Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
This Office Action is in response to the Amendment filed on 09/01/2022.
In the instant Amendment, claims 21-22 have been added; claims 1, 3, 7, 10, and 18 have been amended; and claims 1, 10, and 18 are independent claims. Claims 1-22 have been examined and are pending. This Action is made Final
Response to Arguments
Applicant’s arguments, see Remarks page 7, filed 09/01/22, with respect to the rejection(s) of claim(s) 1-20 under 103 have been fully considered and are persuasive.  Therefore, the rejection has been withdrawn. However, upon further consideration, a new ground(s) of rejection is made in view of Tsiatsis et al. (U.S. 20210392495 A1), in view of Ferdi et al. (U.S. 20210289351 A1), and in view Kim (U.S Application 20200169877) necessitated by the claim’s amendment.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-5, 9-14, and 18-22 are rejected under 35 U.S.C. 103 as being unpatentable over Tsiatsis et al. (U.S. 20210392495 A1; Hereinafter “Tsiatsis”), in view of Ferdi et al. (U.S. 20210289351 A1; Hereinafter “Ferdi”).
Regarding claim 1, Tsiatsis teaches an apparatus comprising: at least one processor (Tsiatsis: Para [0211] fig. 21“. The level of integration between the components can vary from one UE to another UE. Further, certain UEs can contain multiple instances of a component, such as multiple processors, memories, transceivers, transmitters, receivers, etc.”); and
at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to(Tsiatsis: para[0211], “UE 2100 includes processing circuitry 2101 that is operatively coupled to input/output interface 2105, radio frequency (RF) interface 2109, network connection interface 2111, memory 2115 including random access memory (RAM) 2117, read-only memory (ROM) 2119, and storage medium 2121 or the like,”): 
receive a request for identification information for user equipment from an entity external to a communication network to which the apparatus belongs (Tsiatsis: para[0138],“. In operations 2-3, the AF selects AAnF based on HPLM ID associated with the GPSI (e.g., included in B-TID) and sends the selected AAnF a request for Kaf to use in the application session with the UE”);
generate a secure identifier(Kaf) for the user equipment, (Tsiatsis: para [0140],“AAnF generates Kaf based on Kakma received from AUSF”, para[0087], “Kaf: application key derived by ME and AAnF from K.sub.AKMA and used by UE and the Application to securely exchange application data.”),
 wherein the secure identifier comprises an encrypted form of a public subscription identifier associated with the user equipment, the public subscription identifier being distinct from a corresponding subscription permanent identifier of the user equipment (Tsiatsis: para[0136-0137], “the AKMA binding information registered in operation 0a could be a hash of the above-mentioned parameters, which can increase privacy for AUSF… The AUSF also generates a binding identifier B-TID, which can include KakmaID, AKMA binding information (e.g., from operation 0a), and UE identifier(s) (e.g., GPSI).”); 
send the secure identifier to the external entity (Tsiatsis: para[0140],“provides Kaf to the AF”).
Tsiatsis does not explicitly teach receive the secure identifier in a subsequent request from the external entity; and utilize the received secure identifier to confirm the received secure identifier corresponds to the user equipment.
In an analogous art, Ferdi teaches receive the secure identifier in a subsequent request from the external entity (Ferdi:[0059] “At step 7, the initial AMF may include in a Registration Accept message the Allowed NSSAI and may indicate to the UE that the UE is authorized to send confidential NSSAI the AMF may have withheld from the initial Registration message in a subsequent Registration Update. Such an indication may comprise, for example, a flag, a timer (e.g., a TAU timer), or both.”);
and utilize the received secure identifier to confirm the received secure identifier corresponds to the user equipment (Ferdi: [0060-0061] “At step 8, the UE may confirm to the initial AMF the assignment of the new 5G-GUTI”, para [0077], “By using a cryptographic hash of a temporary id (e.g., 5G-S-TMSI) in the paging message, the UE may match against a hash computed from the one that was assigned to the UE during registration (e.g., 5G-GUTI) in a manner more efficient than using decryption.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching of Ferdi into the apparatus of Tsiatsis to include receive the secure identifier in a subsequent request from the external entity; and utilize the received secure identifier to confirm the received secure identifier corresponds to the user equipment because it will help determine whether identifications received from a home network are accurate information,  and will improve the reliability and accuracy of a procedure performed in the network (Ferdi: para [0126]).
