DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Status of Claims
Claims 1-20 are pending.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 3, 6-7, 10-12, 14, 17-18 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yi et al (PGPUB 2015/0296414), and further in view of Kimba Dit Adamou et al (PGPUB 2021/0153021), hereinafter Kimba.

Regarding Claim 12: 
Yi teaches a communications device (abstract, wireless communication system and terminal), comprising: 
a processor (paragraph 81, processor), configured to perform integrity protection on to-be-sent data (paragraph 12, packet data convergence protocol (PDCP) layer performs security function including integrity protection), to generate a packet data convergence protocol (PDCP) data packet (paragraph 24, PDCP layer fixes proper header to ciphered data block to constitute PDCP PDU, and transfers to radio link control (RLC) layer), wherein the PDCP data packet comprises identification information and integrity protection information (paragraph 35, integrity protection at PDCP layer performed by calculating message authentication code-integrity (MAC-I) and appending to PDCP PDU; paragraph 69, if integrity protection is independently applied to each PDCP PDU, integrity protection indicator may be added or inserted to indicate whether or not the integrity protection is applied for each PDCP PDU; paragraph 76, if integrity protection is applied per PDU, the integrity protection indicator is added to the PDCP header to indicate whether the corresponding PDU is integrity protected or not (i.e. whether the MAC-I field is attached or not)), wherein the identification information comprises first identification information used to indicate that integrity protection is performed on data carried in the PDCP data packet (paragraph 76, if integrity protection is applied per PDU, the integrity protection indicator is added to the PDCP header to indicate whether the corresponding PDU is integrity protected or not (i.e. whether the MAC-I field is attached or not)), and wherein the integrity protection information is used to perform integrity check on the data carried in the PDCP data packet (paragraph 35, The PDCP layer of the receiving side, which has received the MAC-I, generates XMAC-I using the same input parameter as that used in the PDCP layer of the transmitting side; afterwards, XMAC-I is compared with MAC-I, and if two values are equal to each other, it is determined that the data have integrity); and 
a transceiver, configured to send the PDCP data packet (paragraph 81, transceiver to transmit or receive data; paragraph 15, PDCP entity transmits PDU to receiver side).
Yi does not explicitly teach wherein the identification information further comprises second identification information indicating a length of the integrity protection information.
However, Kimba teaches the concept wherein identification information further comprises second identification information indicating a length of integrity protection information (paragraph 40, receiving Packet Data Convergence Protocol (PDCP) control signaling; paragraph 145, header of the MAC PDU may include at least one of a first indication field indicating whether the UE is in a dual connectivity state, a second indication field indicating whether there is the MAC-I, a third indication field indicating a length of the MAC-I, a fourth indication field indicating a PDCP packet sequence number, and a reserved field; paragraph 151, as shown in FIG. 11, the third bit may be the third indication field (corresponding to L in FIG. 11); when L=1, it means that MAC-I has a length of 32 bits, and when L=0, it means that MAC-I has a length of 64 bits).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the MAC-I length field teachings of Kimba with the PDCP data packet integrity flag teachings of Yi, in order to allow a receiving device to successfully switch between protocol modes based on determining a length of the integrity information, thereby enabling use of more secure protocols involving longer integrity fields which reduce the possibility of MAC-I collisions.

Regarding Claim 14: 
Yi in view of Kimba teaches the communications device according to claim 12.  In addition, Yi teaches wherein the identification information is comprised in a reserved field in the PDCP data packet (paragraph 66-69, Fig. 10-11, Fig. 10 shows the configuration of the PDCP PDU without the integrity protection flag, including reserved bits R; Fig. 11 shows the integrity protection flag occupying the position of one of the previous reserved bits), or the identification information is comprised in a new field in the PDCP data packet.

Regarding Claim 17: 
Yi in view of Kimba teaches the communications device according to claim 12.  In addition, Yi teaches wherein the processor is specifically configured to: 
perform integrity protection on the to-be-sent data (paragraph 35, in an integrity protection procedure, parameters, such as COUNT based on PDCP SN, bearer which is ID value of RB, Direction having an uplink or downlink value, and integrity protection key (IK) exchanged between a user equipment and a network during RB establishment, are used; a specific code, i.e., MAC-I (Message Authentication Code-Integrity) is generated using the above parameters; paragraph 33, code varied depending on each packet is generated using a PDCP sequence number (SN) and added to each PDCP PDU header; paragraph 69, Fig. 11, PDCP PDU showing PDCP SN); or 
perform integrity protection on the to-be-sent data and the identification information.

