DETAILED ACTION
This action is in response to the preliminary amendment filed 11/06/2020.  Claims 22-42 are pending.  Claims 1-21 have been cancelled.  Independent claims 22 and 35, and corresponding dependent claims are directed towards methods for protecting signaling messages in hop-by-hop network communication links.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Information Disclosure Statement
The listing of references in the specification is not a proper information disclosure statement.  37 CFR 1.98(b) requires a list of all patents, publications, or other information submitted for consideration by the Office, and MPEP § 609.04(a) states, "the list may not be incorporated into the specification but must be submitted in a separate paper."  Therefore, unless the references have been cited by the examiner on form PTO-892, they have not been considered.	Specifically:  		RFC 6733 on pg. 1;		“LTE and EPC Roaming Guidelines” on pg. 2;		“3GPP TS 23.2722” on pg. 3;		“Multi-Context TLS (mcTLS):  Enabling Secure In-Network Functionality in TLS” on pg. 3;		“US 2005/0235065 A1” on pg. 4;		“Combined Public-Key Schemes: The Case of ABE and ABS” on pg. 17;		“Cyphertext-Policy Attribute-Based Encryption” on pg. 22; 		“Attribute-based encryption for fine-grained access control of encrypted data” on pg. 22; 		“3GPP Technical Specification TS 29.272 V. 15.2.0” on pg. 33; and		“Advanced Encryption Standard (AES)” on pg. 52.
Specification
The disclosure is objected to because of the following informalities:	the acronyms are is not expanded for the first recitation of:  SMS, RADIUS, GPRS, HTTP, SIGCOMM, 4G, DoS, LNCS, SP’07, CCS’06, OC (pg. 33), RAT (pg. 33), UE-SRVCC, IMS, PS (pg. 33), GMLC, APN, MT-SMS, SGs (pg. 33), NIST, and FIPS;	“sequel” should probably be “sequence” in pg. 29 l. 12 and l. 26, pg. 32 l. 12 and l. 14, and pg. 34 l. 2; and	pg. 38 l. 10 remove “also” for grammar.	Appropriate correction is required.
Claim Objections
Claims 22, 25-26, 35-37 and 42 are objected to because of the following informalities, shown with suggested amendments:	Claim 22 l. 20 “message[[,]]; and” for proper list structuring;	Claim 22 l. 23 “forwarding [[it]]the signaling message” for proper antecedent basis;	Claim 22 l. 24 should end with an “and” as the next limitation is the last element of a list;	Claim 25 l. 6 the “providing” limitation should end with an “and” as the next limitation is the last element of a list;	Claim 26 l. 22 “[[the]]a last digital signature” for proper antecedent basis; 	Claim 26 l. 24 “[[the]]a last has value of the change” for proper antecedent basis;	Claim 26 l. 40 the “h)” limitation should end with an “and” as the next limitation is the last element of a list;	Claim 26 l. 60 and l. 63-64 “the original value” should probably be “the previous value” as multiple modifications can be made to the same element by different intermediary nodes, and the modification being made is not necessarily to the “original’ value;	Claim 35 l. 16 “encrypting[[,]]; and including” as the “including” limitation is another step in a list separated by semi-colons; 	Claim 35 l. 17 “[[the]]a sequence of Information Elements” for proper antecedent basis;	Claim 35 l. 17 should end with an “and” as the next limitation is the last element of a list;	Claim 36 l. 7 “encrypting[[,]]; and including” as the “including” limitation is another step in a list separated by semi-colons; 	Claim 36 l. 8 should end with an “and” as the next limitation is the last element of a list;	Claim 37 l. 6 “encrypting[[,]]; and including” as the “including” limitation is another step in a list separated by semi-colons; 	Claim 37 l. 7 should end with an “and” as the next limitation is the last element of a list; and	Claim 42 ll. 1-2 “wherein the signaling messages [[is]]are [[a]] Diameter signaling messages”.	Appropriate correction is required.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

Claims 23-30 and 32-42 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor regards as the invention.
Claim 23 ll. 3-9 recites a signature verification process in which limitations that are already defined in Claim 22 are re-used for different elements of the invention resulting in a lack of proper antecedent basis.  For purposes of applying prior art the limitation has been construed as “for each Information Element, calculating [[an]] a second Information Element hash value of the Information Element; calculating a second sequence hash value of a concatenation of the calculated second Information Element hash values; verifying the source node digital signature included in the received signaling message by exploiting said source node public digital signature verification key and the second calculated sequence hash value”.
