DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant’s submission filed on 11/28/2022 has been entered.
As per instant Amendment, Claims 1, 9 and 16 are independent claims.  Claims 1-20 have been examined and are pending. This Action is made Non-FINAL. 

Response to Arguments
Applicants’ arguments in the instant Amendment, filed on 11/28/2022, with respect to limitations listed below, have been fully considered but they are not persuasive.
Applicant’s arguments: “the cited references do not teach or suggest "sending, by the first computing device, based on an update to the network credentials, one or more messages comprising updated network credentials, wherein the updated network credentials are encrypted by the first computing device using the public key" as recited by claims 1, 9 and 16.” 
The Examiner disagrees with the Applicants. The Examiner respectfully submits that Yang discloses sending, by the first computing device, based on an update to the network credentials, one or more messages comprising updated network credentials (Yang: ¶0061 at 572, the cellular wireless network entity 516 [first computing device]can communicate to the UE 102 the DL message including the updated network public key PKnw' and a signature of the updated network public key PKnw'). More specifically, Yang discloses techniques for protecting subscriber identity in messages communicated over an unauthenticated connection between a wireless device, e.g., a user equipment (UE), and wireless network entities by encrypting a subscription permanent identifier (SUPI) to form a subscription concealed identifier (SUCI) [a subscription id (i.e. a network credential)] using a one-time ephemeral asymmetric key [0031], if authentication with a wireless network entity fails and the UE has a separate secure connection to a trusted cellular wireless network entity, such as to a trusted server through a Wi-Fi connection, the UE can obtain an updated network public key and generate a new SUCI to use for authentication [0033] and the UE sends UL messages that include different one-time SUCIs, corresponding one-time ephemeral UE public keys, and a network public key identifier. When the network public key is updated, e.g., by an over the air (OTA) update over a secure connection between the UE and a cellular wireless network server and/or by a downlink (DL) message sent to the UE by a network entity, e.g., by the cellular wireless network entity or by a third-party server providing carrier bundle updates, previously generated unused one-time SUCIs are discarded and additional new one-time SUCIs generated based on newly derived encryption keys based on the updated network public key [0036]. However, new reference Zou et al. (US 2018/0167389) discloses wherein the updated network credentials are encrypted using the public key. Therefore as the metes and bounds of the limitation of been met as noted above; the examiner finds this argument not persuasive.
Applicant’s argument: “The combination of Yang with Nagarajamoorthy is not properly supported.”
The Examiner disagrees with the Applicants. In response to applicant's argument that the combination of Yang with Nagarajamoorthy is not properly supported, it has been held that a prior art reference must either be in the field of applicant’s endeavor or, if not, then be reasonably pertinent to the particular problem with which the applicant was concerned, in order to be relied upon as a basis for rejection of the claimed invention.  See In re Oetiker, 977 F.2d 1443, 24 USPQ2d 1443 (Fed. Cir. 1992).  In this case, Yang teaches Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys and Nagarajamoorthy teaches a method for generating and encrypting the digital certificate using the public key in the CSR to join the wireless network. Yang and Nagarajamoorthy are both from the same analogous art and therefore they are combinable. Therefore as the metes and bounds of the limitation of been met as noted above; the examiner finds this argument not persuasive.

The amended claims 1, 9 and 16 have been addressed in rejection below.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person.


Claims 1-6, 8, and 16-20 are rejected under 35 U.S.C. 103 as being unpatentable over YANG et al. (“Yang,” US 2021/0092603) in view of Zou et al. (“Zou,” US 2018/0167389).

