Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Specification 
The specification filed on December 11, 2020 is accepted.
The title of the invention is not descriptive.  A new title is required that is clearly indicative of the invention to which the claims are directed. The following title is suggested: A SYSTEM AND A METHOD FOR SECURING AND DISTRIBUTING KEYS IN A 3GPP SYSTEM. 

Drawings
The drawings filed on December 11, 2020 are accepted.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 11/17/2021 and 12/21/2021 was filed after the mailing date of the application 17/119914 on 12/11/2020.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.
Claim Objections
Claims 1 and 11 objected to because of the following informalities: 
Claim 1 and 11 recites “…and at least one function” the claim also recites “an authentication function and a key-management function” it seems like “at least one function” refers to an additional function apart from the “authentication function” and “a key-management function”. The examiner suggest to make appropriate correction. For example, the limitation should read as “an authenticating function, a key-management function, and at least one additional function”.  Appropriate correction is required.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-10 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. 
The claims do not fall within at least one of the four categories of patent eligible subject matter because the claims do not include at least one hardware element in the bodies as required by MPEP 2106(I). Claim 1 recites “an authentication function”, “a key-management function” and “at least one function” however, since the specification does not disclose the above cited functions to be only hardware  (see para [0036-0037]] of instant application) discloses “the Distributed Trust Third Party server (e.g., AAA management) 102 may be referred to as an authenticating function, the Trust Third Party server (e.g., Masterkey-Center) 104 may be referred to as a key-management function”. Note that a server can be software program that provides service or functionality for other programs according to Wikipedia. See https://en.wikipedia.org/wiki/Server_(computing).
 Dependent claims 2-10 are also rejected under 35 USC 101, because they do not cure the deficiencies of independent claims 1.

                                               Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-4, 6, 9-14, 16 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Adrangi et al (hereinafter Adrangi) (US 20210058785) in view of KIM et al (hereinafter Kim) (US 20180144347).

Regarding claim 1 Adrangi teaches a system comprising (Adrangi on [0020] teaches an activation system);
an authenticating function, a key-management function, and at least one function (Adrangi Fig 3 and text on [0029] teaches phone UICC (i.e. equivalent to at least one function), HSS module (i.e. equivalent to authentication function), and certificate repository (i.e. key management function)); 
the authenticating function configured for: receiving, from the at least one function, an authentication request associated with a terminal device (TD) (Adrangi Fig 3 and associated text on [0029] teaches the read URL is sent 304 (i.e. request associated with IoT device) from the user's phone UICC (i.e. at least one function) to the MME. This transmission can be achieved in various ways. In one example, a Non-Access Stratum (NAS) message including “Service Request” or “NAS Uplink Container” can carry the URL to the MME. Functionality in the MME identifies the read URL and forwards 306 it to the HSS (i.e. HSS equivalent to authentication function receives request from phone via MME). This can be done using the existing Sha interface. For example, an Authentication Information Request message can be used);
authenticating the authentication request associated with the TD (Adrangi Fig 3 and associated text on [0029] teaches the HSS obtains 308 the device certificate from 310 the specified certificate URL. The HSS verifies 312 (e.g., is it valid, has it been revoked?) the chained certificate using its root of trust key (i.e. authenticating request based on verifying certificate associated with request));
and sending, to the at least one function, an authenticating response (Adrangi Fig 3 and associated text on [0032] teaches the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand (i.e. encrypted key as response). This can be done using 316 the existing Sha interface between the HSS and the MME and the NAS Downlink transport messages between the MME and the user);
the at least one function configured for: receiving a request for service (Adrangi on [0029] teaches the user launches the service provider application on his or her phone. The user is instructed to tap his or her phone on the IoT device to read 302 a URL pointer to the device certification and perhaps other information pertaining to device);
 sending, to the authenticating function, the authentication request (Adrangi Fig 3 and associated text on [0029] teaches the read URL is sent 304 (i.e. request associated with IoT device) from the user's phone UICC (i.e. at least one function) to the MME, the MME identifies the read URL and forwards 306 it to the HSS (i.e. HSS equivalent to authentication function receives request from phone via MME)); 
and receiving, from the authenticating function, the authenticating response (Adrangi Fig 3 and associated text on [0032] teaches the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand (i.e. at least one unction receives encrypted key as response)).
	Although Adrangi teaches key is generated and encrypted by HSS (i.e. authentication function) and the certificate repository (i.e. key management function) receives certificate request from HSS, but fails to explicitly teach the key management function for receiving the request and generating key in response to the request, however Kim from analogous art teaches the key-management function configured for: receiving a key request associated with the TD (Kim Fig 8 and associated text on [0054-0055] teaches account issuing system 400 (i.e. key management function) receives account request (i.e. key generation request because in response to the account request a master key is generated) from data provisioning system 200 (i.e. authentication function in instant case), the account request corresponds to security component 120 of device 100);
generating a key according to the key request (Kim Fig 8 and text on [0055-0058] teaches the account issuing system 400 may generate master key in response to account request and transmits the generated master key to the data processing system 500 (i.e. at least one function in instant case) via data provisioning system 200 (i.e. authentication function in instant case));
and sending the key to the at least one function (Kim Fig 8 and text on [0055-0058] teaches the account issuing system 400 may generate master key in response to account request and transmits the generated master key to the data processing system 500 (i.e. at least one function in instant case) via data provisioning system 200 (i.e. authentication function in instant case)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Kim into the teaching of Adrangi by having a key management function different from authentication function for generating key. One would be motivated to do so in order to protect security data from inappropriate access from outside for provisioning the security data by having a separate entity for provisioning the secure data and generating a key used by a different entity for authenticating the data (Kim on [0003]).