Claim 24 ll. 8-14 recite a signature verification process in which limitations that are already defined in Claim 22 are re-used for different elements of the invention resulting in a lack of proper antecedent basis.  For purposes of applying prior art the limitation has been construed as “for each Information Element, calculating [[an]] a second Information Element hash value of the Information Element; calculating a second sequence hash value of a concatenation of the second calculated Information Element hash values; verifying the source node digital signature included in the received signaling message by exploiting said source node public digital signature verification key and the second calculated sequence hash value”.
Claims 25-30 and 32-34 incorporate the deficiencies of claim 24, through dependency, and are therefore also rejected.
Claim 26 ll. 8-10 and 43-64 recite a process of a “further intermediate node” which repeats or acts on re-used limitations already defined for “an intermediate node” in Claim 25, resulting in a lack of proper antecedent basis.  For purposes of applying prior art the limitation on ll. 8-10 has been construed as “providing said further intermediate node with [[an]]a further intermediate node public digital signature verification key and [[an]]a further intermediate node private digital signature key associated with said further intermediate node public digital signature verification key” and the limitation on ll. 43-64 has been construed as “in case all said generated digital signatures present in the received signaling message are verified as valid, making a further change to said received signaling message, wherein said making a further change includes at least one among further modifying at least one Information Element in the sequence or adding to the sequence at least one further additional Information Element with an associated unique index able to identify the further additional Information Element in the sequence, otherwise discarding the received signaling message; calculating a hash value of the further change made to the received signaling message, wherein said calculating a hash value of the further change includes calculating an individual hash value of each further modified and/or further additional Information Element plus the associated indexes, and calculating a sequence hash value of a concatenation of the further calculated individual hash values; generating an intermediate node digital signature by digitally signing the calculated hash value of the further change by exploiting the further intermediate node private digital signature key and the further intermediate node public digital signature verification key; including the generated digital signature of the hash value of the further change in the signaling message, together with the indexes of the further modified and/or further additional Information Elements; calculating an individual hash value of the original value of each further modified Information Element; and including in the signaling message data useful to assess the integrity of the signaling message before the further change, said data comprising the individual hash value of the original value of each further modified Information Element”.
Claim 27 depends from Claim 26 and is deficient for the same reasons, and for purposes of applying prior art ll. 6-7 is construed as “the further changes”.
Claim 35 ll. 10-12 recite the limitation “wherein said private decryption key has embedded therein a respective node attribute set including at least one node attribute, particularly an identifier of the node or an expiry time/date of said private decryption key” which lacks proper antecedent basis as there are two “private keys” defined prior to this limitation.  For purposes of applying prior art the limitation has been construed as “wherein said private destination node decryption key and respective private intermediate node decryption keys [[has]] have each embedded therein a respective node attribute set including at least one respective node attribute, particularly an identifier of the respective node or an expiry time/date of said private destination node decryption key or private intermediate node decryption key”.
Claim 35 ll. 18-21 recite the limitation “at the destination node and said authorized intermediate node: decrypting the encrypted Information Element exploiting the destination node private decryption key and the respective authorized intermediate node private decryption key, to obtain a decrypted Information Element” which is vague and indefinite as it is unclear how the destination node can use the private key of the intermediate node to decrypt or the intermediate node can use the private key of the destination node to decrypt as private keys are by nature not supposed to exist outside of the devices that use them.  For purposes of applying prior art the limitation has been construed as “at said authorized intermediate node: decrypting the encrypted Information Element exploiting the respective authorized intermediate node private decryption key, to obtain a decrypted Information Element; and at the destination node: decrypting the encrypted Information Element exploiting the destination node private decryption key, to obtain a decrypted Information Element”.
Claims 36-42 incorporate the deficiencies of claim 35, through dependency, and are therefore also rejected.
Claim 40 l. 1 recites the limitation “The method of claim 35, wherein said ABE and IBE schemes” which lacks proper antecedent basis as there is no prior recitation of “ABE” or “IBE”.  For purposes of applying prior art the limitation has been construed as “The method of claim [[35]]39, wherein said ABE and IBE schemes”.
