Notice of Pre-AIA  or AIA  Status

The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is responsive to amendments filed on 7/14/2022.  Claims 1, 4, 11, 14 and 20 have been amended.  Claims 2 and 12 has been cancelled.  Claims 1, 3-11, and 13-20 are allowed.


Information Disclosure Statement

The information disclosure statement (IDS) was submitted on 7/15/2022 and 5/5/2022.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.


Examiners Amendments

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Gregory A. Hunt Registration # 41,085 on 8/12/2022.


Please amend claim 11 to recite as follow:
11. (Currently Amended) A system for mitigating a 5G roaming attack, the system comprising:
a security edge protection proxy (SEPP) including at least one processor and a memory;
an SEPP security database implemented in the memory;
an SEPP roaming security controller implemented by the at least one processor for receiving user equipment (UE) registration messages for outbound roaming subscribers[[,]]; 
creating, in the SEPP security database, UE roaming registration records derived from UE registration messages[[,]]; 
receiving a packet data unit (PDU) session establishment request message[[,]]; 
performing, using at least one parameter value extracted from the PDU session establishment request message, a lookup in the SEPP security database for a UE roaming registration record[[,]]; 
determining, by the SEPP and based on results of the lookup, whether to allow or reject the PDU session establishment request message[[,]]; and 
wherein the SEPP roaming security controller is configured to receive Nudm_UECM_Registration messages from access and mobility management functions (AMFs) and session management functions (SMFs) serving the outbound roaming subscribers.

Please amend claim 14 to recite as follow:
14. (Currently Amended) A system for mitigating a 5G roaming attack, the system comprising: 
a security edge protection proxy (SEPP) including at least one processor and a memory;
an SEPP security database implemented in the memory;
an SEPP roaming security controller implemented by the at least one processor for receiving user equipment (UE) registration messages for outbound roaming subscribers[[,]]; 
creating, in the SEPP security database, UE roaming registration records derived from UE registration messages[[,]]; 
receiving a packet data unit (PDU) session establishment request message[[,]]; 
performing, using at least one parameter value extracted from the PDU session establishment request message, a lookup in the SEPP security database for a UE roaming registration record[[,]]; 
determining, by the SEPP and based on results of the lookup, whether to allow or reject the PDU session establishment request message[[,]];
wherein the SEPP roaming security controller is configured to create the records in the SEPP security database where each includes a subscription permanent identifier (SUPI) or subscription concealed identifier (SUCI), serving public land mobile network (PLMN) ID, and access type[[,]]; and  
wherein the PDU session establishment request message includes a SUPI or SUCI,  a PLMN ID, and an access type.



REASON FOR ALLOWANCE


The following is an examiner's statement of reasons for allowance: 
The prior art of record fails to teach neither singly nor in combination, the claimed limitations of: 

“receiving, at an SEPP, user equipment (UE) registration messages for outbound roaming subscribers, wherein receiving the UE registration messages for the outbound roaming includes receiving Nudm_UECM_Registration messages from access and mobility management functions (AMFs) and session management functions (SMFs) serving the outbound roaming subscribers;
creating, in a SEPP security database, UE roaming registration records derived from UE registration messages;
receiving, at the SEPP, a packet data unit (PDU) session establishment request message;
performing, using at least one parameter value extracted from the PDU session establishment request message, a lookup in the SEPP security database for a UE roaming registration record;" as stated in claims 1 and 20.

And

“creating, in a SEPP security database, UE roaming registration records derived from UE registration messages, wherein creating records in the SEPP security database includes creating records that each include a subscription permanent identifier (SUPI) or subscription concealed identifier (SUCI), serving public land mobile network (PLMN) ID, and access type;
receiving, at the SEPP, a packet data unit (PDU) session establishment request message, wherein receiving a PDU session establishment request message includes receiving a PDU session establishment request message including a SUPI or SUCI, a PLMN ID, and an access type;
performing, using at least one parameter value extracted from the PDU session establishment request message, a lookup in the SEPP security database for a UE roaming registration record;" as stated in claim 4.

And

“creating, in the SEPP security database, UE roaming registration records derived from UE registration messages;
receiving a packet data unit (PDU) session establishment request message;
performing, using at least one parameter value extracted from the PDU session establishment request message, a lookup in the SEPP security database for a UE roaming registration record;
determining, by the SEPP and based on results of the lookup, whether to allow or reject the PDU session establishment request message; and 
wherein the SEPP roaming security controller is configured to receive Nudm_UECM_Registration messages from access and mobility management functions (AMFs) and session management functions (SMFs) serving the outbound roaming subscribers." as stated in claim 11.

And

“creating, in the SEPP security database, UE roaming registration records derived from UE registration messages;
receiving a packet data unit (PDU) session establishment request message;
performing, using at least one parameter value extracted from the PDU session establishment request message, a lookup in the SEPP security database for a UE roaming registration record; 
determining, by the SEPP and based on results of the lookup, whether to allow or reject the PDU session establishment request message;
wherein the SEPP roaming security controller is configured to create the records in the SEPP security database where each includes a subscription permanent identifier (SUPI) or subscription concealed identifier (SUCI), serving public land mobile network (PLMN) ID, and access type; and  
wherein the PDU session establishment request message includes a SUPI or SUCI,  a PLMN ID, and an access type.“ as stated in claim 14.

These limitations, in conjunction with other limitations in the independent claims, are not specifically disclosed or remotely suggested in the prior art of record. A review of claims 1, 3-11, and 13-20 are allowable over the prior art of record. 

The prior art made of record and not relied upon is considered pertinent to applicant’s disclosure.

Kazmierski et al. Pub. No.: (US 2022/0021586 A1).  The subject matter disclosed therein is pertinent to that of claims 1, 3-11, and 13-20 (e.g., Multi-edge EtherChannel (MEEC) creation and management).
Salyers et al. Pat. No.: (US 9,681,360 B1).  The subject matter disclosed therein is pertinent to that of claims 1, 3-11, and 13-20 (e.g., Managed access system that provides selective communications and registration of mobile wireless devices).
Chen et al. Pub. No.: (US 2015/0304803 A1).  The subject matter disclosed therein is pertinent to that of claims 1, 3-11, and 13-20 (e.g., Proxy connection method and apparatus).
Ke et al. Pub. No.: (US 2021/0400538 A1).  The subject matter disclosed therein is pertinent to that of claims 1, 3-11, and 13-20 (e.g., Method for guaranteeing data transmission and communications device).
Gallagher et al. Pub. No.: (US 2018/0220301 A1).  The subject matter disclosed therein is pertinent to that of claims 1, 3-11, and 13-20 (e.g., Mobile wireless device managed access system providing enhanced authentication features and related methods).

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance." 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Thao Duong whose telephone number is (571)272 - 2350. The examiner can normally be reached on M-F 7:30-5:00. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Brian J. Gillis can be reached on (571)-272-7952. The fax phone number for the organization where this application or proceeding is assigned is 571 - 273-8300.
 	
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/T. D./
Examiner, Art Unit 2446

/BRIAN J. GILLIS/Supervisory Patent Examiner, Art Unit 2446