Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .



DETAILED ACTION

Allowable Subject Matter
Claims 7 – 8 and 15 – 16 are objected to as being dependent upon a rejected based claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


Claims 1 – 6, 9 – 14 and 17 – 20 are rejected under 35 U.S.C. 103 as being unpatentable over Mallick (US Pub. No. 20200092727 A1) in view of Khirallah (WO 2020/166593 A1).


Per claim 9, Mallick suggests a system for user plane integrity protection within a cellular network, comprising: one or more processors (reads on a processor communicatively coupled to a memory, see Mallick para 0044); and one or more non-transitory computer-readable media storing computer- executable instructions that (reads on memory that stores instructions to perform the method, see Mallick para 0044), when executed by the one or more processors (see Mallick para 0044), cause one or more cellular communication components to perform actions comprising (see Mallick para 0036 – 0037): 
establishing a communication session (reads on remote units communicating directly with one or more network units, see Mallick para 0037) between a user equipment (UE) (reads on UE/remote unit, see Mallick para 0036 – 0037) and a node associated with a wireless access network (reads on network and remote units communicating, see Mallick para 0036 and Figure 1); 
determining (reads on the remote/network unit determines the integrity function to apply based on an integrity protection indicator, see Mallick para 0041 and 0081), by one or more of the UE or the node (reads on UE/remote unit, see Mallick para 0036 – 0037), to perform integrity protection on a portion of user data transmitted between the UE and the node (reads on the remote/network unit determines the integrity function to apply based on an integrity protection indicator, see Mallick para 0041 and 0081); 
performing the integrity protection on the portion of the user data (reads on an integrity protection function is applied to a first portion of the packet data unit without applying the integrity protection function to a second portion of the packet data unit, see Mallick para 0007 – 0008, 0042, 0051 and 0082 and Figure 10 block 1002); and transmitting the user data (reads on transmit the packet data unit with the integrity protection indicator, see Mallick Figure 9 block 906).  The prior art of record does not explicitly state establishing a communication session.  
[0005] Methods for integrity protection for a packet data unit are disclosed. Apparatuses and systems also perform the functions of the method. One embodiment of a method includes determining a first portion of a packet data unit, wherein the packet data unit includes the first portion and a second portion. In some embodiments, the method includes applying an integrity protection function to the first portion of the packet data unit to result in an integrity protection indicator without applying the integrity protection function to the second portion of the packet data unit. In certain embodiments, the method includes transmitting the packet data unit with the integrity protection indicator.
[0020] As will be appreciated by one skilled in the art, aspects of the embodiments may be embodied as a system, apparatus, method, or program product. Accordingly, embodiments may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “circuit,” “module” or “system.” Furthermore, embodiments may take the form of a program product embodied in one or more computer readable storage devices storing machine readable code, computer readable code, and/or program code, referred hereafter as code. The storage devices may be tangible, non-transitory, and/or non-transmission. The storage devices may not embody signals. In a certain embodiment, the storage devices only employ signals for accessing code.

[0024] Any combination of one or more computer readable medium may be utilized. The computer readable medium may be a computer readable storage medium. The computer readable storage medium may be a storage device storing the code. The storage device may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, holographic, micromechanical, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing.

[0025] More specific examples (a non-exhaustive list) of the storage device would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (“RAM”), a read-only memory (“ROM”), an erasable programmable read-only memory (“EPROM” or Flash memory), a portable compact disc read-only memory (“CD-ROM”), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

[0028] Furthermore, the described features, structures, or characteristics of the embodiments may be combined in any suitable manner. In the following description, numerous specific details are provided, such as examples of programming, software modules, user selections, network transactions, database queries, database structures, hardware modules, hardware circuits, hardware chips, etc., to provide a thorough understanding of embodiments. One skilled in the relevant art will recognize, however, that embodiments may be practiced without one or more of the specific details, or with other methods, components, materials, and so forth. In other instances, well-known structures, materials, or operations are not shown or described in detail to avoid obscuring aspects of an embodiment. 

[0037] In one embodiment, the remote units 102 may include computing devices, such as desktop computers, laptop computers, personal digital assistants (“PDAs”), tablet computers, smart phones, smart televisions (e.g., televisions connected to the Internet), set-top boxes, game consoles, security systems (including security cameras), vehicle on-board computers, network devices (e.g., routers, switches, modems), aerial vehicles, drones, or the like. In some embodiments, the remote units 102 include wearable devices, such as smart watches, fitness bands, optical head-mounted displays, or the like. Moreover, the remote units 102 may be referred to as subscriber units, mobiles, mobile stations, users, terminals, mobile terminals, fixed terminals, subscriber stations, UE, user terminals, a device, or by other terminology used in the art. The remote units 102 may communicate directly with one or more of the network units 104 via UL communication signals.