Claim 41 l. 1 recite the limitation “wherein said hash values are calculated” which lacks proper antecedent basis as there is no prior recitation of “hash values”.  For purposes of applying prior art the limitation has been construed as “wherein said encrypted Information Elements are calculated”.
Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.


Claims 22-23 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by GSMA, “IPX network End to end Security Guidelines DRAFT Version 1.0”, published Nov. 17, 2017, submitted with IDS filed Nov. 6, 2020.

As to claim 22, GSMA discloses a method of protecting signaling messages in a hop-by-hop network communication link between a source node in the network and a destination node in the network (GMSA §1.2 ¶1 protection of network exchange between service providers along IPX ecosystem; §4.1 ¶1 sending entity and receiving entity), the communication link including at least one intermediate node in the network between the source node and the destination node (GSMA pg. 12 Figure 1 showing communication link between SP1 and SP2 having to IPX devices), the method comprising:	providing the source node with a source node public digital signature verification key and a respective source node private digital signature key associated with said public digital signature verification key (GSMA §5.1 digital signing via asymmetric cryptography (requires private key for signer and public key for verification); pg. 16 use of private key for signing);	providing the destination node with said source node public digital signature verification key associated with the source node private digital signature key (GSMA pg. 17 ¶1 service provider B verifies integrity of message by verifying hash (requires public key of service provider A));	at the source node:		building a signaling message including a sequence of Information Elements (GSMA pg. 17 Figure 7 showing message with 3 fields);		for each Information Element, calculating an Information Element hash value of the Information Element (GSMA §5.1.2 ¶1 calculate hash for each field separately);		calculating a sequence hash value of a concatenation of the calculated Information Element hash values (GSMA §5.1.2 ¶1 XOR the calculated hashes with each other);		generating a source node digital signature by digitally signing the calculated sequence hash value, said digitally signing comprising exploiting the source node private digital signature key and the source node public digital signature verification key (GSMA pg. 15 §5.1.1 signing a hash; pg. 16 ¶1 creation of signature using private key of service provider A; pg. 17 Figure 7 signature of message including concatenation of hashes; pg. 17 ¶1 service provider B verifies integrity of message by verifying hash (requires public key of service provider A));		including the source node digital signature in the signaling message (GSMA pg. 17 Figure 7 showing signature of message); and		sending the signaling message (GSMA pg. 17 Figure 7 showing message passed from SP A to SP B via IPX A);	at the intermediate node:		receiving the signaling message and forwarding it to the destination node directly or via a next intermediate node (GSMA pg. 17 Figure 7 showing message passed from SP A to SP B via IPX A); and	at the destination node:		receiving the signaling message (GSMA pg. 17 Figure 7 showing message passed from SP A to SP B via IPX A).
As to claim 23, GSMA discloses the invention as claimed as described in claim 22, including further comprising:	at the destination node, after said receiving the signaling message:		for each Information Element, calculating an Information Element hash value of the Information Element (GSMA pg. 17 ¶1 SP B verifies integrity of message by verifying hash by doing the same operations performed by SP A (i.e. recalculation of individual hashes and XORing the hashes);		calculating a sequence hash value of a concatenation of the calculated Information Element hash values (GSMA pg. 17 ¶1 SP B verifies integrity of message by verifying hash by doing the same operations performed by SP A (i.e. recalculation of individual hashes and XORing the hashes);		verifying the source node digital signature included in the received signaling message by exploiting said source node public digital signature verification key and the calculated sequence hash value (GSMA pg. 17 ¶1 service provider B verifies integrity of message by verifying hash (requires public key of service provider A)); and		in case the source node digital signature is verified as valid, accepting the received signaling message as authentic, otherwise discarding the received signaling message (GSMA pg. 3 §1.1 Diameter protocol – rejects invalid packets and accepts valid packets).
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 24-27 and 29-30 are rejected under 35 U.S.C. 103 as being unpatentable over GSMA, “IPX network End to end Security Guidelines DRAFT Version 1.0”, published Nov. 17, 2017, submitted with IDS filed Nov. 6, 2020, in view of Korhonen et al., “Diameter AVP Level Security: Keyed Message Digests, Digital Signatures, and Encryption”, published Feb. 29, 2016.

