DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Election/Restrictions
Applicant’s election without traverse of claims 7-9, 16, and 17 in the reply filed on 10/17/2022 is acknowledged.  Applicant has added new claims 18-21 and canceled claims 1-6 and 10-15.  Claims 7-9 and 16-21 are now pending.
Priority
Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged.
Information Disclosure Statement
The information disclosure statements submitted on 5/21/2021 and 08/18/2022 have been considered by the Examiner and made of record in the application file.
Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

The claims in this application are given their broadest reasonable interpretation using the plain meaning of the claim language in light of the specification as it would be understood by one of ordinary skill in the art.  The broadest reasonable interpretation of a claim element (also commonly referred to as a claim limitation) is limited by the description in the specification when 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is invoked. 
As explained in MPEP § 2181, subsection I, claim limitations that meet the following three-prong test will be interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph:
(A)the claim limitation uses the term “means” or “step” or a term used as a substitute for “means” that is a generic placeholder (also called a nonce term or a non-structural term having no specific structural meaning) for performing the claimed function; 
(B)the term “means” or “step” or the generic placeholder is modified by functional language, typically, but not always linked by the transition word “for” (e.g., “means for”) or another linking word or phrase, such as “configured to” or “so that”; and 
(C)the term “means” or “step” or the generic placeholder is not modified by sufficient structure, material, or acts for performing the claimed function. 
Use of the word “means” (or “step”) in a claim with functional language creates a rebuttable presumption that the claim limitation is to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.  The presumption that the claim limitation is interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites sufficient structure, material, or acts to entirely perform the recited function. 
Absence of the word “means” (or “step”) in a claim creates a rebuttable presumption that the claim limitation is not to be treated in accordance with 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.  The presumption that the claim limitation is not interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, is rebutted when the claim limitation recites function without reciting sufficient structure, material or acts to entirely perform the recited function. 
Claim limitations in this application that use the word “means” (or “step”) are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office Action.  Conversely, claim limitations in this application that do not use the word “means” (or “step”) are not being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, except as otherwise indicated in an Office Action.

Claims 18 and 19 include claim limitations that use the word “means” (or “step”) and are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.  Such claim limitations are: “means for receiving a remote Subscriber Identity Module (SIM) provisioning object from a LwM2M server indicating that a SIM profile update for the LwM2M client computing device is available” and “means for downloading the SIM profile update in response to receiving the remote SIM provisioning object” in claim 18 and “means for receiving a SIM profile package from a Subscription Manager Data Preparation (SM-DP+) server in one or more additional remote SIM provisioning objects from the LwM2M server” in claim 19.
Because these claim limitations are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, they are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof.
A review of the specification shows that there is no corresponding structure described in the specification for the 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph limitations.  Applicant’s specification at paragraphs 0161, 0162, and 0167 of the published application disclose a processor performing the functional wording in claims 18 and 19, but Applicant’s specification appears to disclose no algorithm detailing how the functional wording is accomplished.
If Applicant does not intend to have these limitations interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, Applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.
Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 18 and 19 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement.  The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention.

Regarding claim 18, Applicant’s specification discloses no structure for the “means for receiving a remote Subscriber Identity Module (SIM) provisioning object from a LwM2M server indicating that a SIM profile update for the LwM2M client computing device is available” or “means for downloading the SIM profile update in response to receiving the remote SIM provisioning object”.

Regarding claim 19, Applicant’s specification discloses no structure for the “means for receiving a SIM profile package from a Subscription Manager Data Preparation (SM-DP+) server in one or more additional remote SIM provisioning objects from the LwM2M server”.

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the Applicant regards as his invention.