Regarding claim 2, Tsiatsis in view of Ferdi teaches the independent claim 1. Ferdi teaches wherein generating the secure identifier for the user equipment further comprises: generating a hash value by hashing the public subscription identifier with an identifier of the external entity and one or more of a time duration for which the secure identifier remains valid and a random number (Ferdi: para [0078], “During NAS Security Setup, the UE and AMF may derive a session key, K.sub.hash_tempid, for the purpose of applying a cryptographic hash on the UE temporary id. When the AMF allocates a new 5G-GUTI to the UE during Registration, the UE may apply a cryptographic hash (e.g., using SHA-2 with the K.sub.hash_tempid as the secret key and the current NAS UL Count as a salt) on the 5G-S-TMSI and save the hash.”); and
encrypting the hash value with a cryptographic key corresponding to a key identifier (Ferdi: para [0076-0078], “Encrypting the 5G-S-TMSI (e.g., using the UE/AMF symmetric key derived from the NAS master key or using a PLMN public-private key pair) may provide anonymity, but may require additional overhead in processing and secure public key distribution if using asymmetric encryption. Using a cryptographic function for encryption may provide more protection than is necessary because the UE may only n”);).
Regarding claim 3, Tsiatsis in view of Ferdi teaches the dependent claim 2. Ferdi teaches wherein the instruction when executed by the at least one processor,, further cause the apparatus to operate in a stateless manner by storing the cryptographic key corresponding to the key identifier (Ferdi: [0074] “, the UE may obviate the need to send specific privacy sensitive S-NSSAI indicators, and the specific requirements may be stored in the UE subscription data held by the HPLMN and provided as supplementary information to the PLMN during the registration procedure flow.”).
Regarding claim 4, Tsiatsis in view of Ferdi teaches the dependent claim 3. Tsiatsis additionally teaches wherein the apparatus sends the key identifier and time duration along with the secure identifier to the external entity (Tsiatsis: para[0137] “the UE runs a primary authentication with the network. Kakma and KakmaID are generated and stored in UE and AUSF. The AUSF also generates a binding identifier B-TID, which can include KakmaID, AKMA binding information (e.g., from operation 0a), and UE identifier(s) (e.g., GPSI). The AUSF calls the existing service operation Nudm_UEAuthentication_ResultConfirmation to inform UDM about the authentication result including SUPI, AUSF ID, Serving Network Name, authentication Type, and timestamp information.”).
Regarding claim 5, Tsiatsis in view of Ferdi teaches the dependent claim 4. Ferdi teaches wherein the apparatus receives the key identifier and time duration along with the secure identifier from the external entity together with the subsequent request (Ferdi: para [0059], “ the initial AMF may include in a Registration Accept message the Allowed NSSAI and may indicate to the UE that the UE is authorized to send confidential NSSAI the AMF may have withheld from the initial Registration message in a subsequent Registration Update. Such an indication may comprise, for example, a flag, a timer (e.g., a TAU timer), or both”).
Regarding claim 9, Tsiatsis in view of Ferdi teaches the independent claim 1. Tsiatsis teaches wherein the apparatus is part of a network exposure function (Tsiatsis: Para[0011], “ Moreover, the AMFs 340a,b can communicate with one or more policy control functions (PCFs, e.g., PCFs 350a,b) and network exposure functions (NEFs, e.g., NEFs 360a,b). The AMFs, UPFs, PCFs, and NEFs are described further below.”, para [0021] “Network Exposure Function (NEF) with Nnef interface”).
Regarding claim 10, Tsiatsis teaches a method comprising: receiving, at a network entity, a request for identification information for user equipment from an entity external to a communication network to which the network entity belongs(Tsiatsis: para[0138],“ In operations 2-3, the AF selects AAnF based on HPLM ID associated with the GPSI (e.g., included in B-TID) and sends the selected AAnF a request for Kaf to use in the application session with the UE”);
generating, at the network entity, a secure identifier for the user equipment (Tsiatsis: para [0140],“AAnF generates Kaf based on Kakma received from AUSF”, para[0087], “Kaf: application key derived by ME and AAnF from K.sub.AKMA and used by UE and the Application to securely exchange application data.”),
 wherein the secure identifier comprises an encrypted form of a public subscription identifier associated with the user equipment, the public subscription identifier being distinct from a corresponding subscription permanent identifier of the user equipment (Tsiatsis: para[0136-0137], “the AKMA binding information registered in operation 0a could be a hash of the above-mentioned parameters, which can increase privacy for AUSF… The AUSF also generates a binding identifier B-TID, which can include KakmaID, AKMA binding information (e.g., from operation 0a), and UE identifier(s) (e.g., GPSI).”); 
sending, from the network entity, the secure identifier to the external entity(Tsiatsis: para[0140],“provides Kaf to the AF”).
Tsiatsis does not explicitly teach receiving, at the network entity, the secure identifier in a subsequent request from the external entity; and utilizing, at the network entity, the received secure identifier to confirm the received secure identifier corresponds to the user equipment.