As to claim 24, GSMA substantially discloses the invention as claimed as described in claim 22, failing, however, to explicitly disclose wherein in said building a signaling message a respective unique index is assigned to each of said Information Elements, the index assigned to an Information Element being able to identify that Information Element in the sequence, wherein said calculating an Information Element hash value includes calculating a hash value of the Information Element plus the unique index assigned thereto, and wherein said including the source node digital signature in the signaling message also includes the indexes of all said Information Elements.	Korhonen describes an extension for end to end authentication, integrity and confidentiality protection of Diameter Attribute Value Pairs (AVP)s.	With this in mind, Korhonen discloses wherein in said building a signaling message a respective unique index is assigned to each of said Information Elements, the index assigned to an Information Element being able to identify that Information Element in the sequence, wherein said calculating an Information Element hash value includes calculating a hash value of the Information Element plus the unique index assigned thereto, and wherein said including the source node digital signature in the signaling message also includes the indexes of all said Information Elements (Korhonen §2.1 ¶4 individual hash of AVP must include entire AVP including the AVP code and length & padding).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the AVP signing of the entire AVP with the AVP signing of GSMA, such that all the details of the AVP are included in the hash (such as the AVP code, length and padding values), as it would advantageously protect attribute value pairs (Korhonen [Abstract]).
As to claim 25, GSMA and Korhonen disclose the invention as claimed as described in claim 24, including wherein said at least one intermediate node includes a first intermediate node being an intermediate node next to the source node in said hop-by-hop network communication link (GSMA pg. 12 Figure 1 showing IPX 1 as next hop from SP 1), the method further comprising:	providing said first intermediate node with an intermediate node public digital signature verification key and a respective intermediate node private digital signature key associated with said intermediate node public digital signature verification key (GSMA pg. 18 Figure 8 showing “Added SIGNATURE-FIELD by IPX A” in asymmetric digital signing requires key pair for IPX A);	at said first intermediate node, after said receiving and before said forwarding:		for each Information Element, calculating an Information Element hash value of the Information Element (GSMA pg. 9 §3.2 ¶2 IPsec applied by IPX providers for hop-by-hop for integrity protection – IPsec includes checking for tampering; pg. 17 ¶1 verification of integrity of message by verifying hash by doing the same operations performed by SP A (i.e. recalculation of individual hashes and XORing the hashes));		calculating a sequence hash value of a concatenation of the calculated Information Element hash values (GSMA pg. 17 ¶1 verification of integrity of message by verifying hash by doing the same operations performed by SP A (i.e. recalculation of individual hashes and XORing the hashes);		verifying the source node digital signature included in the received signaling message by exploiting the source node public digital signature verification key and the calculated sequence hash value (GSMA pg. 17 ¶1 verification of integrity of message by verifying hash (requires public key of service provider A));		in case the source node digital signature is verified as valid, making a change to the received signaling message, wherein said making a change includes at least one among modifying at least one Information Element in the sequence (GSMA §5.1.3 modifications by IPX) or adding to the sequence at least one additional Information Element (GSMA §5.1.5 additions by IPX) with an associated unique index able to identify the additional Information Element in the sequence (Korhonen §2.1 ¶4 i the AVP code), otherwise, if the source node digital signature is not verified as valid, discarding the received signaling message (GSMA pg. 3 §1.1 Diameter protocol – rejects invalid packets and accepts valid packets);[Symbol font/0x20] [Symbol font/0x20]		calculating a hash value of the change made to the received signaling message, wherein said calculating a hash value of the change includes calculating an individual hash value of each modified and/or additional Information Element (GSMA pg. 18 ¶2 IPX A signs all fields that should be protected again – including modified FIELD2, modified FIELD2 hash shown as H2’, original FIELD2 hash is H2) plus the associated indexes (Korhonen §2.1 ¶4 individual hash of AVP must include entire AVP including the AVP code and length & padding), and calculating a sequence hash value of a concatenation of the calculated individual hash values (GSMA pg. 18 ¶2 sequence hash includes current hashes and original hashes (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3 [Symbol font/0xC5] H2));		generating an intermediate node digital signature by digitally signing the calculated hash value of the change by exploiting the intermediate node private digital signature key and the intermediate node public digital signature verification key (GSMA pg. 15 §5.1.1 signing a hash; pg. 18 ¶2 IPX A creates signature with calculated hashes);		including the generated digital signature of the hash value of the change in the signaling message, together with the indexes of the modified and/or additional Information Elements (GSMA Figure 8 showing message from IPX A to SP B having modified fields (AVP)s with new signature and prior signature);		calculating an individual hash value of the original value of each modified Information Element (GSMA pg. 18 ¶2 sequence hash includes current hashes and original hashes (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3 [Symbol font/0xC5] H2)); and		including in the signaling message data useful to assess the integrity of the signaling message before the change, said data comprising the individual hash value of the original value of each modified Information Element (GSMA pg. 18 ¶2 sequence hash includes current hashes and original hashes (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3 [Symbol font/0xC5] H2); §5.1.6 new signatures create “trail” of additions, modification and deletions for the destination to determine what has been done).