Regarding claim 11 Adrangi teaches A method comprising: (Adrangi on [0014] teaches an activation system and method);
receiving, by at least one function, a request for service (Adrangi on [0029] teaches the user launches the service provider application on his or her phone (i.e. at least one function). The user is instructed to tap his or her phone on the IoT device to read 302 a URL pointer to the device certification and perhaps other information pertaining to device); 
sending, by the at least one function to an authenticating function, an authentication request (Adrangi Fig 3 and associated text on [0029] teaches the read URL is sent 304 (i.e. request associated with IoT device) from the user's phone UICC (i.e. at least one function) to the MME, the MME identifies the read URL and forwards 306 it to the HSS (i.e. HSS equivalent to authentication function receives request from phone via MME));
 receiving, by the authenticating function from the at least one function, the authentication request associated with a terminal device (TD) (Adrangi Fig 3 and associated text on [0029] teaches the read URL is sent 304 (i.e. request associated with IoT device) from the user's phone UICC (i.e. at least one function) to the MME. This transmission can be achieved in various ways. In one example, a Non-Access Stratum (NAS) message including “Service Request” or “NAS Uplink Container” can carry the URL to the MME. Functionality in the MME identifies the read URL and forwards 306 it to the HSS (i.e. HSS equivalent to authentication function receives request from phone via MME). This can be done using the existing Sha interface. For example, an Authentication Information Request message can be used);
 authenticating, by the authenticating function, the authentication request associated with the TD (Adrangi Fig 3 and associated text on [0029] teaches the HSS obtains 308 the device certificate from 310 the specified certificate URL. The HSS verifies 312 (e.g., is it valid, has it been revoked?) the chained certificate using its root of trust key (i.e. authenticating request based on verifying certificate associated with request));
 sending, by the authenticating function to the at least one function, an authenticating response (Adrangi Fig 3 and associated text on [0032] teaches the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand (i.e. encrypted key as response). This can be done using 316 the existing Sha interface between the HSS and the MME and the NAS Downlink transport messages between the MME and the user);
 receiving, by the at least one function from the authenticating function, the authenticating response (Adrangi Fig 3 and associated text on [0032] teaches the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand (i.e. at least one unction receives encrypted key as response)).
Although Adrangi teaches key is generated and encrypted by HSS (i.e. authentication function) and the certificate repository (i.e. key management function) receives certificate request from HSS, but fails to explicitly teach the key management function for receiving the request and generating key in response to the request, however Kim from analogous art teaches receiving, by a key-management function, a key request associated with the TD (Kim Fig 8 and associated text on [0054-0055] teaches account issuing system 400 (i.e. key management function) receives account request (i.e. key generation request because in response to the account request a master key is generated) from data provisioning system 200 (i.e. authentication function in instant case), the account request corresponds to security component 120 of device 100);
generating, by the key-management function, a key according to the key request (Kim Fig 8 and text on [0055-0058] teaches the account issuing system 400 may generate master key in response to account request and transmits the generated master key to the data processing system 500 (i.e. at least one function in instant case) via data provisioning system 200 (i.e. authentication function in instant case));
and sending, by the key-management function, the key to the at least one function (Kim Fig 8 and text on [0055-0058] teaches the account issuing system 400 may generate master key in response to account request and transmits the generated master key to the data processing system 500 (i.e. at least one function in instant case) via data provisioning system 200 (i.e. authentication function in instant case)).

 Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Kim into the teaching of Adrangi by having a key management function different from authentication function for generating key. One would be motivated to do so in order to protect security data from inappropriate access from outside for provisioning the security data by having a separate entity for provisioning the secure data and generating a key used by a different entity for authenticating the data (Kim on [0003]).

Regarding claim 2 and 12 the combination of Adrangi and Kim teaches all the limitations of claim 1 and 11 respectively, Adrangi further teaches wherein: the authenticating function is further configured for: encrypting the key for said each particular function of the at least one function to obtain an encrypted key using a public key from the particular function that the key is requested for (Adrangi on [0032] teaches the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand); 
43wherein the authenticating response from the authenticating function to said each particular function of the at least one function includes the encrypted key (Adrangi on [0032] teaches the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand).

Although Adrangi teaches master key associated with random number but fails to explicitly teach wherein the key generated by the key-management function includes a master key and one or more corresponding seeds and the key-management function is configured to send the key to the at least one function via the authenticating function, sending, to the key-management function, the key request, the key request requesting for the key for each particular function of at the least one function, receiving, from the key-management function, a key response comprising the key, however Kim from analogous art teaches 
wherein the key generated by the key-management function includes a master key and one or more corresponding seeds and the key-management function is configured to send the key to the at least one function via the authenticating function (Kim Fig 8 and text on [0055-0058] teaches the account issuing system 400 may generate master key in response to account request and transmits the generated master key to the data processing system 500 (i.e. at least one function in instant case) via data provisioning system 200 (i.e. authentication function in instant case). See also on [0036] teaches master key including Seed value for encrypting security data);
wherein: the authenticating function is further configured for sending, to the key-management function, the key request, the key request requesting for the key for each particular function of at the least one function (Kim Fig 8 and associated text on [0054-0055] teaches account issuing system 400 (i.e. key management function) receives account request (i.e. key generation request because in response to the account request a master key is generated) from data provisioning system 200 (i.e. authentication function in instant case sending key generation request to the account issuing system to generate key for data processing system 500 which is equivalent to particular function of at least one function));
receiving, from the key-management function, a key response comprising the key (Kim Fig 8 and text on [0055-0058] teaches the account issuing system 400 may generate master key in response to account request and transmits the generated master key to the data processing system 500 (i.e. at least one function in instant case) via data provisioning system 200 (i.e. authentication function in instant case)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Kim into the teaching of Adrangi by having a key management function different from authentication function for generating a master key and corresponding seed. One would be motivated to do so in order to protect security data from inappropriate access from outside for provisioning the security data by having a separate entity for provisioning the secure data and generating a key used by a different entity for authenticating the data (Kim on [0003]).