Regarding Claims 1, 3, 6:
	These are the method claims corresponding to the communications device of claims 12, 14, 17, respectively, and are therefore rejected in a corresponding way.

Regarding Claim 18: 
Yi teaches a communications device (abstract, wireless communication system and terminal), comprising: 
a transceiver (paragraph 81, transceiver to transmit or receive data; paragraph 15, PDCP entity transmits PDU to receiver side), configured to receive a packet data convergence protocol (PDCP) data packet (paragraph 15, receiver side processes PDCP PDU received from transmitter side); and 
a processor (paragraph 81, processor), configured to: if the PDCP data packet comprises identification information and integrity protection information (paragraph 35, integrity protection at PDCP layer performed by calculating message authentication code-integrity (MAC-I) and appending to PDCP PDU; paragraph 69, if integrity protection is independently applied to each PDCP PDU, integrity protection indicator may be added or inserted to indicate whether or not the integrity protection is applied for each PDCP PDU; paragraph 76, if integrity protection is applied per PDU, the integrity protection indicator is added to the PDCP header to indicate whether the corresponding PDU is integrity protected or not (i.e. whether the MAC-I field is attached or not)), perform, based on the identification information and the integrity protection information, integrity check on data carried in the PDCP data packet (paragraph 76, if integrity protection is applied per PDU, the integrity protection indicator is added to the PDCP header to indicate whether the corresponding PDU is integrity protected or not (i.e. whether the MAC-I field is attached or not); paragraph 69, for example, if the integrity protection indicator is set to a ‘True’ for a corresponding PDU, the receiving side PDCP may apply the integrity protection for the corresponding PDU), wherein the identification information comprises first identification information used to indicate that integrity protection is performed on the data carried in the PDCP data packet (paragraph 69, for example, if the integrity protection indicator is set to a ‘True’ for a corresponding PDU, the receiving side PDCP may apply the integrity protection for the corresponding PDU), and wherein the integrity protection information is used to perform integrity check on the data carried in the PDCP data packet (paragraph 35, The PDCP layer of the receiving side, which has received the MAC-I, generates XMAC-I using the same input parameter as that used in the PDCP layer of the transmitting side; afterwards, XMAC-I is compared with MAC-I, and if two values are equal to each other, it is determined that the data have integrity).
Yi does not explicitly teach wherein the identification information further comprises second identification information indicating a length of the integrity protection information.
However, Kimba teaches the concept wherein identification information further comprises second identification information indicating a length of integrity protection information (paragraph 40, receiving Packet Data Convergence Protocol (PDCP) control signaling; paragraph 145, header of the MAC PDU may include at least one of a first indication field indicating whether the UE is in a dual connectivity state, a second indication field indicating whether there is the MAC-I, a third indication field indicating a length of the MAC-I, a fourth indication field indicating a PDCP packet sequence number, and a reserved field; paragraph 151, as shown in FIG. 11, the third bit may be the third indication field (corresponding to L in FIG. 11); when L=1, it means that MAC-I has a length of 32 bits, and when L=0, it means that MAC-I has a length of 64 bits).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the MAC-I length field teachings of Kimba with the PDCP data packet integrity flag teachings of Yi, in order to allow a receiving device to successfully switch between protocol modes based on determining a length of the integrity information, thereby enabling use of more secure protocols involving longer integrity fields which reduce the possibility of MAC-I collisions.

Regarding Claim 7:
	This is the method claim corresponding to the communications device of claim 18, and is therefore rejected in a corresponding way.

Regarding Claim 10: 
Yi in view of Kimba teaches the method according to claim 7.  In addition, Yi teaches wherein the identification information is comprised in a reserved field in the PDCP data packet (paragraph 66-69, Fig. 10-11, Fig. 10 shows the configuration of the PDCP PDU without the integrity protection flag, including reserved bits R; Fig. 11 shows the integrity protection flag occupying the position of one of the previous reserved bits), or the identification information is comprised in a new field in the PDCP data packet.

