DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to application 17/101,071 filed on 11/23/2020.
Claims 1-20 have been examined and are pending in this application.
The examiner notes the IDSs filed on 11/23/2020, 5/18/2021, 9/9/2021, 11/10/2021, 2/11/2022 and 8/5/2022.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 1-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Claims 1, 10 and 15 recite the concept of performing an authentication process, more specifically:

Regarding Claim 1, and similarly Claim 10 and Claim 15;
A method comprising: 
determining, by on connection of the UE to an access network that is different than the SNPN for the enterprise; and 
performing an authentication process with the UE 
The examiner respectfully notes that the limitations not struck out above, determining... that a user equipment (UE)... is to receive credentials to enable...[connection] and performing an authentication process.... includes providing credentials.... via a first... message and obtaining confirmation.... via a second... message. That is, other than reciting an authentication server and further generalized terms of enterprise, UE, network, etc. nothing in the claim element precludes the step from practically being performed in the mind. For example, but for such elements, the context of this claim encompasses the user manually determining a user equipment is able to receive connections to enable a connection and then providing manually the credentials and further manually receiving a confirmation. If a claim limitation, under its broadest reasonable interpretation, covers performance of the limitation in the mind but for the recitation of generic computer components, then it falls within the “Mental Processes” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. 
This judicial exception is not integrated into a practical application. In particular, the claim only recites additional elements of an authentication server and further generalized terms of enterprise, UE, network to perform the aforementioned steps. The elements in such steps area at a high-level of generality (i.e., as generic networking environment in which data is exchanged between client (i.e., UE) and server) such that it amounts no more than mere instructions to apply the exception using a generic computer component. Accordingly, this additional element does not integrate the abstract idea into a practical application because it does not impose any meaningful limits on practicing the abstract idea. The claim is directed to an abstract idea. 
The claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional elements of an authentication server and further generalized terms of enterprise, UE, network to perform the aforementioned steps amounts to no more than mere instructions to apply the exception using a generic computer component. Mere instructions to apply an exception using a generic computer component cannot provide an inventive concept.  Further, see MPEP 2106.05(d)(ii) for evidence regarding well-understood, routine, and conventional activity (i.e., Receiving or transmitting data over a network, e.g., using the Internet to gather data, Performing repetitive calculations, and Storing and retrieving information in memory). The claim is not patent eligible.
	
Regarding Claims 2-9, 11-14 and 16-20, Claims 2-9, 11-14 and 16-20 recite limitations that further define the same abstract idea noted in Claim 1 and/or Claim 10 and/or Claim 15.  Therefore, they are considered patent ineligible for reasons given above. 






Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claim(s) 1-4, 6, 9-11, 13 and 15-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kedalagudde et al.  (US 2021/0058785 A1) as evidenced by provisional application 62/,933,063 in view of Nakijiri (US 2009/0031138 A1).