As to claim 26, GSMA and Korhonen disclose the invention as claimed as described in claim 25, including wherein said at least one intermediate node includes, in addition to said first intermediate node, a further intermediate node next to a preceding intermediate node in said hop-by-hop network communication link (GSMA pg. 12 Figure 1 showing IPX 2 as next hop from IPX 1), the method further comprising:	providing said further intermediate node with the source node public digital signature verification key and the public digital signature verification keys of all the previous intermediate nodes in said hop-by-hop network communication link (GSMA §5.1 digital signing via asymmetric cryptography (requires private key for signer and public key for verification));	providing said further intermediate node with an intermediate node public digital signature verification key and an intermediate node private digital signature key associated with said intermediate node public digital signature verification key (GSMA pg. 18 Figure 8 showing signature field added by IPX, asymmetric digital signing requires key pair for IPX signature);	at said further intermediate node, after said receiving and before said forwarding:		a) extracting from the received signaling message all said generated digital signatures together with all said indexes of the modified and/or additional Information Elements respectively associated with said generated digital signatures, wherein said digital signatures have been generated by said previous intermediate nodes in said hop-by-hop network communication link and by the source node (GSMA pg. 9 §3.2 ¶2 IPsec applied by IPX providers for hop-by-hop for integrity protection – IPsec includes checking for tampering; pg. 18 ¶3&4 verification of all prior signatures including signatures made by IPX nodes);		b) extracting from the received signaling message said data useful to assess the integrity of the signaling message before the change, for each said digital signature of the hash value of the change in the signaling message generated by a previous intermediate node (GSMA pg. 18 ¶3&4 verification of all prior signatures including signatures made by IPX nodes);		c) for each Information Element in the received signaling message with an index associated with the last generated digital signature, calculating an Information Element hash value of the Information Element (GSMA pg. 18 ¶3 analyze signatures top down (most recent signature first), calculate (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3) from message);		d) calculating the last hash value of the change, as the hash value of a concatenation of the calculated Information Element hash values (GSMA pg. 18 ¶3 analyze signatures top down (most recent signature first), calculate (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3) from message);		e) verifying said last generated digital signature included in the received signaling message by exploiting the respective previous intermediate node public digital signature verification key and said last hash value of the change (GSMA pg. 17 ¶1 verification of integrity of message by verifying hash (requires public key of signing node));		f) for each modified Information Element in the received signaling message with an index associated with said last generated digital signature, extracting from said data useful to assess the integrity of the signaling message before the change the individual hash value of the original value of the modified Information Element (GSMA pg. 18 ¶3 XOR the calculated hashes with the hash from the recent signature to get prior hash values of changed field(s) (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3) [Symbol font/0xC5] (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3 [Symbol font/0xC5] H2) = H2);		g) calculating a previous hash value of the change, as the hash value of a concatenation of all calculated or extracted Information Element hash values corresponding to the Information Elements with an index associated with a previous, before the last, generated digital signature (GSMA pg. 18 ¶3 XOR the calculated hashes with the hash from the recent signature to get prior hash values of changed field(s) (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3) [Symbol font/0xC5] (H1[Symbol font/0xC5] H2’ [Symbol font/0xC5] H3 [Symbol font/0xC5] H2) = H2);		h) verifying said previous, before the last, digital signature included in the received signaling message by exploiting the respective intermediate node or the source node public digital signature verification key and said previous hash value of the change (GSMA pg. 18 ¶4 using H2 and current hash values H1 and H3 recalculate prior message hash (H1[Symbol font/0xC5] H2 [Symbol font/0xC5] H3) and compare with hash in signature to verify); and		i) iterating operations f) to h) for verifying all said generated digital signatures present in the received signaling message (GSMA pg. 18 ¶3 analyzing all signatures top down);	in case all said generated digital