Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	EXAMINER’S NOTE: The claims have been reviewed and considered under the new guidance pursuant to the 2019 Revised Patent Subject Matter Eligibility Guidance (PEG 2019) issued January 7, 2019.
3.	This communication is in response to Applicant’s amendment filed on 01 August 2022. Claims 1-3, 5-6, 8-10, 13, 15, and 20 have been amended. Claims 1-20 remain pending. 

Response to Arguments
4.	Applicant’s arguments, see pages 10-12, filed 01 August 2022, with respect to the rejection of claims 1-20 under Kim (Pub No. 2018/0083972) have been fully considered, but they are not persuasive.
5.	In light of the previous 102 rejection, the Applicant contends that the cited prior art, Kim fail to disclose, suggest, or teach a scenario in which a control-plane function and a user-plane function entity are separated from each other, wherein the independent claims have been amended to specify that “a centralized unit control plane (CU-CP) sends a terminal security negotiation information comprising an integrity protection indication identifier of a centralized unit user plane (CU-UP) disposed in a separate entity than the CU-UP”.
The Examiner respectfully disagrees and asserts that Kim discloses in Figure 1, Table 1, and para. 69, the 3GPP system, a concept link that connects two functions existing at different entities of an E-UTRAN and an EPC wherein the S1-MMe is the control plane interface for the control plane and the S1-U is the user plane interface for the user plane. Kim discloses in Figure 2 and para. 72-76, the communication network is disposed to provide various communication services wherein the E-UTRAN is configured with eNBs divided into a control plane and a user plane protocol. The S1-U (user plane) is a separate entity located between the eNB and the serving gateway and the S1-MME (control plane) is a separate entity located between the eNB and the MME (mobility management function). Kim further discloses in Figure 4A and para. 82-83, the wireless protocol of a control plane and in Figure 4B and para. 88-89, the wireless protocol of a user plane, wherein the integrity protection of a control plane is included in the PDCP layer and the radio bearer is divided again into two signaling RB and data RB which is used as a path that transmits an RRC message at the control plane, and the DRB is used as a path that transmits user data at the user plane. Therefore, the control plane and user plane function entity are disclosed as separate from each other. 
5.	Therefore, the rejection of claims 1-20 will be maintained in view of the reasons above and below.


Claim Rejections - 35 USC § 102
6.	In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
7.	The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.