Regarding Claim 1;
Kedalagudde discloses a method comprising: 
determining, by an authentication server of an enterprise, that a user equipment (UE) for the enterprise is to receive credentials to enable the UE to connect to a standalone non-public network (SNPN) of the enterprise, wherein the determining is performed based, at least in part, on connection of the UE to an access network that is different than the SNPN for the enterprise (as evidenced by Provisional Application 62,933,063,  pp 2-3 (bridging paragraph) – SNPN and HN are considered separate networks and p. 3 - An Onboarding Server (OS) that is maintained by the device manufacturer (or an entity affiliated with the manufacturer) for provisioning the UE with network credentials. 1) The Onboarding Server plays the role of a verifier e.g., it validates the authenticity of the UE based on the manufacturer credentials assigned to the UE during the manufacturing process which is out of scope of SA2. 2) If step 1 is completed successfully, the Onboarding Server configures the device/UE in cooperation with the future home network of the UE with credentials that will allow the UE to register with an NPN while being authenticated by the home network (HN)); and 
performing an authentication process with the UE by the authentication server, wherein the authentication process includes providing the credentials to the UE via a first authentication message (as evidenced by Provisional Application 62,933,063, p. 2 - p. 3 - An Onboarding Server (OS) that is maintained by the device manufacturer (or an entity affiliated with the manufacturer) for provisioning the UE with network credentials. 1) The Onboarding Server plays the role of a verifier e.g., it validates the authenticity of the UE based on the manufacturer credentials assigned to the UE during the manufacturing process which is out of scope of SA2. 2) If step 1 is completed successfully, the Onboarding Server configures the device/UE in cooperation with the future home network of the UE with credentials that will allow the UE to register with an NPN while being authenticated by the home network (HN)).
Kedalagudde fails to explicitly disclose obtaining confirmation from the UE via a second authentication message that indicates successful provisioning of the credentials for the UE.
However, in an analogous art, Nakhjiri teaches [performing an authentication process with the UE by the authentication server, wherein the authentication process includes providing the credentials to the UE via a first authentication message] and obtaining confirmation from the UE via a second authentication message that indicates successful provisioning of the credentials for the UE (Nakhjiri, [0037] - The network server device 101 is also adapted to transmit a result indication message to the network peer device 103. In an embodiment, the result indication message including additional information for security and reliability. Additionally, the network sever device 101 is also configured to receive an acknowledgement message (ACK) from the network peer device. The acknowledgement message is configured to include additional information for security, such as a Message Authentication Code (MAC). The network sever device 101 then confirms that the peer device 103 has received the result indication message. The network device can proceed with authentication of the network peer device 103 and [0047]).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Nakhjiri to the authentication process of Kedalagudde to include obtaining confirmation from the UE via a second authentication message that indicates successful provisioning of the credentials for the UE.
One would have been motivated to combine the teachings of Nakhjiri to Kedalagudde to do so as it provides / allows add[ing] reliability and security protection to indication of the result of authentication... the reliability is achieved through adding an acknowledgement procedure to the result indication (Nakhjiri, [0033]-[0034]).
Regarding Claim 2;
Kedalagudde and Nakhjiri disclose the method to Claim 1.
Kedalagudde further discloses wherein the access network is one of: a wireless wide area access network or a wireless local area access network not operated by the enterprise; or a wireless local area access network of the enterprise (as evidenced by Provisional Application 62,933,063,  p. 2 -5G System and pp 2-3 (bridging paragraph) – SNPN and HN are considered separate networks and p. 4 - Figure XQ illustrates an example architecture of a system XQ00 of a network, in accordance with various embodiments. The following description is provided for an example system XQOO that operates in conjunction with the LTE system standards and 5G or NR system standards as provided by 3GPP technical specifications. However, the example embodiments are not limited in this regard and the described embodiments may apply to other networks that benefit from the principles described herein, such as future 3GPP systems (e.g., Sixth Generation (6G)) systems, IEEE 802.16 protocols (e.g., WMAN, WiMAX, etc.), or the like.).

Regarding Claim 3;
Kedalagudde and Nakhjiri disclose the method to Claim 1.
Kedalagudde further discloses wherein the SNPN of the enterprise is one or more of: a 3rd Generation Partnership Project (3GPP) Fourth Generation (4G) access network of the enterprise; a 3rd Generation Partnership Project (3GPP) Fifth Generation (5G) access network of the enterprise; a 3rd Generation Partnership Project (3GPP) next Generation (nG) access network of the enterprise; and a Citizens Broadband Radio Service (CBRS) access network of the enterprise (as evidenced by Provisional Application 62,933,063, p. 2 -5G System and p. 4, last ¶ Figure XQ illustrates an example architecture of a system XQ00 of a network, in accordance with various embodiments. The following description is provided for an example system XQOO that operates in conjunction with the LTE system standards and 5G or NR system standards as provided by 3GPP technical specifications. However, the example embodiments are not limited in this regard and the described embodiments may apply to other networks that benefit from the principles described herein, such as future 3GPP systems (e.g., Sixth Generation (6G)) systems, IEEE 802.16 protocols (e.g., WMAN, WiMAX, etc.), or the like.).