Regarding Claim 11: 
Yi in view of Kimba teaches the method according to claim 7.  In addition, Yi teaches wherein the performing integrity check on data carried in the PDCP data packet comprises: 
performing integrity check on the data carried in the PDCP data packet (paragraph 35, The PDCP layer of the receiving side, which has received the MAC-I, generates XMAC-I using the same input parameter as that used in the PDCP layer of the transmitting side; afterwards, XMAC-I is compared with MAC-I, and if two values are equal to each other, it is determined that the data have integrity); or 
performing integrity check on the data carried in the PDCP data packet and the identification information.

Claims 2, 9, 13, 20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yi in view of Kimba, and further in view of Chitrakar et al (PGPUB 2020/0245137).

Regarding Claim 13: 
Yi in view of Kimba teaches the communications device according to claim 12.  
Neither Yi nor Kimba explicitly teaches wherein the identification information further comprises third identification information, wherein the third identification information indicates a length of a key used to generate the integrity protection information.
However, Chitrakar teaches the concept wherein identification information further comprises third identification information, wherein the third identification information indicates a length of a key used to generate integrity protection information (paragraph 59, security element carries security parameters that contain information regarding the secret keys to be used by a station; key len field indicates length of wrapped key field containing group temporal key or integrity group temporal key; paragraph 105, access point uses temporal key portion of group key GTK or IGTK as input to cryptographic algorithm to obtain message integrity code (MIC)).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the key length field teachings of Chitrakar with the PDCP data packet integrity flag teachings of Yi in view of Kimba, with the benefit of improving system security and integrity by providing a means for a receiving system to verify that the entirety of a key had been received without damage or loss of information during transmission, and further use said key to verify the integrity of future packets.

Regarding Claim 20: 
Yi in view of Kimba teaches the communications device according to claim 18.  
Neither Yi nor Kimba explicitly teaches wherein the identification information further comprises third identification information, wherein the third identification information indicates a length of a key used to generate the integrity protection information.
However, Chitrakar teaches the concept wherein identification information further comprises third identification information, wherein the third identification information indicates a length of a key used to generate integrity protection information (paragraph 59, security element carries security parameters that contain information regarding the secret keys to be used by a station; key len field indicates length of wrapped key field containing group temporal key or integrity group temporal key; paragraph 105, access point uses temporal key portion of group key GTK or IGTK as input to cryptographic algorithm to obtain message integrity code (MIC)).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the key length field teachings of Chitrakar with the PDCP data packet integrity flag teachings of Yi in view of Kimba, with the benefit of improving system security and integrity by providing a means for a receiving system to verify that the entirety of a key had been received without damage or loss of information during transmission, and further use said key to verify the integrity of future packets.
Regarding Claims 2 and 9:
	These are the method claims corresponding to the communications device of claims 13 and 20 respectively, and are therefore rejected in a corresponding way.

Claims 4-5, 15-16 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yi in view of Kimba, and further in view of Torvinen et al (PGPUB 2020/0100101).

Regarding Claim 15: 
Yi in view of Kimba teaches the communications device according to claim 12.  
Neither Yi nor Kimba explicitly teaches wherein the processor is further configured to: 
determine, based on an integrity protection determining policy, that a type of the to-be-sent data is a type of data on which integrity protection needs to be performed.
However, Torvinen teaches the concept wherein a processor is further configured to: 
determine, based on an integrity protection determining policy, that a type of to-be-sent data is a type of data on which integrity protection needs to be performed (abstract, protocol data unit (PDU) session establishment; paragraph 84, encryption and integrity protection feature in protection layer realized by PDCP protocol; paragraph 179, the session management function (SMF) communicates to the Core Access and Mobility Management Function (AMF) a session management (SM) Request Acknowledgement message that includes a policy for security protection of user plane (UP) data terminating in a radio access network (RAN) (block 1114A of FIG. 11A); the policy may indicate whether integrity protection and/or encryption shall be used or not for data sent on all radio bearers serving the PDU Session (block 1116A); the SM Request Ack message received at the AMF may include an indication whether encryption protection for UP data terminating in the RAN and/or integrity protection for UP data terminating in the RAN is to be used (block 1012A) and/or whether integrity protection and/or encryption shall be used or not for data sent on all radio bearers serving the PDU Session).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the distributed policy teachings of Torvinen with the PDCP data packet integrity flag teachings of Yi in view of Kimba, in order to rapidly apply a network security policy across multiple devices, providing the ability to quickly adapt to changing security circumstances such as newly detected attacks or exploits, or increased/decreased network congestion.