Claim limitation “means for receiving a remote Subscriber Identity Module (SIM) provisioning object from a LwM2M server indicating that a SIM profile update for the LwM2M client computing device is available” and “means for downloading the SIM profile update in response to receiving the remote SIM provisioning object” in claim 18 and “means for receiving a SIM profile package from a Subscription Manager Data Preparation (SM-DP+) server in one or more additional remote SIM provisioning objects from the LwM2M server” in claim 19 invoke 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph. However, the written description fails to disclose the corresponding structure, material, or acts for performing the entire claimed functions and to clearly link the structure, material, or acts to the functions.  The disclosure is devoid of any structure that performs the functions in the claim.  Therefore, the claims are indefinite and are rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph.
Applicant may:
(a)        Amend the claim so that the claim limitation will no longer be interpreted as a limitation under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph; 
(b)        Amend the written description of the specification such that it expressly recites what structure, material, or acts perform the entire claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(c)        Amend the written description of the specification such that it clearly links the structure, material, or acts disclosed therein to the function recited in the claim, without introducing any new matter (35 U.S.C. 132(a)).
If Applicant is of the opinion that the written description of the specification already implicitly or inherently discloses the corresponding structure, material, or acts and clearly links them to the function so that one of ordinary skill in the art would recognize what structure, material, or acts perform the claimed function, Applicant should clarify the record by either: 
(a)        Amending the written description of the specification such that it expressly recites the corresponding structure, material, or acts for performing the claimed function and clearly links or associates the structure, material, or acts to the claimed function, without introducing any new matter (35 U.S.C. 132(a)); or 
(b)        Stating on the record what the corresponding structure, material, or acts, which are implicitly or inherently set forth in the written description of the specification, perform the claimed function.  For more information, see 37 CFR 1.75(d) and MPEP §§ 608.01(o) and 2181.
Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.

Claims 20 and 21 are rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter.

Claims 20 and 21 claim a non-transitory processor-readable storage medium, however, the specification does not positively limit the non-transitory processor-readable storage medium to be statutory subject matter (see paragraph 0243, “Non-transitory computer-readable or processor-readable storage media may be any storage media that may be accessed by a computer or a processor.  By way of example but not limitation, such non-transitory computer-readable or processor-readable storage media may include RAM, ROM, EEPROM, FLASH memory, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage smart objects, or any other medium that may be used to store desired program code in the form of instructions or data structures and that may be accessed by a computer.”).  The definition in Applicant’s specification of “non-transitory processor-readable storage medium” expands the plain ordinary meaning of “non-transitory processor-readable storage medium” to encompass transitory storage media since the explicit definition in the specification defines non-transitory to encompass all storage media.  The rest of paragraph 0243 recites examples which are explicitly not-limiting.  Therefore, claims 20 and 21 are rejected under 35 U.S.C. 101, because a claim that covers both statutory and non-statutory embodiments (under the broadest reasonable interpretation of the claim when read in light of the specification and in view of one skilled in the art) embraces subject matter that is not eligible for patent protection and therefore is directed to non-statutory subject matter.  See the OG Notice titled "Subject Matter Eligibility of Computer Readable Media".
Claim Rejections - 35 USC § 102
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office Action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 7-9 and 16-21 are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Johansson et al. (U.S. Patent Application Publication No. 2020/0351656 A1) (as cited in Applicant’s ID, hereinafter Johansson).