8.	Claims 1-20 is/are rejected under 35 U.S.C. 102(a)(1) as being anticipated by Kim (Pub No. 2018/0083972).
Referring to the rejection of claim 1, Kim discloses a security negotiation method implemented by a terminal, wherein the security negotiation method comprises:
receiving, by a terminal, security negotiation information from a centralized unit control plane (CU-CP), wherein the security negotiation information comprises an integrity protection indication identifier of a centralized unit user plane (CU-UP) disposed in a separate entity than the CU-UP; (See Kim, Fig. 1-2, Table 1, and para. 69, 72-76, 125-137)
Please note that in this example, a security algorithm negotiation is being performed from a control plane comprising integrity protection (RRC ciphering and integrity protection) of a user plane wherein an active UE and a serving network shall agree upon. The 3GPP system, a concept link that connects two functions existing at different entities of an E-UTRAN and an EPC wherein the S1-MMe is the control plane interface for the control plane and the S1-U is the user plane interface for the user plane. The communication network is disposed to provide various communication services wherein the E-UTRAN is configured with eNBs divided into a control plane and a user plane protocol. The S1-U (user plane) is a separate entity located between the eNB and the serving gateway and the S1-MME (control plane) is a separate entity located between the eNB and the MME (mobility management function).
and determining, by the terminal, based on the integrity protection indication identifier from the CU-UP, whether to enable user-plane integrity protection of the terminal. (See Kim, Fig. 4A-4B and para. 82-83, 88-89, 138-141)
Please note that in this example, based on the integrity protection the user plane ciphering shall be activated at the same time as the RRC ciphering and user plane integrity should be applied to a data radio bearer for integrity protection. The wireless protocol of a control plane and the wireless protocol of a user plane, wherein the integrity protection of a control plane is included in the PDCP layer and the radio bearer is divided again into two signaling RB and data RB which is used as a path that transmits an RRC message at the control plane, and the DRB is used as a path that transmits user data at the user plane. Therefore, the control plane and user plane function entity are disclosed as separate from each other.
Referring to the rejection of claim 2, Kim discloses wherein the security negotiation information further comprises a key generation parameter, wherein the security negotiation method further comprises generating, by the terminal, a user-plane integrity protection key of the CU-UP based on the key generation parameter, and wherein the key generation parameter comprises one or more of: 
an instance identifier; 
a CU-UP identifier; (See Kim, para. 74-75)
a distributed unit (DU) identifier; 
a data bearer identifier; 
a bearer identifier; (See Kim, para. 89)
a stream identifier; 
a session identifier; 
a slice identifier; 
a media access control (MAC) layer identifier; 
a Radio Resource Control (RRC) signaling counter; (See Kim, para. 89)
a frequency identifier; 
a cell identifier; 
a fresh parameter; 
a user-plane integrity protection algorithm type identifier length of the CU-UP; (See Kim, para. 319-320)
a user-plane integrity protection algorithm type identifier length of the CU-CP; 
a user-plane encryption protection type identifier length of the CU-UP; 
or a user-plane encryption protection type identifier length of the CU-CP. 
Referring to the rejection of claim 3, Kim discloses further comprising wherein before receiving the security negotiation information from the CU-CUP, the security negotiation method further comprises sending, by the terminal, a first session establishment request to a session management function (SMF) entity, (See Kim, para. 65 and 125-137) 
wherein determining whether to enable the user-plane integrity protection of the terminal comprises determining to enable session-based user-plane integrity protection of the terminal when the integrity protection indication identifier indicates that integrity protection of the CU-UP is enabled. (See Kim, para. 145 and 154)
Referring to the rejection of claim 4, Kim discloses wherein determining whether to enable the user-plane integrity protection of the terminal further comprises determining to enable the user-plane integrity protection of the terminal when the integrity protection indication identifier indicates that integrity protection of the CU-UP is enabled. (See Kim, para. 179)
