DETAILED ACTION

Notice of AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

The present office action is responsive to communications received on 8/31/2022. Claims 1-20 are pending.

Response to Arguments
The arguments/remarks filed by the applicant on 8/31/2022 have been fully considered and are responded in the following.

Applicant's amendments to claims have overcome the Claim Objections and Claim Rejections - 35 USC § 112(b) previously set forth in the Non-Final Office Action mailed 6/16/2022. All previous objections and 35 USC § 112(b) rejections have been withdrawn.

Applicant's arguments regarding the 35 USC § 103 rejection of amended independent claim 1 have been fully considered but they are not persuasive. Applicant states that ‘the cited sections of the applied references, whether taken alone or in any reasonable combination, do not disclose at least "establishing, by a security device, a first secure communication channel between a small cell device and a network device external to a small cell of the small cell device based on a first type of encryption," and "providing, by the security device and via the first secure communication channel between the small cell device and the network device, information associated with a second type of encryption to reconfigure a cryptographic engine of the small cell device to have a second capability for the second type of encryption, wherein the small cell device is to utilize the second capability, and wherein the second type of encryption is different from the first type of encryption," as recited in claim 1, as amended. Although potentially of different scope than claim 1, claims 8 and 15, as amended, recite similar features. (p. 11, ¶5)’ In response to applicant's arguments, the examiner respectfully disagrees. Claims 1, 8 and 15 do not particularly point out any relationship/distinction between “security device” and “small cell device”; therefore, they can be the same device under broadest reasonable interpretation (BRI). Reference Di Pietro in view of Yin still discloses the amended claims. Please refer to "Claim Rejections - 35 USC § 103" section below for detail analysis.

Examiner contacted attorney on 9/23/2022 to discuss potential amendments which may overcome prior art and expedite prosecution.
explicitly point out any relationship/distinction between “security device” and “small cell device”, such as "security device" being different from "small cell device" as well as "network device"; and 
identify conditions to trigger terminating first secure communication channel and establishing second secure communication channel dynamically, such as disclosure in specification [0015], [0017]. In contrast, reference Di Pietro (¶6-7) utilizes predefined interval (predefine interval of time or predefined amount of data communicated/encrypted) as trigger to dynamically modify/update level of data encryption.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Di Pietro (US 20190215541 A1) in view of Yin (US 20170171187 A1).

Regarding claim 1, Di Pietro teaches a method, comprising:
establishing, by a security device, a first secure communication channel between a [security device] and a network device external to the [security device] based on a first type of encryption; ([0064] FIG. 6, The server and/or client can identify a level of data encryption with which the server and the client agree to proceed (307).) Here server/client are analogous to claim limitation security device/network device and the communication channel in between using said identified level of data encryption (analogous to claim limitation “first type of encryption”) is the “first secure communication channel”.
enabling, by the security device, data transmission between the [security device] and a core network via the first secure communication channel; ([0064] The server and/or client can encrypt the data according to the level of data encryption with which the server and the client agree to proceed (309).)
providing, by the security device and via the first secure communication channel between the [security device] and the network device, information associated with a second type of encryption to reconfigure a cryptographic engine of the [security device] to have a second capability for the second type of encryption, ([0064] The server can, following a predefined interval, identify an updated level of data encryption (311).) Here updated level of data encryption is analogous to claim limitation “second capability for the second type of encryption”.
wherein the [security device] is to utilize the second capability, and ([0072] (311) the server can, following a predefined interval, identify an updated level of data encryption. The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed.)
wherein the second type of encryption is different from the first type of encryption; ([0064] The server can, following a predefined interval, identify an updated level of data encryption (311).) Here updated level of data encryption is analogous to claim limitation “different from the first type of encryption”.
terminating, by the security device, the first secure communication channel; ([0072] The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed.) When server/client proceed with updated level of data encryption, the communication channel using original identified level of data encryption (analogous to claim limitation “first secure communication channel”) is terminated under broadest reasonable interpretation.
establishing, by the security device, a second secure communication channel between the [security device] and the network device using the second type of encryption; and ([0072] The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed.) Here the communication channel in between server/client using updated level of data encryption is the “second secure communication channel”.
enabling, by the security device, further data transmission between the [security device] and the core network via the second secure communication channel. ([0072] The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed.)