Regarding claim 7, Johansson discloses a method for supporting remote Subscriber Identity Module (SIM) profile provisioning (Johansson et al. (U.S. Patent Application Publication No. 2020/0351656 A1) (hereinafter Johansson) - Figure 4 and paragraphs 0009, 0050, and 0101 disclose remote management of the eUICC and the subscriptions stored on it is provided such that users or device owners can change subscriptions for their devices and the new subscription data is provisioned onto the eUICC remotely.  For the consumer variant the end-user controls the switch between profiles instead of the operator/remote provisioning server as in the M2M variant.  This method allows the consumer variant of the GSMA RSP protocol to be used for provisioning of 3GPP profiles to communications devices 300 having either an eUICC or an iUICC.  The eUICC/iUICC might support functionality for remote provisioning of profiles according to GSMA RSP consumer variant), comprising:
receiving, by a processor of a Lightweight Machine-to-Machine (LwM2M) client computing device, a remote SIM provisioning object from a LwM2M server indicating that a SIM profile update for the LwM2M client computing device is available (Figure 6 and paragraphs 0104 and 0105  disclose the architecture 400′ of FIG. 6 comprises the proxy device 200 and the functionality of the LPA is split between the proxy device 200 (comprising the LPApr 200a, where the suffix pr indicates the LPA part that is part of the proxy device 200) and the communications device 300 (comprising the LPAdv 300a, where the suffix dv indicates the LPA part that is part of the communications device 300).  The functionality of the proxy device 200 might be implemented in the Management Server (MS) handling management of the communications device 300.  Paragraph 0013 discloses the constrained device is managed and configured via a Management Server (MS) using a dedicated management protocol such as LightweightM2M (LwM2M).  Figure 7 and paragraphs 0108, 0110, 0115, and 0116 disclose the transfer of messages between LPApr 200a and LPAdv 300a may utilize the LwM2M protocol.  Order new profile, download preparation, and response back to device owner: The device owner/user 410 contacts the MNO 420 and orders a new subscription.  Upon successful authentication, the SM-DP+ 430 determines the operation to be performed (based on the operation parameter or default value if not present).  In the present case the operation is profile download and the SM-DP+ provides signed profile metadata and a certificate (and possibly intermediate CA certificates chaining back to the root CA certificate) for profile binding as a response.  Prepare download: LPApr 200a sends prepare download request comprising the signed profile metadata and certificate (and possibly intermediate CA certificates) to the eUICC/iUICC that validates the signature and certificate(s).  The request may also include the hashed confirmation code.  Upon successful verification, the eUICC/iUICC generates an ephemeral EC key pair that is signed by the eUICC/iUICC (together with confirmation code hash and some additional data).  The signed data (including EC public key and hash of CC) and signature is sent to the LPApr 200a as a response.  Figure 11 and paragraph 0171 disclose, in terms of a number of functional units, the components of a communications device 300 according to an embodiment.  Processing circuitry 310 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 1310b (as in FIG. 13), e.g. in the form of a storage medium 330); and
downloading, by the processor of the LwM2M client computing device, the SIM profile update in response to receiving the remote SIM provisioning object (Figure 7 and paragraphs 0117 and 0118 disclose the BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  InstallBPP: The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks.  Upon complete successful profile download (or in case of error at any point) the eUICC/iUICC responds to the LPApr 200a with the ProfileInstallationResponse structure.  Figure 11 and paragraph 0171 disclose, in terms of a number of functional units, the components of a communications device 300 according to an embodiment.  Processing circuitry 310 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 1310b (as in FIG. 13), e.g. in the form of a storage medium 330).

Regarding claim 8, as applied to claim 7 above, Johansson further discloses wherein downloading the SIM profile update comprises: receiving, by the processor of the LwM2M client computing device, a SIM profile package from a Subscription Manager Data Preparation (SM-DP+) server in one or more additional remote SIM provisioning objects from the LwM2M server (Figure 7 and paragraphs 0117 and 0118 disclose the SM-DP+ 430 generates the SM-DP+ 430 ephemeral EC key pair, derives the session keys (e.g. using Diffie-Hellman key agreement) and creates a bound profile package (BPP) using the session keys.  The BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks).

Regarding claim 9, as applied to claim 8 above, Johansson further discloses wherein the LwM2M client computing device is an Internet of Things (IoT) device (Paragraph 0179 discloses the communications device 300 is a constrained device, such as an IoT device).