[0038] The network units 104 may be distributed over a geographic region. In certain embodiments, a network unit 104 may also be referred to as an access point, an access terminal, a base, a base station, a Node-B, an eNB, a gNB, a Home Node-B, a relay node, a device, a core network, an aerial server, a radio access node, an AP, NR, a network entity, an AMF, a UDM, a UDR, a UDM/UDR, a PCF, a RAN, an NSSF, or by any other terminology used in the art. The network units 104 are generally part of a radio access network that includes one or more controllers communicably coupled to one or more corresponding network units 104. The radio access network is generally communicably coupled to one or more core networks, which may be coupled to other networks, like the Internet and public switched telephone networks, among other networks. These and other elements of radio access and core networks are not illustrated but are well known generally by those having ordinary skill in the art.

[0041] In one embodiment, a remote unit 102 may determine a first portion of a packet data unit, wherein the packet data unit includes the first portion and a second portion. In some embodiments, the remote unit 102 may apply an integrity protection function to the first portion of the packet data unit to result in an integrity protection indicator without applying the integrity protection function to the second portion of the packet data unit. In certain embodiments, the remote unit 102 may transmit the packet data unit with the integrity protection indicator. Accordingly, the remote unit 102 may be used for integrity protection for a packet data unit.

[0042] In certain embodiments, a network unit 104 may receive a packet data unit with an integrity protection indicator, wherein an integrity protection function is applied to a first portion of the packet data unit to result in the integrity protection indicator without applying the integrity protection function to a second portion of the packet data unit. Accordingly, the network unit 104 may be used for integrity protection for a packet data unit.
[0054] FIG. 4 is a schematic block diagram illustrating one embodiment of an apparatus 400 that determines a message authentication code. The apparatus 400 includes an NIA 402 that operates an integrity algorithm having a first input parameter 404, a second input parameter 406, a third input parameter 408, a fourth input parameter 410, a fifth input parameter 412, and an output parameter 414.

[0055] The first input parameter 404 includes a 128-bit integrity key named KEY (e.g., the integrity protection keys for the control plane and for the user plane are K.sub.RRCint and K.sub.UPint, respectively), the second input parameter 406 includes a 32-bit COUNT, the third input parameter 408 includes the message itself (e.g., MESSAGE), the fourth input parameter 410 includes a 1-bit direction of the transmission (e.g., DIRECTION), and the fifth input parameter 412 includes a 5-bit bearer identity called BEARER (e.g., defined as the radio bearer identifier in TS 33.501. It will use the value RB identity −1 as in TS 38.331). The DIRECTION bit may be 0 for uplink and 1 for downlink. The bit length of the MESSAGE may have a length “M.”

[0056] Based on these input parameters a sender computes the output parameter 414 that includes a 32-bit message authentication code (e.g., MAC-I/NAS-MAC) using the NIA 402. The message authentication code is then appended to the message when sent. For integrity protection algorithms, the receiver computes the expected message authentication code (e.g., XMAC-I/XNAS-MAC) on the message received in the same way as the sender computed its message authentication code on the message sent and verifies the data integrity of the message by comparing it to the received message authentication code (e.g., MAC-I/NAS-MAC).

[0058] In one embodiment, for UL traffic, a network (e.g., via RRC) configures a length of IP protection for a data bearer. The configuration information may be transmitted to a UE as part of PDCP configuration. In some embodiments, for DL traffic, a network may also configure a length of IP protection for a data bearer. The configuration information may be transmitted to a UE so that the UE may verify an integrity protection (e.g., generate a X-MAC). In certain embodiments, a network may configure and use the same parameter length of IP protection for a data bearer for both UL and DL. As may be appreciated, keys and the integrity protection algorithm may be configured in any suitable manner. In various embodiments, for downlink and uplink integrity protection and verification, parameters that are used by PDCP for integrity protection may be defined in TS 33.501 and may be input to the integrity protection algorithm.