In an analogous art, Ferdi teaches receiving, at the network entity, the secure identifier in a subsequent request from the external entity(Ferdi:[0059] “At step 7, the initial AMF may include in a Registration Accept message the Allowed NSSAI and may indicate to the UE that the UE is authorized to send confidential NSSAI the AMF may have withheld from the initial Registration message in a subsequent Registration Update. Such an indication may comprise, for example, a flag, a timer (e.g., a TAU timer), or both.”);and 
utilizing, at the network entity, the received secure identifier to confirm the received secure identifier corresponds to the user equipment (Ferdi: [0060-0061] “At step 8, the UE may confirm to the initial AMF the assignment of the new 5G-GUTI”, para [0077], “By using a cryptographic hash of a temporary id (e.g., 5G-S-TMSI) in the paging message, the UE may match against a hash computed from the one that was assigned to the UE during registration (e.g., 5G-GUTI) in a manner more efficient than using decryption.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching of Ferdi into the apparatus of Tsiatsis to include receive the secure identifier in a subsequent request from the external entity; and utilize the received secure identifier to confirm the received secure identifier corresponds to the user equipment because it will help determine whether identifications received from a home network are accurate information,  and will improve the reliability and accuracy of a procedure performed in the network (Ferdi: para [0126]).
Regarding claim 11, claim 11 is rejected under the same rational as claim 2.
Regarding claim 12, claim 12 is rejected under the same rational as claim 3.
Regarding claim 13, claim 13 is rejected under the same rational as claim 4.
Regarding claim 14, claim 14 is rejected under the same rational as claim 5.
Regarding claim 18,  Tsiatsis teaches an article of manufacture comprising a non-transitory computer-readable storage medium having embodied therein executable program code that when executed by a processor causes the processor to perform the steps of (Tsiatsis :para[0217], “An article of manufacture, such as one utilizing a communication system can be tangibly embodied in storage medium 2121, which can comprise a device readable medium.”): 
receiving, at a network entity, a request for identification information for user equipment from an entity external to a communication network to which the network entity belongs(Tsiatsis: para[0138],“ In operations 2-3, the AF selects AAnF based on HPLM ID associated with the GPSI (e.g., included in B-TID) and sends the selected AAnF a request for Kaf to use in the application session with the UE”);
generating, at the network entity, a secure identifier for the user equipment (Tsiatsis: para [0140],“AAnF generates Kaf based on Kakma received from AUSF”, para[0087], “Kaf: application key derived by ME and AAnF from K.sub.AKMA and used by UE and the Application to securely exchange application data.”),
 wherein the secure identifier comprises an encrypted form of a public subscription identifier associated with the user equipment, the public subscription identifier being distinct from a corresponding subscription permanent identifier of the user equipment (Tsiatsis: para[0136-0137], “the AKMA binding information registered in operation 0a could be a hash of the above-mentioned parameters, which can increase privacy for AUSF… The AUSF also generates a binding identifier B-TID, which can include KakmaID, AKMA binding information (e.g., from operation 0a), and UE identifier(s) (e.g., GPSI).”); 
sending, from the network entity, the secure identifier to the external entity(Tsiatsis: para[0140],“provides Kaf to the AF”).
Tsiatsis does not explicitly teach receiving, at the network entity, the secure identifier in a subsequent request from the external entity; and utilizing, at the network entity, the received secure identifier to confirm the received secure identifier corresponds to the user equipment.
In an analogous art, Ferdi teaches receiving, at the network entity, the secure identifier in a subsequent request from the external entity(Ferdi:[0059] “At step 7, the initial AMF may include in a Registration Accept message the Allowed NSSAI and may indicate to the UE that the UE is authorized to send confidential NSSAI the AMF may have withheld from the initial Registration message in a subsequent Registration Update. Such an indication may comprise, for example, a flag, a timer (e.g., a TAU timer), or both.”);and 
utilizing, at the network entity, the received secure identifier to confirm the received secure identifier corresponds to the user equipment (Ferdi: [0060-0061] “At step 8, the UE may confirm to the initial AMF the assignment of the new 5G-GUTI”, para [0077], “By using a cryptographic hash of a temporary id (e.g., 5G-S-TMSI) in the paging message, the UE may match against a hash computed from the one that was assigned to the UE during registration (e.g., 5G-GUTI) in a manner more efficient than using decryption.”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching of Ferdi into the apparatus of Tsiatsis to include receive the secure identifier in a subsequent request from the external entity; and utilize the received secure identifier to confirm the received secure identifier corresponds to the user equipment because it will help determine whether identifications received from a home network are accurate information,  and will improve the reliability and accuracy of a procedure performed in the network (Ferdi: para [0126]).
Regarding claim 19, claim 19 is rejected under the same rational as claim 2.
