DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This office action is in response to the application filed on 05/17/2021. This application is a continuation (CON) of the patent US 11,025,597 B2.
Claims 1-20 are currently pending in this application.

Information Disclosure Statement
The information disclosure statements (IDSs) submitted on 05/17/2021 and 03/10/2022 were filed. The submissions are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(B)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. 

Claims 1-20 are rejected under 35 U.S.C. 112(b) as being indefinite for failing to particularly point out and distinctly claim the subject matter which applicant regards as the invention.

Claim 1 (claims 8 and 15 include similar limitations) recites “… obtaining … at least one key, wherein the at least one key comprises at least one of a first key … performing … security protection on session data … wherein performing the security protection comprises one of: … protecting second security of the session data using the second key based on …”, however, it is not clear how to perform the security protection using the second key if the obtained at least one key is the first key (note: for the limitation of “one of” term is necessary for only one (e.g., a first key) NOT both keys).
Claims 2-7, 9-14 and 16-20 depend from the claim 1, 8 or 15, and are analyzed and rejected accordingly.

Claims 3, 10 and 17 recite “… obtaining the at least one key comprises: deriving … an intermediate key based on … and generating … the at least one key based on …”, however, it is not clear whether the components (e.g., the intermediate key, the first parameter, the second parameter, etc.) used in obtaining the at least one key are the same for both the first key and the second key included in the claim 1 or not (or it is not clear how to define a boundary of the limitations (e.g., the first key, the second key – note: these keys are used in different functions, such as protecting a confidentiality and protecting an integrity).
Claims 7 and 14 recite “… according to claim 6 (or 13), wherein the security algorithm identifier is at least one of …”, however, it is not clear how to define the security algorithm identifier when a security algorithm identifier of the claim 6 or 13 is not selected as the second parameter (or omitting necessary component which cause the limitation unclear).  

Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale or otherwise available to the public before the effective filing date of the claimed invention.

Claims 1-6, 8-13 and 15-20 are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Chen et al. (US 7,913,289 B2).

As per claim 1, Chen teaches a security implementation method [see col. 3, lines 13-30], comprising:
obtaining, by a user equipment, a security policy of a session between the user equipment and an access network node, wherein the security policy indicates a protection mode of the session [figs. 1A, 1B, 2A; col. 3, lines 13-30; col. 4, lines 30-33; col. 5, lines 10-31; col. 7, lines 27-60 of Chen teaches obtaining, by a user equipment (e.g., the set-top box, STB), a security policy of a session between the user equipment and an access network node (e.g., the other system), wherein the security policy indicates a protection mode (e.g., a user mode to operate the security) of the session];
obtaining, by the user equipment, at least one key, wherein the at least one key comprises at least one of a first key based on a first security algorithm or a second key based on a second security algorithm [figs. 1A, 2A, 4; col. 3, lines 42-44; col. 6, lines 5-47; col. 7, lines 61-67 of Chen teaches obtaining, by the user equipment (e.g., the security processor 206 of the STB), at least one key (e.g., the generated keys), wherein the at least one key comprises at least one of a first key based on a first security algorithm or a second key based on a second security algorithm];
performing, by the user equipment based on the protection mode, security protection on session data of the session using the at least one key and based on the security policy to obtain protected data of the session [fig. 6; col. 7, lines 17-38, 61-67; col. 12, lines 9-13; col. 13, lines 1-65 of Chen teaches performing, by the user equipment based on the protection mode (e.g., the user mode), security protection on session data (e.g., the data obtained from the data memory) of the session using the at least one key and based on the security policy to obtain protected data (e.g., the output of the cipher block) of the session]; and
sending, by the user equipment, the protected data of the session to the access network node [figs. 2A, 3B; col. 4, lines 24-33; col. 5, lines 35-60 of Chen teaches sending, by the user equipment (e.g., the security processor of the STB), the protected data (e.g., the data through the security components) of the session to the access network node (e.g., the other system)], 
wherein performing the security protection comprises one of: protecting first security of the session data using the first key based on the first security algorithm; protecting second security of the session data using the second key based on the second security algorithm; or protecting the first security of the session data using the first key based on the first security algorithm and protecting the second security of the session data using the second key based on the second security algorithm [figs. 1A, 6; col. 3, lines 31-46; col. 12, lines 9-13; col. 13, lines 1-65 of Chen teaches wherein performing the security protection comprises one of: protecting first security of the session data using the first key based on the first security algorithm; protecting second security of the session data using the second key based on the second security algorithm; or protecting the first security of the session data using the first key based on the first security algorithm and protecting the second security of the session data using the second key based on the second security algorithm],
wherein protecting the first security of the session includes protecting a confidentiality of the session, and wherein protecting the second security of the session includes protecting an integrity of the session [col. 3, lines 13-30; col. 7, lines 39-60; col. 15, lines 64-67 of Chen teaches wherein protecting the first security of the session includes protecting a confidentiality of the session, and wherein protecting the second security of the session includes protecting an integrity of the session (e.g., providing the necessary confidentiality and integrity in the multimedia terminal)]. 