Di Pietro teaches establishing and enabling secure communication channels using various encryptions between devices, but does not explicitly teach one of the devices being small cell device. This aspect of the claim is identified as a difference.
However, Yin in an analogous art explicitly teaches
a small cell device and a network device external to a small cell of the small cell device. ([0036] FIG. 2, Base station 210 may include one or more devices capable of transferring traffic, such as audio, video, text, and/or other traffic, destined for and/or received from UE 205. In some implementations, base station 210 may include an eNB associated with the LTE network that receives traffic from and/or sends traffic to network 265 via SGW 220 and/or PGW 225. … In some implementations, base station 210 may include a small cell base station, such as a base station of a microcell, a picocell, and/or a femtocell. [0033] base stations 210 that take the form of evolved Node Bs (eNBs) via which UE 205 communicates with the evolved packet core (EPC). The EPC may include MME 215, SGW 220, PGW 225, and/or PCRF 240 that enable UE 205 to communicate with network 265 and/or an Internet protocol (IP) multimedia subsystem (IMS) core.) Here Yin discloses base stations 210 (analogous to claim limitation “small cell device”) establishing communication channel with SGW 220/PGW 225 (analogous to claim limitation “network device”) and enabling data transmission to core network.
It would have been prima facie obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to combine the “encrypting data streams with negotiable and adaptable encryption levels” concept of Di Pietro, and the “small cell base station” approach of Yin. One of ordinary skill in the art would have been motivated to perform such a modification to improve the cellular experience for end users by enhancing coverage and capacity in locations where usage demands are highest. At their core, small cells are wireless transmitters and receivers designed to provide network coverage to smaller areas, and small cells suit more densely developed environments like cities. In summary. small cell technology strengthens coverage and data transfer speeds where devices might otherwise compete for bandwidth.

Regarding claim 2, Di Pietro in view of Yin teaches all the features with respect to claim 1, as outlined above. The combination further teaches providing, by the security device and to the network device, keypair generation information associated with the second type of encryption, ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption.) Here reference Di Pietro discloses that types of encryption can include public key (¶50, indicating claim limitation “keypair”). Reference Yin discloses types of encryption being public/private key pair as well (¶18, 62).
wherein the further data transmission is communicated via the second secure communication channel based on the keypair. ([Di Pietro 0072] The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed.)

Regarding claim 3, Di Pietro in view of Yin teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the first type of encryption is associated with a first keypair associated with a first quantity of bits and the second type of encryption is associated with a second keypair associated with a second quantity of bits that is different than the first quantity of bits. ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption.) Here reference Di Pietro discloses that types of encryption can include public key (¶50, indicating claim limitation “keypair”). Reference Di Pietro also discloses “Examples of strength of (a type of) encryption can include or correspond to various key lengths such as 56-bit keys, 256-bit keys, 512-bit keys, and keys of various other lengths. Examples of strength of (a type of) encryption can include or correspond to various ciphers being used, such as RSA cipher and symmetric-key encryption cipher. Examples of strength of (a type of) encryption can include or correspond to various combinations of key lengths and/or ciphers being used” (¶50). Here updated level of data encryption implies claim limitation “a second quantity of bits different than the first quantity of bits”.

Regarding claim 4, Di Pietro in view of Yin teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein establishing the second secure communication channel is established using, a public key associated with the second type of encryption to the network device. ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption.) Here reference Di Pietro discloses that types of encryption can include public key (¶50). Reference Yin discloses types of encryption being public/private key pair as well (¶18, 62).

Regarding claim 5, Di Pietro in view of Yin teaches all the features with respect to claim 1, as outlined above. The combination further teaches determining, by the security device, an occurrence of an event; and ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption. … The predefined interval can correspond to or include a predefined interval of time (e.g., 5 seconds, 20 seconds, 1 minute, or other duration), or a predefined amount of data communicated or encrypted (e.g., 1 Kbyte, 500 Kbytes, 10 Mbytes, or other amount of data).) Here “an occurrence of an event” is the predefined interval disclosed by Di Pietro, such as predefined interval of time or predefined amount of data.
wherein establishing the second secure communication channel includes:
establishing, by the security device, the second secure communication channel based on the occurrence of the event. ([Di Pietro 0072] The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed.)

Regarding claim 6, Di Pietro in view of Yin teaches all the features with respect to claim 1, as outlined above. The combination further teaches determining, by the security device, that a condition has been satisfied; ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption. … The predefined interval can correspond to or include a predefined interval of time (e.g., 5 seconds, 20 seconds, 1 minute, or other duration), or a predefined amount of data communicated or encrypted (e.g., 1 Kbyte, 500 Kbytes, 10 Mbytes, or other amount of data).) Here “a condition” is the predefined interval disclosed by Di Pietro, such as predefined interval of time or predefined amount of data.
terminating, by the security device, the second secure communication channel based on the condition being satisfied; and ([Di Pietro 0072] The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed.) When server/client proceed with updated level of data encryption, the communication channel using original identified level of data encryption (analogous to claim limitation “second secure communication channel”) is terminated under broadest reasonable interpretation.
re-establishing, by the security device, the first secure communication channel based on terminating the second secure communication channel, wherein the first secure communication channel is based on the first type of encryption. ([Di Pietro 0072] The server, in communication with the client following a predefined interval, can identify an updated level of data encryption with which the server and the client shall proceed. The predefined interval can correspond to or include a predefined interval of time, or a predefined amount of data communicated or encrypted. Following the predefined interval, one or both of the negotiation engines can identify and/or select an updated level of data encryption with which the server and the client can support, or maintain a current level of data encryption, or determine to halt encryption (e.g., temporarily, for at least the length of the predefined interval).) Here Di Pietro discloses examples of updated level of data encryption and summaries in ¶73 as (i) very strong encryption; (ii) medium strong encryption; (iii) weak encryption; (iv) no encryption. Indeed, it would be obvious to rearrange this function, such as repeating an earlier level of data encryption, if it is desired; See MPEP 2144.04(VI)(C).

