated with the client IHS 202, and determine, based on past payment history and past trust references associated with the client IHS 202 whether client IHS 202 may be trusted, see col. 11 lines 45-53).

Regarding claim 9, EGNER inherently discloses the at least one criterion for retaining the ability of the device to authenticate with the base station is met when the device has communicated with the Internet gateway at least a minimum number of times during specified hours of the day in a preceding duration of time, or the at least one criterion for denying the device the ability to authenticate with the base station is met when the device has not communicated with the Internet gateway at least a minimum number of times during specified hours of the day in a preceding duration of time (inherent feature: the eSIM credential provisioning and verification system may determine at block 522 that the client information handling system has not yet used the assigned IMSI the assigned limit of ten times to access wireless networks. If the local service broker determines the limited time period has not elapsed or the number of the times the client information handling system has used the chosen IMSI to gain access to the network has not exceeded the limited number of times assigned to the IMSI, the method may return to block 510, and the IMSI may continue to be assigned to the client information handling system, see col. 23 lines 4-24). 

Regarding claim 10, EGNER discloses a server (authentication server 206, see figure 2), comprising: memory configured to store a list of a plurality of devices able to authenticate with a base station, the list of the plurality of devices including a first device; 
a receiver configured to receive, from an Internet gateway, data indicating that at least one criterion for retaining the ability of the first device to authenticate with the base station or revoking the ability of the first device to authenticate with the base station is met (the client information handling system 202 may request access to the enterprise network 200 via the authentication server 206 operating at a wireless network access point including transceiving capabilities, see col. 12 lines 38-65); and a processor configured to: 
in response to receiving the data indicating that at least one criterion for retaining the ability of the first device to authenticate with the base station is met, retain an inclusion of the first device in the list of the plurality of devices (the authentication server 206 in such embodiment may then compare the eSIM credentials and IMSI received from the client information handling system 202 with the eSIM credentials associated with that IMSI in storage at the authentication server 206. If the credentials match, the authentication server 206 in an embodiment may then grant the client information handling system 202 access to the enterprise network 200. Conversely, if the credentials do not match, the authentication server 206 may then deny the client information handling system 202 access to the enterprise network 200, see col. 13 lines 38-65); and 
permit authentication of the first device by the base station; and 
in response to receiving the data indicating that at least one criterion for revoking the ability of the first device to authenticate with the base station is met, remove the first device from the list of the plurality of devices; and deny authentication of the first device by the base station (the local service broker may further transmit a message to the authentication server instructing it to disassociate the IMSI from the eSIM credentials SRES and KC within the authentication server storage. By disassociating the chosen IMSI from the SRES and KC determined by the client information handling system, the local service broker may bar the client information handling system or any other information handling system in possession of the association between the IMSI, SRES, and KC from using these credentials to access the network again. In such a way the eSIM credential provisioning and verification system in embodiments of the present disclosure may provide valid eSIM credentials to information handling systems not incorporating SIM cards, allowing these information handling systems to access networks requiring SIM identification credentials, without adding additional components to the information handling system, see col. 23 lines 25-49). 

Regarding claim 11, EGNER discloses wherein permitting authentication of the first device by the base station includes: receiving a request, from the base station, inquiring whether the first device is to be authenticated; in response to receiving the request, determining that the first device is included in the list of the plurality of devices; and sending a response to the base station indicating that the first device is to be authenticated by the base station (the client information handling system may request access to the enterprise network 200 including the local service broker 204 via the authentication server 206. In such an embodiment, the client information handling system 202 may request access to the enterprise network 200 via the authentication server 206 operating at a wireless network access point including transceiving capabilities, see col. 12 lines 38-65). 

Regarding claim 12, EGNER discloses wherein denying authentication of the first device by the base station includes: receiving a request, from the base station, inquiring whether the first device is to be authenticated; in response to receiving the request, determining that the first device is not included in the list of the plurality of devices; and sending a response to the base station indicating that the first device is not to be authenticated by the base station (if the credentials match, the authentication server 206 in embodiments of the present disclosure may transmit a verification notification to the MEC 208, which may then grant the client information handling system 202 access to the roaming network. Conversely, if the credentials do not match, the authentication server 206 in embodiments of the present disclosure may transmit a notification indicating the client information handling system 202 identity could not be identified to the MEC 208, which may then deny the client information handling system 202 access to the roaming network., see col. 14 lines 4-35). 

Regarding claim 13, EGNER discloses wherein the receiver is configured to receive, from the Internet gateway, a request to include the first device in the list, wherein the Internet gateway is configured to send the request in response to provisioning an embedded subscriber identity module (eSIM) of the first device due to a proximity of the first device to the Internet gateway (In order to access the enterprise network 200 in such an embodiment, the eSIM module operating within the client information handling system 202 may use the eSIM variables received from the local service broker 204 to calculate the eSIM credentials, and transmit those eSIM credentials and the IMSI it received from the local service broker 204 to the authentication server 206 of the enterprise network 200. The authentication server 206 in such embodiment may then compare the eSIM credentials and IMSI received from the client information handling system 202 with the eSIM credentials associated with that IMSI in storage at the authentication server 206. If the credentials match, the authentication server 206 in an embodiment may then grant the client information handling system 202 access to the enterprise network 200. Conversely, if the credentials do not match, the authentication server 206 may then deny the client information handling system 202 access to the enterprise network 200, see col. 12 lines 38-65). 