signatures present in the received signaling message are verified as valid, making a change to said received signaling message, wherein said making a change includes at least one among modifying at least one Information Element in the sequence (GSMA §5.1.3 modifications by IPX) or adding to the sequence at least one additional Information Element (GSMA §5.1.5 additions by IPX) with an associated unique index able to identify the additional Information Element in the sequence (Korhonen §2.1 ¶4 i the AVP code), otherwise discarding the received signaling message (GSMA pg. 3 §1.1 Diameter protocol – rejects invalid packets and accepts valid packets);	calculating a hash value of the change made to the received signaling message, wherein said calculating a hash value of the change includes calculating an individual hash value of each modified and/or additional Information Element (GSMA pg. 18 ¶2 IPX signs all fields that should be protected again – including modified fields) plus the associated indexes (Korhonen §2.1 ¶4 individual hash of AVP must include entire AVP including the AVP code and length & padding), and calculating a sequence hash value of a concatenation of the calculated individual hash values (GSMA pg. 18 ¶2 sequence hash includes current hashes and original hashes);	generating an intermediate node digital signature by digitally signing the calculated hash value of the change by exploiting the intermediate node private digital signature key and the intermediate node public digital signature verification key (GSMA pg. 15 §5.1.1 signing a hash; pg. 18 ¶2 IPX creating signature with calculated hashes);	including the generated digital signature of the hash value of the change in the signaling message, together with the indexes of the modified and/or additional Information Elements (GSMA Figure 8 showing message from IPX to SP B having modified fields (AVP)s with new signature and prior signature);	calculating an individual hash value of the original value of each modified Information Element (GSMA pg. 18 ¶2 sequence hash includes current hashes and original hashes); and	including in the signaling message data useful to assess the integrity of the signaling message before the change, said data comprising the individual hash value of the original value of each modified Information Element (GSMA pg. 18 ¶2 sequence hash includes current hashes and original hashes; §5.1.6 new signatures create “trail” of additions, modification and deletions for the destination to determine what has been done).
As to claim 27, GSMA and Korhonen disclose the invention as claimed as described in claim 26, including further comprising: at the destination node, after said receiving the signaling message:	performing the same operations a) to h) performed by the further intermediate nodes for verifying all said generated digital signatures present in the received signaling message, by exploiting the public digital signature verification keys of the respective nodes and the respective iteratively calculated said hash values of the changes (GSMA pg. 21 §5.1.6 using head and tail of signatures to determine by the receiver what has been done and validate all signatures); and	in case all said generated digital signatures are verified as valid, accepting the received signaling message, otherwise discarding the received signaling message (GSMA pg. 3 §1.1 Diameter protocol – rejects invalid packets and accepts valid packets).
As to claim 29, GSMA and Korhonen disclose the invention as claimed as described in claim 25, including wherein said including in the signaling message data useful to assess the integrity of the signaling message before the change comprises including in the signaling message an indication of a nature of the change, wherein said indication of the nature of the change is one among an indication of a modification of an Information Element and an indication of the addition of an Information Element (GSMA § 5.1.7 Signature-Field contains: Action which can be Modification, Addition or Deletion; and AVP code which indicates the codes of the fields that were added, deleted or modified).
As to claim 30, GSMA and Korhonen disclose the invention as claimed as described in claim 29, including wherein said indication of a modification of an Information Element is one among an indication of a modification of the value of an Information Element and an indication of the deletion of an Information Element (GSMA § 5.1.7 Signature-Field contains: Action which can be Modification, Addition or Deletion; and AVP code which indicates the codes of the fields that were added, deleted or modified).
Claim 28 is rejected under 35 U.S.C. 103 as being unpatentable over GSMA, “IPX network End to end Security Guidelines DRAFT Version 1.0”, published Nov. 17, 2017, submitted with IDS filed Nov. 6, 2020, in view of Korhonen et al., “Diameter AVP Level Security: Keyed Message Digests, Digital Signatures, and Encryption”, published Feb. 29, 2016, in view of Davis et al. (US 9,003,182 B2), issued Apr. 7, 2015.