Regarding claim 16, Johansson discloses a Lightweight Machine-to-Machine (LwM2M) computing device (Figure 7 and paragraph 0108 disclose the transfer of messages between LPApr 200a and LPAdv 300a may utilize the LwM2M protocol), comprising:
a processor configured with processor-executable instructions (Figure 11 and paragraph 0171 disclose, in terms of a number of functional units, the components of a communications device 300 according to an embodiment.  Processing circuitry 310 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 1310b (as in FIG. 13), e.g. in the form of a storage medium 330) to:
receive a remote Subscriber Identity Module (SIM) provisioning object from a LwM2M server indicating that a SIM profile update for the LwM2M client computing device is available (Figure 6 and paragraphs 0104 and 0105  disclose the architecture 400′ of FIG. 6 comprises the proxy device 200 and the functionality of the LPA is split between the proxy device 200 (comprising the LPApr 200a, where the suffix pr indicates the LPA part that is part of the proxy device 200) and the communications device 300 (comprising the LPAdv 300a, where the suffix dv indicates the LPA part that is part of the communications device 300).  The functionality of the proxy device 200 might be implemented in the Management Server (MS) handling management of the communications device 300.  Paragraph 0013 discloses the constrained device is managed and configured via a Management Server (MS) using a dedicated management protocol such as LightweightM2M (LwM2M).  Figure 7 and paragraphs 0108, 0110, 0115, and 0116 disclose the transfer of messages between LPApr 200a and LPAdv 300a may utilize the LwM2M protocol.  Order new profile, download preparation, and response back to device owner: The device owner/user 410 contacts the MNO 420 and orders a new subscription.  Upon successful authentication, the SM-DP+ 430 determines the operation to be performed (based on the operation parameter or default value if not present).  In the present case the operation is profile download and the SM-DP+ provides signed profile metadata and a certificate (and possibly intermediate CA certificates chaining back to the root CA certificate) for profile binding as a response.  Prepare download: LPApr 200a sends prepare download request comprising the signed profile metadata and certificate (and possibly intermediate CA certificates) to the eUICC/iUICC that validates the signature and certificate(s).  The request may also include the hashed confirmation code.  Upon successful verification, the eUICC/iUICC generates an ephemeral EC key pair that is signed by the eUICC/iUICC (together with confirmation code hash and some additional data).  The signed data (including EC public key and hash of CC) and signature is sent to the LPApr 200a as a response); and
downloading, by the processor of the LwM2M client computing device, the SIM profile update in response to receiving the remote SIM provisioning object (Figure 7 and paragraphs 0117 and 0118 disclose the BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  InstallBPP: The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks.  Upon complete successful profile download (or in case of error at any point) the eUICC/iUICC responds to the LPApr 200a with the ProfileInstallationResponse structure).

Regarding claim 17, as applied to claim 16 above, Johansson further discloses receiving, by the processor of the LwM2M client computing device, a SIM profile package from a Subscription Manager Data Preparation (SM-DP+) server in one or more additional remote SIM provisioning objects from the LwM2M server (Figure 7 and paragraphs 0117 and 0118 disclose the SM-DP+ 430 generates the SM-DP+ 430 ephemeral EC key pair, derives the session keys (e.g. using Diffie-Hellman key agreement) and creates a bound profile package (BPP) using the session keys.  The BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks).

Regarding claim 18, Johansson discloses a Lightweight Machine-to-Machine (LwM2M) client computing device (Figure 7 and paragraph 0108 disclose the transfer of messages between LPApr 200a and LPAdv 300a may utilize the LwM2M protocol), comprising:
means for receiving a remote Subscriber Identity Module (SIM) provisioning object from a LwM2M server indicating that a SIM profile update for the LwM2M client computing device is available (Figure 6 and paragraphs 0104 and 0105  disclose the architecture 400′ of FIG. 6 comprises the proxy device 200 and the functionality of the LPA is split between the proxy device 200 (comprising the LPApr 200a, where the suffix pr indicates the LPA part that is part of the proxy device 200) and the communications device 300 (comprising the LPAdv 300a, where the suffix dv indicates the LPA part that is part of the communications device 300).  The functionality of the proxy device 200 might be implemented in the Management Server (MS) handling management of the communications device 300.  Paragraph 0013 discloses the constrained device is managed and configured via a Management Server (MS) using a dedicated management protocol such as LightweightM2M (LwM2M).  Figure 7 and paragraphs 0108, 0110, 0115, and 0116 disclose the transfer of messages between LPApr 200a and LPAdv 300a may utilize the LwM2M protocol.  Order new profile, download preparation, and response back to device owner: The device owner/user 410 contacts the MNO 420 and orders a new subscription.  Upon successful authentication, the SM-DP+ 430 determines the operation to be performed (based on the operation parameter or default value if not present).  In the present case the operation is profile download and the SM-DP+ provides signed profile metadata and a certificate (and possibly intermediate CA certificates chaining back to the root CA certificate) for profile binding as a response.  Prepare download: LPApr 200a sends prepare download request comprising the signed profile metadata and certificate (and possibly intermediate CA certificates) to the eUICC/iUICC that validates the signature and certificate(s).  The request may also include the hashed confirmation code.  Upon successful verification, the eUICC/iUICC generates an ephemeral EC key pair that is signed by the eUICC/iUICC (together with confirmation code hash and some additional data).  The signed data (including EC public key and hash of CC) and signature is sent to the LPApr 200a as a response); and
means for downloading the SIM profile update in response to receiving the remote SIM provisioning object (Figure 7 and paragraphs 0117 and 0118 disclose the BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  InstallBPP: The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks.  Upon complete successful profile download (or in case of error at any point) the eUICC/iUICC responds to the LPApr 200a with the ProfileInstallationResponse structure).