[0059] In some embodiments, a network may calculate a length of IP protection for a data bearer based on a UE capability corresponding to a data rate for IP protection. For example, if the UE is able to integrity protect up to 64 Kbps and a corresponding bearer may be scheduled by the network every 10 ms to fulfill its QOS requirements, then the length of the IP protection for the data bearer is 640 bits. In such an example, the transmitting PDCP may then calculate a partial-MAC-I on only 640 bits regardless of an actual payload size of the data bearer. The data unit that is then integrity protected is 640 truncated bits containing a PDU header and a portion of the PDU data (e.g., before ciphering). In certain embodiments, a UE computes a value for the partial-MAC-I field as described herein and at reception, the receiving device verifies the integrity of the PDCP data PDU by calculating the partial-X-MAC based on the input parameters as described herein using the length of the IP protection for a data bearer bits. If the calculated partial-X-MAC corresponds to the received partial-MAC-I, integrity protection may be verified successfully.

[0060] FIG. 5 is a schematic block diagram illustrating one embodiment of a packet data unit message 500. The packet data unit message 500 includes a PDU header 502 and PDU data 504. As described above, a selection of a portion 506 of the packet data unit message 500 is made in order to integrity protect only the portion 506.

[0061] FIG. 6 is a schematic block diagram illustrating one embodiment of a truncated packet data unit message 600. The truncated packet data unit message 600 includes the PDU header 502 and truncated PDU data 602.

[0062] In some embodiments, a location of a bit string to be IP protected may be configured by a network, and the configuration information transmitted to a UE. In one example, if a length of the IP protection for a data bearer equals 640 bits, a location may indicate whether the 640 bits are at the front (e.g., the first bits of the data unit starting with the PDU header), at the end (e.g., the last bits of the data unit ending with the data part of the PDU before ciphering), or at a configured location (e.g., offset) from the first bit of the data unit starting with the PDU header. In one embodiment, special values of an offset may indicate the offset (e.g., location of the IP data in the PDU) as zero to signify the front, and another special value of an offset may signify the end.

[0063] FIG. 7 is a schematic block diagram illustrating another embodiment of a packet data unit message 700. The packet data unit message 700 includes a PDU header 702 and PDU data 704. As described above, a selection of a portion 706 of the packet data unit message 700 is made in order to integrity protect only the portion 706.

[0064] FIG. 8 is a schematic block diagram illustrating another embodiment of a truncated packet data unit message 800. The truncated packet data unit message 800 includes the PDU header 702 and truncated PDU data 802.

[0065] As described herein, a MAC-I calculated on only a portion of a PDU message may be considered a partial-MAC-I (or short-MAC-X) to distinguish it from MAC-I that is calculated over an entire PDU header and the entire data part of the PDU before ciphering. In some embodiments, a partial-MAC-I field carries a message authentication code calculated as specified in subclause 5.9 of TS 38-321-f20. In such embodiments, a Partial-MAC-I field may have a length of 32 bits and may be present at the end of the PDCP Data PDU.

[0066] In certain embodiments, a UE capability indication may be used to indicate that the UE is able to compute a partial-MAC-I and partial-X-MAC. In such embodiments, this capability may be signaled to the network using an RRC message (e.g., for transmission to a RAN network) or NAS signaling (e.g., for transmission to a Core Network). The Core Network may decide or assist the RAN network in deciding on appropriate values of length and/or location fields and which bearers/QOS flows/PDU session to use efficient integrity protection (e.g., partial-MAC-I and/or partial-X-MAC). In various embodiments, configuration of a UE may be on a per bearer basis, a per PDU session basis, or a per UE basis. In some embodiments, for every bearer it may be signaled if efficient integrity protection is to be applied for the bearer and corresponding length and/or location parameters may be bearer-specific configured. Once configured, efficient integrity protection may be applied for all bearers and corresponding length and/or location parameters may be common to all bearers. An example of one embodiment of a signaling structure is shown in Table 1 and Table 2.

[0075] FIG. 9 is a flow chart diagram illustrating one embodiment of a method 900 for integrity protection for a packet data unit. In some embodiments, the method 900 is performed by an apparatus, such as the remote unit 102. In certain embodiments, the method 900 may be performed by a processor executing program code, for example, a microcontroller, a microprocessor, a CPU, a GPU, an auxiliary processing unit, a FPGA, or the like.