Regarding Claim 16: 
Yi in view of Kimba and Torvinen teaches the communications device according to claim 15.  In addition, Torvinen teaches wherein 
the integrity protection determining policy is a locally prestored determining policy; or 
the integrity protection determining policy is received by the transceiver from another device in a communications system (paragraph 179, the session management function (SMF) communicates to the Core Access and Mobility Management Function (AMF) a session management (SM) Request Acknowledgement message that includes a policy for security protection of user plane (UP) data terminating in a radio access network (RAN) (block 1114A of FIG. 11A); the policy may indicate whether integrity protection and/or encryption shall be used or not for data sent on all radio bearers serving the PDU Session (block 1116A); the SM Request Ack message received at the AMF may include an indication whether encryption protection for UP data terminating in the RAN and/or integrity protection for UP data terminating in the RAN is to be used (block 1012A) and/or whether integrity protection and/or encryption shall be used or not for data sent on all radio bearers serving the PDU Session; paragraph 182, the network node (for example the AMF) communicates the received policy for security protection of UP data terminating in a RAN to a RAN node); or 
the integrity protection determining policy is determined by the processor based on at least one determining policy, wherein the at least one determining policy comprises at least one of the following: a locally prestored determining policy and a determining policy prestored in another device in a communications system.
The rationale to combine Yi and Torvinen is the same as provided for claim 15 due to the overlapping subject matter between claims 15 and 16.

Regarding Claims 4-5:
	These are the method claims corresponding to the communications device of claims 15-16, respectively, and are therefore rejected in a corresponding way.

Claims 8, 19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yi in view of Kimba, and further in view of Yang (PGPUB 2020/0169888).

Regarding Claim 19: 
Yi in view of Kimba teaches the communications device according to claim 18.
Neither Yi nor Kimba explicitly teaches wherein the processor is further configured to 
determine a sending time window, wherein the sending time window is used to indicate that integrity protection needs to be performed on data that is sent to a first device within the sending time window, and the first device is a device sending the PDCP data packet.
However, Yang teaches the concept wherein a processor is further configured to 
determine a sending time window, wherein the sending time window is used to indicate that integrity protection needs to be performed on data that is sent to a first device within the sending time window, and the first device is a device sending the PDCP data packet (paragraph 50, when the base station sends the configuration information for integrity protection to the terminal, the configuration information for integrity protection may indicate the number of Packet Data Convergence Protocol (PDCP) Protocol Data Units (PDUs) or Service Data Units (SDUs) which are transmitted on the at least one transmission resource and need integrity protection, or a duration of performing the integrity protection, so that the integrity protection is more flexible; the configuration information for integrity protection indicates that the duration of performing the integrity protection on the PDCP PDUs transmitted on one transmission resource is 1 s; when the terminal transmits the service data, the integrity protection may be performed in 1 s while the integrity protection is not needed to be performed on other periods of time).
It would have been obvious to one or ordinary skill in the art before the effective filing date of the claimed invention to combine the time-based integrity protection teachings of Yang with the PDCP data packet integrity flag teachings of Yi in view of Kimba, with the benefit of allowing a terminal to configure integrity protection for a limited duration, thus providing more flexibility (Yang, paragraph 50), and reducing network overhead by disabling protection during periods when it was no longer necessary.

Regarding Claim 8:
	This is the method claim corresponding to the communications device of claim 19, and is therefore rejected in a corresponding way.

Response to Arguments
Applicant's arguments filed 7/27/2022 have been fully considered but they are not persuasive.

Regarding the Prior Art Rejections:
Applicant’s arguments consist of the mere assertion that the prior art of record does not teach or suggest the amended claim features.  However, a new ground(s) for rejection is provided above which does teach the additional features, as added by amendment.

Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to FORREST L CAREY whose telephone number is (571)270-7814. The examiner can normally be reached 9:00AM-5:30PM M-F.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FORREST L CAREY/Examiner, Art Unit 2491                                                                                                                                                                                                        


/ASHOKKUMAR B PATEL/Supervisory Patent Examiner, Art Unit 2491