Regarding claim 7, Di Pietro in view of Yin teaches all the features with respect to claim 1, as outlined above. The combination further teaches wherein the second type of encryption provides an increased level of security relative to the first type of encryption. ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption.) Here Di Pietro discloses “updated level of data encryption” can be “increased encryption level” (¶59 and 63).

Regarding claims 8 and 15, the scope of the claims are similar to that of claim 1, respectively. Accordingly, the claims are rejected using a similar rationale.

Regarding claim 9, Di Pietro in view of Yin teaches all the features with respect to claim 8, as outlined above. The combination further teaches wherein the first type of encryption is associated with a first hash algorithm and the second type of encryption is associated with a second hash algorithm that is different from the first hash algorithm. ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption.) Here reference Di Pietro discloses “Examples of types of encryption can include secret key (or symmetric), public key, and hash function cryptography” (¶50). Here updated level of data encryption implies claim limitation “a second hash algorithm different from the first hash algorithm”. Reference Yin discloses types of encryption being hash as well (¶27).

Regarding claim 10, Di Pietro in view of Yin teaches all the features with respect to claim 8, as outlined above. The combination further teaches wherein the first type of encryption provides a higher level of security relative to the second type of encryption. ([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption.) Here Di Pietro discloses “updated level of data encryption” can be “lowered encryption level” (¶59 and 63).

Regarding claims 11-13 and 20, the scope of the claims are similar to that of claims 4-6, respectively. Accordingly, the claims are rejected using a similar rationale.

Regarding claim 14, Di Pietro in view of Yin teaches all the features with respect to claim 8, as outlined above. The combination further teaches , wherein the first type of encryption and the second type of encryption utilize different ones of:
a public key encryption algorithm,
a data encryption standard algorithm,
a blowfish encryption algorithm, or
a twofish encryption algorithm. 
([Di Pietro 0072] Referring now to (311), and in some embodiments, the server can, following a predefined interval, identify an updated level of data encryption. [0050] Examples of types of encryption can include data encryption standard (DES), Triple DES, Rivest-Shamir-Adleman (RSA), Blowfish, Twofish, advanced encryption standard (AES). Examples of types of encryption can include secret key (or symmetric), public key, and hash function cryptography.)

Regarding claims 16-17, the scope of the claims are similar to that of claims 3 and 7, respectively. Accordingly, the claims are rejected using a similar rationale.

Regarding claim 18, Di Pietro in view of Yin teaches all the features with respect to claim 15, as outlined above. The combination further teaches wherein the network device comprises a mobile edge computing node. ([Yin 0036] FIG. 2, base station 210 may include an eNB associated with the LTE network that receives traffic from and/or sends traffic to network 265 via SGW 220 and/or PGW 225. [0033] base stations 210 that take the form of evolved Node Bs (eNBs) via which UE 205 communicates with the evolved packet core (EPC). The EPC may include MME 215, SGW 220, PGW 225, and/or PCRF 240 that enable UE 205 to communicate with network 265 and/or an Internet protocol (IP) multimedia subsystem (IMS) core.) Here Yin discloses SGW 220/PGW 225 being analogous to claim limitation “network device comprising mobile edge computing node”.

Regarding claim 19, Di Pietro in view of Yin teaches all the features with respect to claim 15, as outlined above. The combination further teaches wherein the set of security attributes are based on data input by a user associated with the small cell. ([Di Pietro 0058] Following a predefined interval, the negotiation engine(s) can identify and/or select an updated level of data encryption with which the device(s) can support, or maintain a current level of data encryption, or determine to halt encryption (e.g., temporarily, for at least the length of the predetermined interval).) Here Di Pietro discloses negotiation engine (part of server/client, analogous to claim limitation “small cell” device) with information related to identifying/selecting an updated level of data encryption (analogous to claim limitation “security attributes”). Di Pietro also discloses “Data may be entered using an input device of GUI 124 or received from I/O device(s) 126” (¶38). Therefore, it is obvious that information related to identifying/selecting an updated level of data encryption in negotiation engine can be based on input from associated user.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a).   Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to HAN YANG whose telephone number is (408)918-7638.  The examiner can normally be reached on Monday to Friday, 9:00-5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Carl Colin can be reached on 571-272-3862.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/HAN YANG/Examiner, Art Unit 2493