Regarding claim 19, as applied to claim 18 above, Johansson further discloses means for receiving a SIM profile package from a Subscription Manager Data Preparation (SM-DP+) server in one or more additional remote SIM provisioning objects from the LwM2M server (Figure 7 and paragraphs 0117 and 0118 disclose the SM-DP+ 430 generates the SM-DP+ 430 ephemeral EC key pair, derives the session keys (e.g. using Diffie-Hellman key agreement) and creates a bound profile package (BPP) using the session keys.  The BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks).

Regarding claim 20, Johansson discloses a non-transitory processor-readable storage medium having stored thereon processor-executable instructions to cause a processor of a Lightweight Machine-to-Machine (LwM2M) client computing device to perform operations (Figure 7 and paragraph 0108 disclose the transfer of messages between LPApr 200a and LPAdv 300a may utilize the LwM2M protocol.  Figure 11 and paragraph 0171 disclose, in terms of a number of functional units, the components of a communications device 300 according to an embodiment.  Processing circuitry 310 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 1310b (as in FIG. 13), e.g. in the form of a storage medium 330) comprising:
receiving a remote Subscriber Identity Module (SIM) provisioning object from a LwM2M server indicating that a SIM profile update for the LwM2M client computing device is available (Figure 6 and paragraphs 0104 and 0105  disclose the architecture 400′ of FIG. 6 comprises the proxy device 200 and the functionality of the LPA is split between the proxy device 200 (comprising the LPApr 200a, where the suffix pr indicates the LPA part that is part of the proxy device 200) and the communications device 300 (comprising the LPAdv 300a, where the suffix dv indicates the LPA part that is part of the communications device 300).  The functionality of the proxy device 200 might be implemented in the Management Server (MS) handling management of the communications device 300.  Paragraph 0013 discloses the constrained device is managed and configured via a Management Server (MS) using a dedicated management protocol such as LightweightM2M (LwM2M).  Figure 7 and paragraphs 0108, 0110, 0115, and 0116 disclose the transfer of messages between LPApr 200a and LPAdv 300a may utilize the LwM2M protocol.  Order new profile, download preparation, and response back to device owner: The device owner/user 410 contacts the MNO 420 and orders a new subscription.  Upon successful authentication, the SM-DP+ 430 determines the operation to be performed (based on the operation parameter or default value if not present).  In the present case the operation is profile download and the SM-DP+ provides signed profile metadata and a certificate (and possibly intermediate CA certificates chaining back to the root CA certificate) for profile binding as a response.  Prepare download: LPApr 200a sends prepare download request comprising the signed profile metadata and certificate (and possibly intermediate CA certificates) to the eUICC/iUICC that validates the signature and certificate(s).  The request may also include the hashed confirmation code.  Upon successful verification, the eUICC/iUICC generates an ephemeral EC key pair that is signed by the eUICC/iUICC (together with confirmation code hash and some additional data).  The signed data (including EC public key and hash of CC) and signature is sent to the LPApr 200a as a response); and
downloading the SIM profile update in response to receiving the remote SIM provisioning object (Figure 7 and paragraphs 0117 and 0118 disclose the BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  InstallBPP: The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks.  Upon complete successful profile download (or in case of error at any point) the eUICC/iUICC responds to the LPApr 200a with the ProfileInstallationResponse structure).