Regarding claim 3 and 13 the combination of Adrangi and Kim teaches all the limitations of claim 2 and 12 respectively, Adrangi further teaches wherein: the authenticating function is further configured for: encrypting the key for said each particular function of the at least one function using a TD's public key to obtain a second encrypted key; and sending, to the TD, the second encrypted key (Adrangi on [0031-0032] teaches the HSS can also derive another key K″ that can be used to establish security context between the IoT device and the user's phone. This can be used when the phone securely communicates with the IoT device. K″ is derived using a key derivation function with K′ and Rand as parameters represented by K″=KDF(K′, Rand). the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand).
Regarding claim 4 and 14 the combination of Adrangi and Kim teaches all the limitations of claim 3 and 13 respectively, Adrangi further teaches wherein the authenticating function is further configured for sending, to the TD via one of the at least one function, the second encrypted key (Adrangi on [0031-0033] teaches the HSS can also derive another key K″ that can be used to establish security context between the IoT device and the user's phone. This can be used when the phone securely communicates with the IoT device. K″ is derived using a key derivation function with K′ and Rand as parameters represented by K″=KDF(K′, Rand). the HSS encrypts K′ with the device's public key provided by the service provider and sends 318 it to the phone along with key K″ and Rand. Further teaches the user taps the phone with the device to send 320 the encrypted K′ key and Rand to the device (i.e. sending via Phone UICC as a at least one function). The device decrypts K′ and uses its key deriving function (KDF) with K′ and Rand to generate K″).
Regarding claim 6 and 16 the combination of Adrangi and Kim teaches all the limitations of claim 1 and 11 respectively, Adrangi further teaches wherein the TD belongs to at least one TD group (Adrangi Fig 1 and text on [0021-0022] the IoT device belongs to a group of devices including UE 102, eNAb 104, certificate repository 122 HSS server 120 etc.);
and the at least one function is further configured for: sending, to the key-management function, the key request requesting for the key, wherein the key is a group key for each TD group that the TD belongs to, and the key request comprises a group identifier of the each TD group, a server identifier of at least one server providing the service to the TD and trusted by the at least one function, and a public key of the at least one server (Adrangi Fig 4 and text on [0034] teaches sending an add device request (i.e. key request because based the request application layer security key is exchanged) to the service provider, wherein the request comprises IP address (i.e. group ID), device certificate URL using root of trust key (i.e. public key in instant case), device ID and service provider ID (i.e. identifier of service provider server) to exchange application layer security key).
Regarding claim 9 and 19 the combination of Adrangi and Kim teaches all the limitations of claim 1 and 11 respectively, Adrangi further teaches wherein the request for service is received by the at least one function from the TD, and indicates one or more of: in which aspect security is to be guaranteed, wherein the aspect includes one or more of a slice, a service and an infrastructure, a TD identifier (ID), a TD temporary ID, and a group identifier of one or more TD group that the TD belongs to (Adrangi on [0028-0029] teaches the user launches the service provider application on his or her phone. The user is instructed to tap his or her phone on the IoT device to read 302 a URL pointer to the device certification and perhaps other information pertaining to device, wherein device information can include device model, serial number, manufacturer ID, etc. Device security information can include a public/private pair of keys installed at manufacturing time and a URL to a web site containing the certificate chain for this device).
Regarding claim 10 and 20 the combination of Adrangi and Kim teaches all the limitations of claim 1 and 11 respectively, Adrangi further teaches wherein the at least one function comprises one or more of: an infrastructure function configured to provide physical resources for communications associated with the TD within a network, a slice function configured to provide one or more slices for one or more services, and a service function configured to provide services to one or more terminal devices (Adrangi on [0028-0029] teaches the user launches the service provider application on his or her phone. The user is instructed to tap his or her phone on the IoT device to read 302 a URL pointer to the device certification and perhaps other information pertaining to device, the read URL is sent 304 from the user's phone to the MME (i.e. providing service to the IoT device of reading URL for a IoT device to be added), wherein device information can include device model, serial number, manufacturer ID, etc. Device security information can include a public/private pair of keys installed at manufacturing time and a URL to a web site containing the certificate chain for this device).

Claims 5 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Adrangi et al (hereinafter Adrangi) (US 20210058785) in view of KIM et al (hereinafter Kim) (US 20180144347) and further in view of Lee et al (hereinafter Lee) (US 20200145818).