Regarding claim 20, claim 20 is rejected under the same rational as claim 3.
Regarding claim 21, Tsiatsis in view of Ferdi teaches the independent claim 1. Tsiatsis additionally teaches wherein the communication system comprises a 5G communication system, and wherein the public subscription identifier comprises a Generic Public Subscription Identifier (GPSI) (Tsiatsis: Para[0035], “ For example, the second identifier can be any one of the following: HPLMN ID and user equipment routing identifier (RID); subscription concealed identifier (SUCI); subscription permanent identifier (SUPI); or generic public subscription identifier (GPSI).”).
Regarding claim 22, Tsiatsis in view of Ferdi teaches the independent claim 1. Ferdi teaches wherein the public subscription identifier comprises one of: a Mobile Subscriber Integrated Services Digital Network (MSISDN) number; and an external identifier that identifies a subscription associated to an International Mobile Subscriber Identity (IMSI) (Ferdi: Para[0131], “ A WTRU or UE may refer to an identity of the physical device, or to the user's identity such as subscription related identities, e.g., MSISDN, SIP URI, etc. WTRU (UE) may refer to application-based identities, e.g., user names that may be used per application”).
Claims 6-8, and 15-17 are rejected under 35 U.S.C. 103 as being unpatentable over Tsiatsis et al. (U.S. 20210392495 A1; Hereinafter “Tsiatsis”), in view of Ferdi et al. (U.S. 20210289351 A1; Hereinafter “Ferdi”) in view of Kim (U.S Application 20200169877; Hereinafter “Kim”).
Regarding claim 6, Tsiatsis in view of Ferdi teaches the dependent claim 5. 
Tsiatsis in view of Ferdi does not explicitly teach wherein the apparatus utilizes the key identifier and time duration along with the secure identifier to confirm the received secure identifier corresponds to the user equipment.
However in an analogous art, Kim teaches wherein the apparatus utilizes the key identifier and time duration along with the secure identifier to confirm the received secure identifier corresponds to the user equipment (Kim: para[0302], “in order to precisely confirm an IMSI (i.e., confirm the validity of the IMSI), that is, information importantly handled in an LI procedure, a serving network may be configured to additionally perform a procedure of comparing an IMSI, received from a V2X UE, with an IMSI received from a home network”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching of Kim into the modified teaching of Tsiatsis to include wherein the apparatus utilizes the key identifier and time duration along with the secure identifier to confirm the received secure identifier corresponds to the user equipment because it will improve the reliability and accuracy of a procedure performed in the network (Kim: para [0035]).
Regarding claim 7, Tsiatsis in view of Ferdi teaches the dependent claim 2. 
Tsiatsis in view of Ferdi does not explicitly teach wherein instruction, when executed by the at least one processor, further cause the apparatus to operate in a stateful manner by storing a mapping for the secure identifier comprising an association between the public subscription identifier, the identifier of the external entity, and the time duration.
However in an analogous art, Kim teaches wherein instruction, when executed by the at least one processor, further cause the apparatus to operate in a stateful manner by storing a mapping for the secure identifier comprising an association between the public subscription identifier, the identifier of the external entity, and the time duration (Kim [0237-024], “The PCA certifies the ticket. If the ticket is valid, the PCA selects a subpool of (PMSI, K_PMSI) pairs for the IMSI, and stores a mapping relation between the corresponding IMSI and the selected subpool”).
Therefore, it would have been obvious to a person having ordinary skill in the art, before the effective filling date of the claimed invention, to combine the teaching of Kim into the modified teaching of Tsiatsis to include cause the apparatus to operate in a stateful manner by storing a mapping for the secure identifier comprising an association between the public subscription identifier, the identifier of the external entity, and the time duration because it will improve the reliability and accuracy of a procedure performed in the network (Kim: para [0035]).
Regarding claim 8, Tsiatsis in view of Ferdi and in view of Kim teaches the dependent claim 7. Kim teaches wherein, in response to storing the mapping, the apparatus sends the secure identifier to the external entity, receives the secure identifier from the external entity in accordance with the subsequent request, and utilizes the received secure identifier to consult the mapping to confirm the received secure identifier corresponds to the user equipment (Kim: Para [0237-0244]).
Regarding claim 15, claim 15 is rejected under the same rational as claim 6.
Regarding claim 16, claim 16 is rejected under the same rational as claim 7.
Regarding claim 17, claim 17 is rejected under the same rational as claim 8.
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to LYDIA L NOEL whose telephone number is (571)272-1628. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kristine Kincaid can be reached on (571) 272 - 4063. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.



/L.L.N./
Examiner, Art Unit 2437   

/KRISTINE L KINCAID/            Supervisory Patent Examiner, Art Unit 2437