Regarding Claim 4;
Kedalagudde and Nakhjiri disclose the method to Claim 1.
Kedalagudde further discloses wherein the first authentication message is an Extensible Authentication Protocol (EAP) Request message communicated to the UE that includes the credentials provided via a signed credentials object, a credential type ..., and an operation type ... (as evidenced by Provisional Application 62,933,063, p. 55, last ¶- one or more network credentials for establishing a connection to a home network (HN). p. 56, first 2 ¶ - Example 16 may include the method of example 15 or some other example herein, wherein the one or more network credentials include Subscription Permanent Identifier (SUPI) (i.e., signed credential object) and associated key for Authentication and Key Agreement (AKA) (i.e., credential) and other 3GPP-related credentials (i.e., operation)... Example 17 may include the method of example 15 or some other example herein, wherein the one or more network credentials include example user identifier in NAI format and associated digital certificate (i.e., signed credential object, and/or other non-3GPP-related credentials.).
	However, Nakhjiri further teaches security and reliability indicators... (Abstract – Flag).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Nakhjiri to the types of Kedalagudde to include “indicators”...
One would have been motivated to combine the teachings of Nakhjiri to Kedalagudde to do so as it provides / allows add[ing] reliability and security protection to indication of the result of authentication... the reliability is achieved through adding an acknowledgement procedure to the result indication (Nakhjiri, [0033]-[0034]).

Regarding Claim 6;
Kedalagudde and Nakhjiri disclose the method to Claim 1.
Nakhjiri further teaches wherein the second authentication message is an Extensible Authentication Protocol (EAP) Response message obtained from the UE that includes an indication of successful provisioning of the credentials and a signed key identifying the credentials (Nakhjiri, Abstract and [0014] and [0045] – MAC (i.e., signed key identifying the credentials).

Regarding Claim 9;
Kedalagudde and Nakhjiri disclose the method to Claim 1.
Kedalagudde further teaches wherein the determining by the authentication server that the UE is to receive the credentials is based on one or more of: a device identifier for the UE; a Roaming Consortium Organizational Identifier (RCOI) associated with the access network to which the UE is connected; and a public wireless wide area access network identifier associated with the access network to which the UE is connected (as evidenced by Provisional Application 62,933,063, p. 3, ¶2, 1) ...UE based on the manufacturer credentials assigned to the UE during the manufacturing process).

Regarding Claim(s) 10, 11, 13, claim(s) 10, 11, and 13 is/are directed to a/an media associated with the method claimed in claim(s) 1, 4, and 6 Claim(s) 10, 11, and 13 is/are similar in scope to claim(s) 1, 4, and 6 and is/are therefore rejected under similar rationale.

Regarding Claim(s) 15-19, claim(s) 15-19 is/are directed to a/an server associated with the method claimed in claim(s) 1-4 and 6 Claim(s) 15-19 is/are similar in scope to claim(s) 1-4 and 6 and is/are therefore rejected under similar rationale.


Claim(s) 5 and 12 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kedalagudde et al. (US 2021/0058785 A1) as evidenced by provisional application 62/,933,063 in view of Nakijiri (US 2009/0031138 A1) and further in view of Palanigounder et al. (US 2021/0099869 A1) as evidenced by provisional application, 62/907,494.

Regarding Claim 5;
Kedalagudde and Nakhjiri disclose the method to Claim 4.
Kedalagudde further discloses a credential type (as evidenced by Provisional Application 62,933,063, p. 55, last ¶- one or more network credentials for establishing a connection to a home network (HN). p. 56, first 2 ¶ - Example 16 may include the method of example 15 or some other example herein, wherein the one or more network credentials include Subscription Permanent Identifier (SUPI) (i.e., signed credential object) and associated key for Authentication and Key Agreement (AKA) (i.e., credential) and other 3GPP-related credentials (i.e., operation)... Example 17 may include the method of example 15 or some other example herein, wherein the one or more network credentials include example user identifier in NAI format and associated digital certificate (i.e., signed credential object, and/or other non-3GPP-related credentials.).
	Nakijiri teaches an indicator indicates (Abstract – Flag).
Kedalagudde and Nakhjiri wherein the credential type [is] one of: an electronic Subscriber Identity Module (eSIM) profile for the UE; or non-Subscriber Identity Module (non-SIM) credentials for the UE.
However, in an analogous art, Palanigounder teaches wherein the credential type [is] one of: an electronic Subscriber Identity Module (eSIM) profile for the UE; or non-Subscriber Identity Module (non-SIM) credentials for the UE (Palanigounder, as evidenced by Provisional Application 92/907,494 – [0029] – SIM card may be used both to connect, register, and access services of the NPN).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Palanigounder to the credential type of Kedalagudde and Nakhjiri to include wherein the credential type [is] one of: an electronic Subscriber Identity Module (eSIM) profile for the UE; or non-Subscriber Identity Module (non-SIM) credentials for the UE.
One would have been motivated to combine the teachings of Palanigounder to Kedalagudde and Nakhjiri to do so as it provides / allows to provide a common protocol that enables different wireless devise to communication to a municipal, national, a regional and even global level (Palanigounder, as evidenced by Provisional Application 92/907,494 – [0003])

Regarding Claim(s) 12, claim(s) 12 is/are directed to a/an media associated with the method claimed in claim(s) 5. Claim(s) 12 is/are similar in scope to claim(s) 5 and is/are therefore rejected under similar rationale.