Referring to the rejection of claim 5, Kim discloses wherein after determining to enable the user-plane integrity protection of the terminal, the security negotiation method further comprises sending, by the terminal, an integrity protection parameter to the CU-CP. (See Kim, para. 145)
Referring to the rejection of claim 6, Kim discloses wherein the security negotiation information further comprises an encryption protection indication identifier of the CU-UP, and wherein the security negotiation method further comprises: sending, by the terminal,  a first session establishment request to a session management function (SMF) entity; (See Kim, para. 65) and determining, by the terminal, based on the encryption protection indication identifier, whether to enable session-based encryption protection of the terminal. (See Kim, para. 145 and 154-155)
Referring to the rejection of claim 7, Kim discloses wherein determining whether to enable the user-plane integrity protection of the terminal comprises determining not to enable the user-plane integrity protection of the terminal when the integrity protection indication identifier indicates that integrity protection of the CU-UP is not enabled. (See Kim, para. 180-181 and 319-328)
Referring to the rejection of claim 8, Kim discloses wherein after determining not to enable the user-plane integrity protection of the terminal, the security negotiation method further comprises sending, by the terminal, a security negotiation response to the CU-CP, and wherein the security negotiation response comprises an integrity protection parameter and an indication identifier indicating that the user-plane integrity protection of the terminal is enabled. (See Kim, para. 180-181 and 319-328)
Referring to the rejection of claim 9, Kim discloses wherein receiving the security negotiation information comprises receiving, by the terminal, the security negotiation information via a Radio Resource Control (RRC) reconfiguration message, (See Kim, para. 79, 89, and 127-145) wherein the security negotiation information further comprises an encryption protection indication identifier of the CU-UP, and wherein the security negotiation method further comprises determining, by the terminal, based on the encryption protection indication identifier, whether to enable encryption protection of the terminal. (See Kim, para. 200-201)
Referring to the rejection of claim 10, Kim discloses a security negotiation method comprising: 
determining, by a centralized unit user plane (CU-UP), security negotiation information, wherein the security negotiation information comprises an integrity protection indication identifier of the CU-UP; (See Kim, para. 138-141)
Please note that in this example, based on the integrity protection the user plane ciphering shall be activated at the same time as the RRC ciphering and user plane integrity should be applied to a data radio bearer for integrity protection.
sending, by the CU-UP, the security negotiation information to a centralized unit control plane (CU-CP) disposed in a separate entity than the CU-UP; (See Kim, Fig. 1-2, Table 1, and para. 69, 72-76, 125-137)
Please note that in this example, a security algorithm negotiation is being performed from a control plane comprising integrity protection (RRC ciphering and integrity protection) of a user plane wherein an active UE and a serving network shall agree upon. The 3GPP system, a concept link that connects two functions existing at different entities of an E-UTRAN and an EPC wherein the S1-MMe is the control plane interface for the control plane and the S1-U is the user plane interface for the user plane. The communication network is disposed to provide various communication services wherein the E-UTRAN is configured with eNBs divided into a control plane and a user plane protocol. The S1-U (user plane) is a separate entity located between the eNB and the serving gateway and the S1-MME (control plane) is a separate entity located between the eNB and the MME (mobility management function).
and sending, by the CU-CP, the security negotiation information to a terminal. (See Kim, para. 145)
Please note that in this example, a security algorithm negotiation is being performed from a control plane comprising integrity protection (RRC ciphering and integrity protection) of a user plane wherein an active UE and a serving network shall agree upon. 