As to claim 28, GSMA and Korhonen substantially disclose the invention as claimed as described in claim 25, failing, however, to explicitly disclose wherein said generating a digital signature, before said digitally signing, also comprises concatenating an identity of the signing node to said calculated sequence hash value.	Davis describes a method for securely communicating a message between correspondents through an intermediary terminal.	With this in mind, Davis discloses wherein said generating a digital signature, before said digitally signing, also comprises concatenating an identity of the signing node to said calculated sequence hash value (Davis claim 1 signature comprising hash of msg concatenated with nonce and identifier of correspondent, signed using the private key of the correspondent).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the secure communication method of Davis with the integrity protection of GSMA and Korhonen, such that the identity is included within the signature, as it would advantageously provide flexibility in providing information while maintaining a higher level of security (Davis c. 1 ll. 25-38).
Claim 31 is rejected under 35 U.S.C. 103 as being unpatentable over GSMA, “IPX network End to end Security Guidelines DRAFT Version 1.0”, published Nov. 17, 2017, submitted with IDS filed Nov. 6, 2020, in view of Bethencourt et al., “Ciphertext-Policy Attribute-Based Encryption”, published Jun. 4, 2007.
As to claim 31, GSMA substantially discloses the invention as claimed as described in claim 22, failing, however, to explicitly disclose wherein the source node private digital signature key has embedded therein a source node attribute set including at least one source node attribute of the source node, particularly an identifier of the source node or an expiry time/date of said private digital signature key, and the source node digital signature has embedded therein an access policy satisfied by the attribute set embedded in the source node private digital signature key, particularly an access policy including said identifier of the source node or said expiry time/date of said private digital signature key.	Bethencourt describes a ciphertext-policy attribute-based encryption (CP-ABE).	With this in mind, Bethencourt discloses wherein the private digital key has embedded therein an attribute set (Bethencourt §3.1 Key generation – private key is generated based on set of attributes), particularly an identifier of or an expiry time/date of said private digital signature key (Bethencourt Figure 2 showing cpabe-keygen method creating private key based on identifying information), and the ciphertext has embedded therein an access policy satisfied by the attribute set embedded in the private digital signature key (Bethencourt §3.1 Encrypt – message encrypted such that only a user possessing set of attributes that satisfies the access structure can decrypt), particularly an access policy including said identifier or said expiry time/date of said private digital signature key (Bethencourt Figure 2 showing cpabe-enc method encrypting a file that can only be accessed if attributes are met).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the CP-ABE of Bethencourt with the integrity protection of GSMA, such that CP-ABE is used for the cryptographic processes of encryption/decryption and signing of GSMA, as it would advantageously keep encrypted data confidential (Bethencourt Abstract).
Claims 32 and 34 are rejected under 35 U.S.C. 103 as being unpatentable over GSMA, “IPX network End to end Security Guidelines DRAFT Version 1.0”, published Nov. 17, 2017, submitted with IDS filed Nov. 6, 2020, in view of Korhonen et al., “Diameter AVP Level Security: Keyed Message Digests, Digital Signatures, and Encryption”, published Feb. 29, 2016, in view of Bethencourt et al., “Ciphertext-Policy Attribute-Based Encryption”, published Jun. 4, 2007.
As to claim 32, GSMA and Korhonen substantially disclose the invention as claimed as described in claim 25, failing, however, to explicitly disclose wherein the intermediate node private digital signature key has embedded therein an intermediate node attribute set including at least one intermediate node attribute of the intermediate node, particularly an identifier of the intermediate node or an expiry time/date of said private digital signature key, and the intermediate node digital signature has embedded therein an access policy satisfied by the attribute set embedded in the intermediate node private digital signature key, particularly an access policy including said identifier of the intermediate node or said expiry time/date of said private digital signature key.	Bethencourt discloses wherein the private digital key has embedded therein an attribute set (Bethencourt §3.1 Key generation – private key is generated based on set of attributes), particularly an identifier or an expiry time/date of said private digital key (Bethencourt Figure 2 showing cpabe-keygen method creating private key based on identifying information), and the ciphertext has embedded therein an access policy satisfied by the attribute set embedded in the private digital key (Bethencourt §3.1 Encrypt – message encrypted such that only a user possessing set of attributes that satisfies the access structure can decrypt), particularly an access policy including said identifier or said expiry time/date of said private digital key (Bethencourt Figure 2 showing cpabe-enc method encrypting a file that can only be accessed if attributes are met).  It would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains to combine the CP-ABE of Bethencourt with the integrity protection of GSMA and Korhonen, such that CP-ABE is used for the cryptographic processes of encryption/decryption and signing of GSMA, as it would advantageously keep encrypted data confidential (Bethencourt Abstract).