Regarding claim 21, as applied to claim 20 above, Johansson further discloses receiving a SIM profile package from a Subscription Manager Data Preparation (SM- DP+) server in one or more additional remote SIM provisioning objects from the LwM2M server (Figure 7 and paragraphs 0117 and 0118 disclose the SM-DP+ 430 generates the SM-DP+ 430 ephemeral EC key pair, derives the session keys (e.g. using Diffie-Hellman key agreement) and creates a bound profile package (BPP) using the session keys.  The BPP includes the SM-DP+ 430 ephemeral EC key pair, the encrypted and integrity protected profile, and a signature of the SM-DP+ 430 on the ephemeral EC public key.  The BPP is then provided as a response to the LPApr 200a.  The LPApr 200a triggers the installation of the BPP at the eUICC/iUICC.  The BPP may be provided in chunks (i.e. several calls of InstallBPP command).  The eUICC/iUICC parses the BPP, extracts the SM-DP+ 430 ephemeral EC public key (after verifying the SM-DP+ 430 signature), derives the session keys, verifies and decrypts the different BPP segments to obtain the UPP (short for unencrypted profile package), and parses the UPP to extract the profile data.  The BPP segments may thus come in several calls to InstallBPP that are decrypted and parsed in chunks).
Conclusion
The prior art made of record and not relied upon is considered pertinent to Applicant's disclosure.
Park et al. (U.S. Patent Application Publication No. 2016/0301529 A1) discloses a method and apparatus for managing a profile of a terminal in a wireless communication system;
Park et al. (U.S. Patent Application Publication No. 2018/0041601 A1) discloses a method and apparatus for receiving profile by terminal in mobile communication system;
Park et al. (U.S. Patent Application Publication No. 2018/0070224 A1) discloses a method and apparatus for downloading profile in wireless communication system;
Narasimhan et al. (U.S. Patent Application Publication No. 2018/0069581 A1) discloses update of a trusted name list;
Yang (U.S. Patent Application Publication No. 2019/0065749 A1) discloses secure element operating system update notification;
Yoon et al. (U.S. Patent Application Publication No. 2019/0075453 A1) discloses a method and apparatus for supporting transfer of profile between devices in wireless communication system;
Ullah et al. (U.S. Patent Application Publication No. 2019/0174299 A1) discloses a method enabling migration of a subscription;
Namiranian (U.S. Patent Application Publication No. 2019/0181901 A1) discloses a local profile assistant and application programming interface;
Kim et al. (U.S. Patent Application Publication No. 2019/0191298 A1) discloses a method for providing communication service using secure element and electronic device thereof;
Park et al. (U.S. Patent Application Publication No. 2019/0208405 A1) discloses a method and system for controlling UICC and eUICC;
Park et al. (U.S. Patent Application Publication No. 2019/0268765 A1) discloses a method and apparatus for managing a profile of a terminal in a wireless communication system;
Kim et al. (U.S. Patent Application Publication No. 2019/0281442 A1) discloses an electronic device and method for providing communication service based on subscriber identity information in electronic device;
Li et al. (U.S. Patent Application Publication No. 2019/0373471 A1) discloses server trust evaluation based authentication;
Lee et al. (U.S. Patent Application Publication No. 2019/0380026 A1) discloses a method and apparatus for installing and managing profile using message service;
Yu et al. (U.S. Patent Application Publication No. 2019/0394053 A1) discloses a method and system for updating certificate issuer public key, and related device; and
Anslot et al. (U.S. Patent Application Publication No. 2020/0015069 A1) discloses method for establishing a bidirectional communication channel between a server and a secure element, corresponding servers and secure element.

Any inquiry concerning this communication or earlier communications from the Examiner should be directed to MARK G. PANNELL whose telephone number is (303) 297-4245.  The Examiner can normally be reached on Monday through Friday 8:00 am to 3:00 pm (Mountain Time).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool.  To schedule an interview, Applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the Examiner by telephone are unsuccessful, the Examiner’s supervisor, Rafael Perez-Gutierrez can be reached on (571) 272-7915.  The fax phone number for the organization where this application or proceeding is assigned is (571) 273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair.  Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at (866) 217-9197 (toll-free).  If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call (800) 786-9199 (IN USA OR CANADA) or (571) 272-1000.






/Mark G. Pannell/Examiner, Art Unit 2642