[0076] The method 900 may include determining 902 a first portion of a packet data unit, wherein the packet data unit includes the first portion and a second portion. In some embodiments, the method 900 includes applying 904 an integrity protection function to the first portion of the packet data unit to result in an integrity protection indicator without applying the integrity protection function to the second portion of the packet data unit. In certain embodiments, the method 900 includes transmitting 906 the packet data unit with the integrity protection indicator.

[0077] In certain embodiments, the method 900 further comprises receiving information indicating a length of the portion of the packet data unit. In some embodiments, the information indicating the length is received as part of a packet data convergence protocol configuration via a radio resource control message. In various embodiments, the length of the portion of the packet data unit is determined based on a user equipment capability corresponding to integrity protection.

[0078] In one embodiment, the method 900 further comprises receiving information indicating a location of the portion of the packet data unit within the packet data unit. In certain embodiments, the information indicating the location comprises an offset. In some embodiments, the method 900 further comprises transmitting information indicating a length of the portion of the packet data unit.

[0079] In various embodiments, the method 900 further comprises transmitting information indicating a location of the portion of the packet data unit. In one embodiment, the method 900 further comprises transmitting information indicating whether the integrity protection indicator is present. In certain embodiments, the information indicating the length, the location, and the integrity protection indicator is part of a header of a packet data convergence protocol message. In some embodiments, the header is ciphered.

[0080] In various embodiments, the method 900 further comprises, in response to the information indicating that the integrity protection indicator is not present, not transmitting information indicating the length of the portion of the packet data unit and the location of the portion of the packet data unit. In one embodiment, transmitting the entire packet data unit with the integrity protection indicator comprises transmitting the integrity protection indicator if a higher layer indicates to apply integrity protection and applying integrity protection. In certain embodiments, the method 900 further comprises transmitting information indicating an ability to support partial integrity protection and a maximum supported bitrate for integrity protection to an access and mobility management function.

    PNG
    media_image1.png
    1340
    868
    media_image1.png
    Greyscale



Khirallah suggests 
establishing a communication session (The Examiner construes this to be a necessary if not obvious limitation of Khirallah’s disclosure of a UE’s PDU session terminated at the SN because in order for there to be a PDU communication session it was necessary for the session to be established, see Khirallah para 0067).

[0028] Each feature disclosed in this specification (which term includes the claims) and/or shown in the drawings may be incorporated in the invention independently of (or in combination with) any other disclosed and/or illustrated features. In particular but without limitation the features of any of the claims dependent from a particular independent claim may be introduced into that independent claim in any combination or individually.

[0058] A number of procedures will now be described, by way of example only, which may be implemented to allow enforcement of the applicable maximum data rate for integrity protected DRBs in the above described systems 1a to 1c. It will be appreciated that whilst each of these procedures may provide technical benefits independently when implemented in isolation, any combination of these procedures may be implemented together.

[0067] Step 2: The SN 5S monitors (e.g. over a given time period y) integrity protected traffic on the UE’s PDU sessions (downlink and/or uplink traffic) terminated at the SN 5S, and generates a report (depending on the request received from the MN 5M in Step 1). In this example, the SN 5S sends the requested report in an appropriately formatted ‘S-NODE DATA USAGE REPORT’ message and/or the like. An example of the contents of this message is given in Table 3.

Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the communication session teachings of the prior art of record (reads on remote units communicating directly with one or more network units, see Mallick para 0037) by integrating the communication session teachings of Khirallah (The Examiner construes this to be a necessary if not obvious limitation of Khirallah’s disclosure of a UE’s PDU session terminated at the SN because in order for there to be a PDU communication session it was necessary for the session to be established, see Khirallah para 0067) to realize the instant limitations. One or more of the underpinning rational(s), as discussed in KSR international Co, v, Teleflex inc,s etai,s 550 U,S. 398 (2007) U.S.P.Q.2d 1385, also see MPEP § 2141 {IN), are used to support this conclusion of obviousness. Accordingly, one of ordinary skill in the art would have recognized that applying the known PDU session technique of Khirallah to the communication teachings of Mallick would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate such PDU session features into similar systems. The motivation to combine the references applies to all claims under this heading.
Per claim 10, the prior art of record further suggests the communication session is a packet data unit (PDU) session (reads on PDU sessions, see Khirallah para 0028, 0058 and 0067), and wherein performing the integrity protection occurs for one or more first packet data units (PDUs) transmitted via a Physical Downlink Shared Channel (PDSCH) and one or more second PDUs transmitted via a Physical Uplink Shared Channel (PUSCH) (reads on integrity protection for downlink and uplink PDU session traffic, see Khirallah para 0028, 0058 and 0067).
Per claim 11, the prior art of record further suggests identifying at least one packet data unit (PDU) from a plurality of PDUs of the portion of the user data to integrity protect (reads on determine a first portion of a PDU to apply an integrity protection function, see Mallick Figure 9 and para 0042).  
Per claim 12, the prior art of record further suggests wherein performing the integrity protection occurs according to one or more of a schedule or a frequency (The Examiner asserts this is an obvious limitation of the disclosure of the prior art of record because one of ordinary skill in the art would consider the act of performing the disclosed integrity protection to occur at least at the frequency of once, see Mallick Figure 9, para 0042 and Khirallah para 0067).  
Per claim 14, the prior art of record further suggests accessing an integrity protection policy and determining an integrity protection mechanism to perform based at least in part on the integrity protection policy (reads on a combination of performing integrity protection per the security policy for a PDU session and if the transmitter indicates a MAC-I is present then performing integrity protection, see Mallick para 0071 – 0074).  
Claim 1 is analyzed with respect to claim 9. 
Claim 2 is analyzed with respect to claim 10. 
Claim 3 is analyzed with respect to claim 11. 
Claim 4 is analyzed with respect to claim 12. 
Claim 6 is analyzed with respect to claim 14.
Claim 17 the at least one tangible, non-transitory computer-readable medium (see Khirallah para 0143) is analyzed with respect to claim 1.
Claim 18 is analyzed with respect to claim 2.
Claim 19 is analyzed with respect to claim 4.

Claims 5, 13 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Mallick in view of Khirallah in view of Prasad (US Pub. No. 20210385090).


Per claim 13, the prior art of record suggests the system of claim 9. The prior art of record does not explicitly state a Packet Data Convergence Protocol (PDCP) layer performs the integrity protection on the portion of the data.  Prasad suggests a Packet Data Convergence Protocol (PDCP) layer performs the integrity protection on the portion of the data (see Prasad para 0075 – 0076).  


[0075] In this solution variant, the integrity protection is handled in both PDCP layer and the upper layer (e.g., IP layer or application layer) by sharing the integrity protection function. The upper layer calculates and verifies the integrity of the message content. In the transmitter side, the upper layer generates a hash value over the entire message content to be sent. The receiver side application layer verifies the hash value by applying the same operation and compare against the received hash value.

[0076] In the PDCP layer, the transmitter side applies integrity protection by using the PDCP header and the hash value (provided by the upper layer) as inputs, and insert the resulting value as MAC-I in the PDCP PDU. The receiver side PDCP layer verifies the received MAC-I value by applying the same operation on the received PDCP payload and compare the output against the received MAC-I value.

Before the effective filing date of the invention it would have been obvious to one of ordinary skill in the art to modify the PDCP PDU teachings of the prior art of record (reads on an integrity protection function is applied to a first portion of the packet data unit without applying the integrity protection function to a second portion of the packet data unit, see Mallick para 0007 – 0008, 0042, 0051 and 0082 and Figure 10 block 1002 and see Khirallah para 0067) by integrating the PDCP PDU teachings of Prasad (reads on the integrity protection is handled in the PDCP layer, see Prasad para 0075 – 0076) to realize the instant limitations. One or more of the underpinning rational(s), as discussed in KSR international Co, v, Teleflex inc,s etai,s 550 U,S. 398 (2007) U.S.P.Q.2d 1385, also see MPEP § 2141 {IN), are used to support this conclusion of obviousness. Accordingly, one of ordinary skill in the art would have recognized that applying the known PDCP layer technique of Prasad to the PDCP teachings of the prior art of record would have yielded predictable results because the level of ordinary skill in the art demonstrated by the references applied shows the ability to incorporate integrity protection in the PDCP layer into similar systems. The motivation to combine the references applies to all claims under this heading.

Claim 5 is analyzed with respect to claim 13.
Claim 20 is analyzed with respect to claim 5.



Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Brian Shaw whose telephone number is (571)270-5191.  The examiner can normally be reached on Mon-Thurs from 6:00 AM-3:30 PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner's Supervisor, Jorge Ortiz Criado can be reached on (571) 272-7624.  The fax phone number for the organization where this application or proceeding is assigned is 703-872-9306.  Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).




/BRIAN F SHAW/Primary Examiner, Art Unit 2496