As to claim 34, GSMA, Korhonen and Bethencourt disclose the invention as claimed as described in claim 32, including wherein at least one Information Element contains a modification access policy that needs to be satisfied by a node's attributes in order for said node to be authorized to perform a modification of said Information Element and wherein said modification access policy is compliant with the access policy embedded in the digital signature of said node (Bethencourt §3.1 Encrypt – message encrypted such that only a user possessing set of attributes that satisfies the access structure can decrypt; GSMA pg. 19 ¶2 if the signatures are to be evaluated as valid - node must be able to decrypt all prior signature to create new signature if signatures have access policy, decrypting node must satisfy that policy to accurately decrypt signature).
Allowable Subject Matter
Claim 33 is objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims, provide all corresponding objections and rejection(s) under 35 U.S.C. 112(b), 2nd paragraph, set forth in this Office action are overcome.
Claim 35 would be allowable if rewritten or amended to overcome the objections and rejection(s) under 35 U.S.C. 112(b), 2nd paragraph, set forth in this Office action.
Claims 36-42 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims, provide all corresponding objections and rejection(s) under 35 U.S.C. 112(b), 2nd paragraph, set forth in this Office action are overcome.
The following is a statement of reasons for the indication of allowable subject matter:
Regarding claim 33, the prior art of record fails to disclose or fairly suggest, in combination a method, as that presented in claims 22, 24, 25 and 32, including wherein the private signature keys of the source and intermediate nodes are all associated with the same public digital signature verification key, according to an Attribute-Based Signature, ABS, scheme, particularly to an Identity-Based Signature, IBS, scheme.
Regarding claim 35 and its dependent claims, the prior art of record fails to disclose or fairly suggest, in combination, a method of protecting signaling messages in a hop-by-hop network communication link between a source and destination node via at least one intermediate node in a network in which a public encryption key is provided to the source and intermediate nodes, and private decryption keys associate with the public key are provided to the destination node and any authorized intermediate nodes, the private decryption keys embedded with a respective node attribute set (node identifier or key expiry time); the source node generates an encrypted Information Element (IE) with an embedded access policy, and includes the encrypted IE in a sequence, the intermediate and destination nodes both using their private keys to decrypt the information element, in the specific manner and combination as recited in claim 35.  The key allowable feature being the combination of decryption by the intermediate node and the embedding of attributes and policies.
The closest prior art of record, previously cited GSMA is related to IPX integrity and confidentiality.  GSMA presents integrity checking of an exchange between source and destination via intermediaries.  However, the encryption is end-to-end and does not provide for analysis/modification of encrypted AVP fields by decrypting intermediaries, as shown in claim 35.
The next closest prior art of record, previously cited, Bethencourt is related to CP-ABE.  Bethencourt presents the attribute/policy-based encryption, however, does not teach the IPX exchange, integrity checking, nor the distribution of public/private keys as shown in claim 35.
The prior art of record, previously cited Appenzeller, is related to identity-based encryption messaging system.  Appenzeller discloses an encryption scheme that handles the distribution of the public key and associated private keys, but fails to disclose the embedding of policies and attributes, and the IPX integrity checking, as shown in claim 35.
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Pronk (US 2020/0267542 A1) is very relevant art that relates to integrity signaling between mobile networks using the Diameter protocol and covers subject matter similar to GSMA.
“Discussion document on IPX security” are meeting notes related to discussions about the GSMA reference.
Goyal et al. “Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data” is related to KP-ABE.
Ignatenko et al. (US 2015/0222605 A1) is related to attributed-based encryption.
Waters et al. (US 2009/0080658 A1) is related to encrypting data for fine grained access control.
Seleznev et al. (US 2011/0096929 A1) is related to encryption key distribution in mobile broadcasting.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ERIC W SHEPPERD whose telephone number is (571)270-5654.  The examiner can normally be reached on Monday - Thursday, Alt. Friday, 7:30AM - 5:00PM, EST.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571)272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/Eric W Shepperd/Primary Examiner, Art Unit 2492