Claim(s) 7, 14 and 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kedalagudde et al. (US 2021/0058785 A1) as evidenced by provisional application 62/,933,063 in view of Nakijiri (US 2009/0031138 A1) and further in view of Rajadurai et al. (US 2016/0029213 A1).

Regarding Claim 7;
Kedalagudde and Nakhjiri disclose the method to Claim 6.
Kedalagudde and Nakhjiri fail to disclose further comprising: providing an indication to the UE to delete or disable the credentials via a third authentication message that includes the signed key identifying the credentials.
However, in an analogous art, Rajadurai teaches comprising: providing an indication to the UE to delete or disable the credentials via a third authentication message that includes the signed key identifying the credentials (Rajadurai, [0173]-[0177] – SCG Release... indicating the release of SeNB... UE deletes the security key...).
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Rajadurai to the authentication process of Kedalagudde and Nakhjiri to include comprising: providing an indication to the UE to delete or disable the credentials via a third authentication message that includes the signed key identifying the credentials
One would have been motivated to combine the teachings of Rajadurai to Kedalagudde and Nakhjiri to do so as it provides / allows ensure re-use of the security keys derived at the ... without repetition (Rajadurai, [0178]).

Regarding Claim(s) 14, claim(s) 14 is/are directed to a/an media associated with the method claimed in claim(s) 7. Claim(s) 14 is/are similar in scope to claim(s) 7 and is/are therefore rejected under similar rationale.

Regarding Claim(s) 20, claim(s) 20 is/are directed to a/an server associated with the method claimed in claim(s) 7. Claim(s) 20 is/are similar in scope to claim(s) 7 and is/are therefore rejected under similar rationale.








Claim(s) 8 is/are rejected under 35 U.S.C. 103 as being unpatentable over Kedalagudde et al. (US 2021/0058785 A1) as evidenced by provisional application 62/,933,063 in view of Nakhjiri (US 2009/0031138 A1) and further in view of Shavell et al. (US 10/206,110 B1).

Regarding Claim 8;
Kedalagudde and Nakhjiri disclose the method to Claim 1.
Kedalagudde and Nakhjiri fail to disclose further comprising generating the credentials to enable the UE to connect to the SNPN of the enterprise based on one or more of: a location of the UE; and a service set identifier (SSID) associated with a wireless local area access network determined based on a location of the UE.
 However, in an analogous art, Shavell teaches further comprising generating the credentials to enable the UE to connect to the SNPN of the enterprise based on one or more of: a location of the UE; and a service set identifier (SSID) associated with a wireless local area access network determined based on a location of the UE (Shavell, col. 1, lines 59-67 - According to at least one embodiment, an apparatus for wireless network security is described. The apparatus may include a processor, memory in electronic communication with the processor, and instructions stored in the memory. The instructions may be operable to cause the processor to identify a network-access boundary associated with a network for a location, generate a credential for the network based at least in part on the identified network-access boundary, receive a request from a UE to access the network associated with the location, and transmit the credential associated with the network based at least in part on the network-access boundary.)
Therefore, it would have been obvious to one of ordinarily skill in the art before the effective filing date of the claimed invention to combine the teachings of Shavell to the authentication process of Kedalagudde and Nakhjiri to include comprising generating the credentials to enable the UE to connect to the SNPN of the enterprise based on one or more of: a location of the UE; and a service set identifier (SSID) associated with a wireless local area access network determined based on a location of the UE.
One would have been motivated to combine the teachings of Shavell to Kedalagudde and Nakhjiri to do so as it provides / allows improved... techniques for network security (Shavell, col. 1, lines 55-58).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See PTO-892 attached.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to KARI L SCHMIDT whose telephone number is (571)270-1385. The examiner can normally be reached Monday-Friday 10am - 6pm (MDT).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on (571)270-5002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KARI L SCHMIDT/Primary Examiner, Art Unit 2439