As per claim 2, Chen teaches the security implementation method according to claim 1. 
Chen further teaches wherein the security policy comprises a first bit and a second bit, wherein the first bit indicates whether the first security needs to be protected, and wherein the second bit indicates whether the second security needs to be protected [fig. 1A; col. 3, lines 13-42; col. 15, lines 4-28, 44-63 of Chen teaches wherein the security policy comprises a first bit and a second bit, wherein the first bit indicates whether the first security needs to be protected, and wherein the second bit indicates whether the second security needs to be protected (e.g., the control bits to maintain the confidentiality and integrity of the multimedia terminal)].

As per claim 3, Chen teaches the security implementation method according to claim 1. 
Chen further teaches wherein obtaining the at least one key comprises: deriving, by the user equipment, an intermediate key based on a first parameter and base keys; and generating, by the user equipment, the at least one key based on a second parameter and the intermediate key [fig. 4; col. 8, lines 60-67; col. 9, lines 1-65 of Chen teaches wherein obtaining the at least one key comprises: deriving, by the user equipment, an intermediate key (e.g., the output of the security block 1, etc.) based on a first parameter (e.g., the parameter set 1) and base keys (e.g., the key_0 – key_m); and generating, by the user equipment, the at least one key (e.g., the output of MUX_2) based on a second parameter (e.g., the parameter set 2) and the intermediate key (e.g., the output of the security block 1)].

As per claim 4, Chen teaches the security implementation method according to claim 3. 
Chen further teaches obtaining the base keys after successfully performing a bidirectional authentication between the user equipment and an authentication node [fig. 1A; col. 3, lines 42-44; col. 6, lines 17-30 of Chen teaches obtaining the base keys after successfully performing a bidirectional authentication (e.g., the second security layer for the key generation and authentication) between the user equipment and an authentication node (e.g., the memory data signature verification security component)].

As per claim 5, Chen teaches the security implementation method according to claim 3. 
Chen further teaches wherein the first parameter includes at least one of an identifier of the access network node, a non-access stratum (NAS) counter, a first sequence number for generating the intermediate key, a second sequence number of a packet, a nonce, a bearer identifier, a flow identifier, a policy set, or a slice identifier [fig. 4; col. 7, lines 20-26 of Chen teaches wherein the first parameter includes at least one of an identifier of the access network node, a non-access stratum (NAS) counter, a first sequence number for generating the intermediate key (e.g., the security block sequence number 1), a second sequence number of a packet, a nonce, a bearer identifier, a flow identifier (e.g., the capability list CAP(i)), a policy set, or a slice identifier].

As per claim 6, Chen teaches the security implementation method according to claim 3. 
Chen further teaches wherein the second parameter includes at least one of an air interface security policy identifier, a security algorithm identifier, a non-access stratum (NAS) counter, a nonce, an air interface resource identifier, an air interface bearer identifier, a flow identifier, a slice identifier, a policy set, or a session identifier [fig. 4; col. 7, lines 20-26 of Chen teaches wherein the second parameter includes at least one of an air interface security policy identifier, a security algorithm identifier, a non-access stratum (NAS) counter, a nonce, an air interface resource identifier, an air interface bearer identifier, a flow identifier (e.g., the capability list CAP(i)), a slice identifier, a policy set, or a session identifier].

Claims 8-13 are user equipment claims that correspond to the method claims 1-6, and are analyzed and rejected according. See fig. 2A for the components (e.g., a processor, a memory, etc.) of the user equipment.
Claims 15-20 are storage device claims that correspond to the method claims 1-6, and are analyzed and rejected according.

Allowable Subject Matter
Claims 7 and 14 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims and amended to overcome the 112(b) rejections stated above.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MAUNG T LWIN whose telephone number is (571)270-7845.  The examiner can normally be reached on Monday - Friday 10:00 am - 6:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached on 571-272-3739.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MAUNG T LWIN/Primary Examiner, Art Unit 2495