Regarding claim 5 and 15 the combination of Adrangi and Kim teaches all the limitations of claim 3 and 13 respectively, Adrangi further teaches wherein the at least one function is further configured for: decrypting the encrypted key to obtain the master key and the one or more corresponding seeds (Adrangi on [0031-0033] teaches the user taps the phone with the device to send 320 the encrypted K′ key and Rand to the device. The device decrypts K′ and uses its key deriving function (KDF) with K′ and Rand to generate K″). 
The combination of Adrangi and Kim fails to explicitly teach generating a root key based on the master key, the one or more corresponding seeds, an identifier of a particular function corresponding to the master key and the one or more corresponding seeds, and a TD temporary ID and sending, to at least one control plane function, the root key for a generation of a session- specific key, however Lee from analogous art teaches generating a root key based on the master key, the one or more corresponding seeds, an identifier of a particular function corresponding to the master key and the one or more corresponding seeds, and a TD temporary ID (Lee on [0035, 0080 and 0095] teaches the security key may be based in part on a key derivation parameter and a master key known by the AMF 205 and by the base station 105-a. The key derivation parameter may include a random number (i.e. seed), an identifier (i.e. function identifier) and a temporary identifier (e.g., a global unique temporary identifier),)
 and sending, to at least one control plane function, the root key for a generation of a session- specific key (Lee on [0087 and 0153] teaches transmit the security key to the base station and generate a second security key using a first security key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Lee into the combined teaching of Adrangi and Kim by generating a root key based on master key, identifier and seed and then transmitting the root key for generation of session key.  One would be motivated to do so in order to establish secure communication between UE and other network devices based on the root key generated using the identifier of the network device (Lee on [0003-0004]).

Claims 7 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Adrangi et al (hereinafter Adrangi) (US 20210058785) in view of KIM et al (hereinafter Kim) (US 20180144347) in view of Suh et al (hereinafter Suh) (US 20120263298) and further in view of Li et al (hereinafter Li) (US 20190320320).

Regarding claim 7 and 17 the combination of Adrangi and Kim teaches all the limitations of claim 6 and 16 respectively, the combination fails to explicitly teach wherein the key-management function is further configured for: encrypting the key using a public key of the key-management function to obtain an encrypted key; and sending, together with the encrypted key to the at least one function, the first parameter and the group identifier of the each TD group, however Suh from analogous art teaches wherein the key-management function is further configured for: encrypting the key using a public key of the key-management function to obtain an encrypted key; and sending, together with the encrypted key to the at least one function, the first parameter and the group identifier of the each TD group (Suh on [0052 and 0060] teaches , the AKC 191 transmits, to the MME 114, MID (group ID) PLMN ID, Km (i.e. security key as parameter in view [0072]) and an encrypted key index (i.e., Kvi{Ki}) (i.e. encrypted key) which is information obtained by encrypting Ki (i.e. key) with Kvi (i.e. public key) which is a shared key between the AKC 191 and the UE 110. Thereafter, in step 327, the MME 114 transmits the MID, Km and Kvi{Ki} to the HSS 121.).
Although the combination of Adrangi, Kim and Suh teach generating parameter using public key (i.e. Suh on [0060]), but fails to explicitly teach generating a first parameter according to a private key of the key-management function, however Li from analogous art teaches generating a first parameter according to a private key of the key-management function (Li on [0143 and 0151] teaches SSF entity generates a token by using a private key of the SSF entity).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of LI into the combined teaching of Adrangi, Kim and Lee by generating parameter value according to private key of the key management function.  One would be motivated to do so in order to perform successfully authentication of message transmitted between entities based on the token value generated by private key by validating the token and granting access to a key requested by the entity (Li on [0028-0031]).

Allowable Subject Matter
Claims 8 and 18 objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Gamishev (US 20200344603) is directed towards a method for determining a key for securing communication between a user apparatus and an application server. An authentication server of a mobile communication network and the user apparatus generate a secret master key during an authentication procedure. The user apparatus sends the authentication server a request for a key to communicate with the application server and receives a random variable and calculate the requested key by using a key derivation function applied to at least the random variable, a user identifier and an application server identifier using the master key.
Cheng et al (US 10461940) is directed towards Methods and Systems transforms transaction signing request inputs via SFTSP components into transaction signing response outputs. A transaction signing request message for a transaction may be received at a first HSM. An encrypted master private key associated with the transaction may be obtained from a second HSM. A private key decryption key associated with the first HSM may be retrieved from the first HSM's tamper-proof storage.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522. The examiner can normally be reached 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOEEN KHAN/               Examiner, Art Unit 2436