Regarding claim 14, EGNER discloses a method, comprising: 
receiving, by an Internet gateway from a device, a request to provision an embedded subscriber identity module (eSIM) of the device; 
in response to receiving the request to provision the eSIM of the device, causing the eSIM of the device to be provisioned with a profile, provisioning the eSIM giving the device an ability to authenticate with a base station for communicating, via the base station, over a cellular communication protocol (the local service broker 204 may execute code instructions of the eSIM credential provisioning and authentication system to determine whether the client IHS 202 requesting an IMSI and eSIM credentials is trustworthy, see col. 11 lines 45-53); 
after causing the eSIM to be provisioned, determining whether at least one criterion is met, the at least one criterion being for retaining the ability of the device to authenticate with the base station or denying the device the ability to authenticate with the base station (the local service broker 204 in an embodiment may access the transaction history block chain associated with the client IHS 202, and determine, based on past payment history and past trust references associated with the client IHS 202 whether client IHS 202 may be trusted, see col. 11 lines 45-53); and 
in response to determining that the at least one criterion is met, sending data, to a server, indicating that the at least one criterion is met (If the local service broker 204 executing code instructions of the eSIM credential provisioning and authentication system in an embodiment determines client IHS 202 may be trusted, it may assign one of the pool of IMSIs available to the client IHS 202, generate one or more variables used to determine valid eSIM credentials, and determine the valid eSIM credentials from the one or more generated variables, as described in greater detail below, see col. 11 lines 54 to col. 12 line 6).

Regarding claim 15, EGNER discloses the Internet gateway is configured to provide Internet coverage using over a local area network (LAN) communication protocol and the receiver is configured to receive the request over the LAN communication protocol (the local service broker 204 and the HIS communicate over LAN, see col. 14 lines 36-64).

Regarding claim 16, EGNER discloses the LAN communication protocol is an Institute of Electrical and Electronics Engineers (IEEE) 802.11 communication protocol (the local service broker 204 and the HIS communicate over IEEE 802.11 protoocl, see col. 14 lines 36-64).

Regarding claim 17, EGNER discloses maintaining, by the server, a list of devices able to authenticate with the base station (as it assigns IMSIs in an embodiment, it may notify the authentication server 206 of these assignments to allow the authentication server 206 to maintain a valid identification of all information handling systems accessing the network 200, see col. 11 lines 26-44).

Regarding claim 18, EGNER discloses the server is configured to keep the device in the list of devices able to authenticate with the base station if the at least one criterion is for retaining the ability of the device to authenticate with the base station (The authentication server 206 in such embodiment may then compare the eSIM credentials and IMSI received from the client information handling system 202 with the eSIM credentials associated with that IMSI in storage at the authentication server 206. If the credentials match, the authentication server 206 in an embodiment may then grant the client information handling system 202 access to the enterprise network 200. Conversely, if the credentials do not match, the authentication server 206 may then deny the client information handling system 202 access to the enterprise network 200, see col. 12 line 38-65).

Regarding claim 19, EGNER the server is configured to remove the device from the list of devices able to authenticate with the base station if the at least one criterion is for denying the device the ability to authenticate with the base station (If the credentials match, the authentication server 206 in embodiments of the present disclosure may grant the client information handling system 202 access to the roaming network. Conversely, if the credentials do not match, the authentication server 206 in embodiments of the present disclosure may deny the client information handling system 202 access to the roaming network, see col. 12 line 66 to col. 13 line 25).

Regarding claim 20, EGNER discloses the at least one criterion for retaining the ability of the device to authenticate with the base station is met when the device has communicated with the Internet gateway at least a minimum number of times in a preceding duration of time, or the at least one criterion for denying the device the ability to authenticate with the base station is met when the device has not communicated with the Internet gateway at least a minimum number of times in a preceding duration of time (the local service broker 204 in an embodiment may access the transaction history block chain associated with the client IHS 202, and determine, based on past payment history and past trust references associated with the client IHS 202 whether client IHS 202 may be trusted, see col. 11 lines 45-53).

Regarding claim 21, EGNER inherently discloses the at least one criterion for retaining the ability of the device to authenticate with the base station is met when the device has communicated with the Internet gateway at least a minimum number of times during specified hours of the day in a preceding duration of time, or the at least one criterion for denying the device the ability to authenticate with the base station is met when the device has not communicated with the Internet gateway at least a minimum number of times during specified hours of the day in a preceding duration of time (inherent feature: the eSIM credential provisioning and verification system may determine at block 522 that the client information handling system has not yet used the assigned IMSI the assigned limit of ten times to access wireless networks. If the local service broker determines the limited time period has not elapsed or the number of the times the client information handling system has used the chosen IMSI to gain access to the network has not exceeded the limited number of times assigned to the IMSI, the method may return to block 510, and the IMSI may continue to be assigned to the client information handling system, see col. 23 lines 4-24). 

Conclusion
	Any response to this action should be mailed to:
The following address mail to be delivered by the United States Postal Service (USPS) only:	
	
		Mail Stop _____________
Commissioner for Patents	
		P. O. Box 1450
	Alexandria, VA 22313-1450

		or faxed to:
		(571) 273-8300, (for formal communications intended for entry)
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to Bob A. Phunkulh whose telephone number is (571) 272-3083.  The examiner can normally be reached on Monday-Thursday from 8:00 A.M. to 5:00 P.M. (first week of the bi-week) and Monday-Friday (for second week of the bi-week).
	If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor CHARLES C. JIANG can be reach on (571) 270-7191. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).
/BOB A PHUNKULH/Primary Examiner, Art Unit 2412