Referring to the rejection of claim 11, Kim discloses wherein the security negotiation information further comprises a key generation parameter, and wherein the key generation parameter comprises one or more of: 
an instance identifier; 
a CU-UP identifier; (See Kim, para. 74-75)
a distributed unit (DU) identifier; 
a data bearer identifier; 
a bearer identifier; (See Kim, para. 89)
a stream identifier; 
a session identifier; 
a slice identifier; 
a media access control (MAC) layer identifier; 
a Radio Resource Control (RRC) signaling counter; (See Kim, para. 89)
a frequency identifier; 
a cell identifier; 
a fresh parameter; 
a user-plane integrity protection algorithm type identifier length of the CU-UP; (See Kim, para. 319-320)
a user-plane integrity protection algorithm type identifier length of the CU-CP; 
a user-plane encryption protection type identifier length of the CU-UP; 
or a user-plane encryption protection type identifier length of the CU-CP. 
Referring to the rejection of claim 12, Kim discloses wherein the security negotiation information further comprises an encryption protection indication identifier of the CU-UP. (See Kim, para. 125-137)

Referring to the rejection of claim 13, Kim discloses a security negotiation apparatus comprising: 
a memory configured to store instructions; (See Kim, Fig. 12)
and a processor coupled to the memory, wherein the instructions cause the processor to be configured to: (See Kim, Fig. 12)
receive security negotiation information from a centralized unit control plane (CU-CP), wherein the security negotiation information comprises an integrity protection indication identifier of a centralized unit user plane (CU-UP) disposed in a separate entity; (See Kim, Fig. 1-2, Table 1, and para. 69, 72-76, 125-137)
Please note that in this example, a security algorithm negotiation is being performed from a control plane comprising integrity protection (RRC ciphering and integrity protection) of a user plane wherein an active UE and a serving network shall agree upon. The 3GPP system, a concept link that connects two functions existing at different entities of an E-UTRAN and an EPC wherein the S1-MMe is the control plane interface for the control plane and the S1-U is the user plane interface for the user plane. The communication network is disposed to provide various communication services wherein the E-UTRAN is configured with eNBs divided into a control plane and a user plane protocol. The S1-U (user plane) is a separate entity located between the eNB and the serving gateway and the S1-MME (control plane) is a separate entity located between the eNB and the MME (mobility management function).
and determine, based on the integrity protection indication identifier, from the CU-UP, whether to enable user-plane integrity protection of the security negotiation apparatus. (See Kim, Fig. 4A-4B and para. 82-83, 88-89, 138-141)
Please note that in this example, based on the integrity protection the user plane ciphering shall be activated at the same time as the RRC ciphering and user plane integrity should be applied to a data radio bearer for integrity protection. The wireless protocol of a control plane and the wireless protocol of a user plane, wherein the integrity protection of a control plane is included in the PDCP layer and the radio bearer is divided again into two signaling RB and data RB which is used as a path that transmits an RRC message at the control plane, and the DRB is used as a path that transmits user data at the user plane. Therefore, the control plane and user plane function entity are disclosed as separate from each other.
Referring to the rejection of claim 14, Kim discloses wherein the security negotiation information further comprises a key generation parameter, and wherein the key generation parameter comprises one or more of: 
an instance identifier; 
a CU-UP identifier; 
a distributed unit (DU) identifier; 
a data bearer identifier;
a bearer identifier; (See Kim, para. 74-75)
a stream identifier; 
a session identifier; 
a slice identifier; 
a media access control (MAC) layer identifier; 
a Radio Resource Control (RRC) signaling counter; (See Kim, para. 89)
a frequency identifier; 
a cell identifier; 
a fresh parameter; 
a user-plane integrity protection algorithm type identifier length of the CU-UP; (See Kim, para. 319-320)
a user-plane integrity protection algorithm type identifier length of the CU-CP; 
a user-plane encryption protection type identifier length of the CU-UP; 
or a user-plane encryption protection type identifier length of the CU-CP. 
Referring to the rejection of claim 15, Kim discloses wherein the instructions further cause the processor to be configured to: send a first session establishment request to a session management function (SMF) entity; (See Kim, para. 65) and determine to enable session-based user-plane integrity protection of the terminal when the integrity protection indication identifier indicates that integrity protection of the CU-UP is enabled. (See Kim, para. 145 and 154)
Referring to the rejection of claim 16, Kim discloses wherein the instructions further cause the processor to be configured to determine to enable the user-plane integrity protection of the terminal when the integrity protection indication identifier indicates that integrity protection of the CU-UP is enabled. (See Kim, para. 145 and 154-155
Referring to the rejection of claim 17, Kim discloses wherein the instructions further cause the processor to be configured to determine not to enable the user-plane integrity protection of the terminal when the integrity protection indication identifier indicates that integrity protection of the CU-UP is not enabled. (See Kim, para. 180-181 and 319-328)
Referring to the rejection of claim 18, Kim discloses wherein the instructions further cause the processor to be configured to send a security negotiation response to the CU-CP, and wherein the security negotiation response comprises an integrity protection parameter and an indication identifier indicating that the user-plane integrity protection of the terminal is enabled. (See Kim, para. 180-181 and 319-328)
Referring to the rejection of claim 19, Kim discloses wherein the security negotiation information further comprises an encryption protection indication identifier of the CU-UP, and wherein the instructions further cause the processor to be configured to determine, based on the encryption protection indication identifier, whether to enable encryption protection of the terminal. (See Kim, para. 200-201)
Referring to the rejection of claim 20, Kim discloses wherein the security negotiation information further comprises an encryption protection indication identifier of the CU-UP, and wherein the instructions further cause the processor to be configured to: send a first session establishment request to a session management function (SMF) entity; (See Kim, para. 65)
and determine based on the encryption protection indication identifier, whether to enable session-based encryption protection of the terminal. (See Kim, para. 145 and 154-155)


Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to COURTNEY D FIELDS whose telephone number is (571)272-3871. The examiner can normally be reached IFP M-F 8am-4:30pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, SHEWAYE GELAGAY can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/COURTNEY D FIELDS/Examiner, Art Unit 2436                                                                                                                                                                                                        November 4, 2022

/SHEWAYE GELAGAY/Supervisory Patent Examiner, Art Unit 2436