Regarding claim 1: Yang discloses a method comprising:
receiving, by a first computing device (Yang: fig. 5D item 516 cellular wireless network entity), from a second computing device (Yang: fig. 5D item 102 user equipment (UE)):
a first request, to communicate via a network, that comprises network credentials associated with the network, and a public key associated with the second computing device (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)] along with an associated ephemeral UE public key ePKue);
sending, by the first computing device, based on an update to the network credentials, one or more messages comprising updated network credentials (Yang: ¶0061 at 572, the cellular wireless network entity 516 [first computing device]can communicate to the UE 102 the DL message including the updated network public key PKnw' and a signature of the updated network public key PKnw');
receiving, from the second computing device, a second request, to communicate via the network, that comprises the updated network credentials (Yang: ¶0060 at 568, the UE 102 [second computing device] sends a new UL message that includes a new encrypted subscription identifier SUCI' along with the associated ephemeral UE public key ePKue' and an identifier PKnw' ID for the updated public key PKnw'); and
allowing, based on the second request, the second computing device to communicate via the network (Yang: ¶0081 at 1034, the UE 102 receives from the cellular wireless network entity 516 an authentication success indication. At 1036, the UE 102 establishes a secure connection with the cellular wireless network entity).
Yang does not explicitly disclose wherein the updated network credentials are encrypted by the first computing device using the public key.
However, Zou discloses wherein the updated network credentials are encrypted using the public key (Zou: ¶0035 a system for providing dynamically generated SSIDs [updated/new network credential] [] the access point may then verify the certification 314 and reply with an authentication response 315 with the generated SSID encrypted using the public key).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Zou with the system/method of Yang to include wherein the updated network credentials are encrypted using the public key. One would have been motivated for providing dynamically generated a unique service set identifier (SSID) for the requesting user device (Zou: ¶0009).
Regarding claim 2: Yang in view of Zou discloses the method of claim 1.
Yang further discloses wherein the public key comprises a time to live ("TTL") element, and wherein sending the one or more messages comprising the updated network credentials is based on: determining that the TTL element of the public key is unexpired (Yang: ¶0079 at a time indicated by 902, a first network public key K1 is established for use over a time period indicated as the K1 lifetime [] as indicated in FIG. 9, the K1 and K2 lifetimes span an overlapping time period 912, where both the first key K1 and the second key K2 can be validly used before the first key K1 expires at time 906).

Regarding claim 3: Yang in view of Zou discloses the method of claim 1.
Yang further discloses wherein sending the one or more messages comprising the updated network credentials comprises at least one of: sending, until a time to live ("TTL") element associated with the public key expires, the one or more messages comprising the updated network credentials; or
sending, until the second request to communicate via the network is received, the one or more messages comprising the updated network credentials (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message that includes the updated SUCI').



Regarding claim 4: Yang in view of Zou discloses the method of claim 1.
Yang further discloses wherein the one or more messages comprise at least one of a network message, a broadcast frame, an Internet Protocol packet, or a beacon frame (Yang: ¶0056 at 524, the cellular wireless network entity 516 sends a downlink (DL) message to the UE 102).

Regarding claim 5: Yang in view of Zou discloses the method of claim 1.
Yang further discloses further comprising determining the update to the network credentials based on at least one of:
receiving, from a user device, an instruction associated with the network;
receiving, from an administrative device, the instruction associated with the network; or
determining, based on a network rule, the update to the network credentials (Yang: ¶0077 at 802, the UE 102 initiates a network attach procedure with a cellular wireless network entity 516, which may be not trusted by the UE 102 until authentication is successful).

Regarding claim 6: Yang in view of Zou discloses the method of claim 1.
Yang further discloses receiving, from the second computing device via the network, at least one communication (Yang: ¶0029 fig. 5B step 518; ¶0055 at 518, the UE 102 communicates an UL message to the cellular wireless network entity 516).


Regarding claim 8: Yang in view of Zou discloses the method of claim 1.
Yang further discloses wherein the one or more messages comprise a plurality of messages, and wherein each message of the plurality of messages: is associated with one computing device of a plurality of computing devices (Yang: ¶0036 the UE sends UL messages that include different one-time SUCIs, corresponding one-time ephemeral UE public keys).
Zou further discloses comprises the updated network credentials encrypted using a public key corresponding to the one computing device (Zou: ¶0035 the generated SSID encrypted using the public key and pre-installed certification that includes the access point's public key signed by the same trusted authority).
The motivation is the same that of claim 1 above.

Regarding claim 16: Yang discloses a system comprising:
a first computing device (Yang: fig. 5D item 516 cellular wireless network entity) configured to:
receive, from a second computing device (Yang: fig. 5D item 102 user equipment (UE)), a first request, to communicate via a network, that comprises network credentials associated with the network (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)]); 
receive a public key associated with the second computing device (Yang: ¶0059 where the UL message includes [] an associated ephemeral UE public key);
send, based on an update to the network credentials, one or more messages comprising updated network credentials (Yang: ¶0061 at 572, the cellular wireless network entity 516 [first computing device]can communicate to the UE 102 the DL message including the updated network public key PKnw' and a signature of the updated network public key PKnw');
receive a second request, to communicate via the network, that comprises the updated network credentials (Yang: ¶0060 at 568, the UE 102 [second computing device] sends a new UL message that includes a new encrypted subscription identifier SUCI' along with the associated ephemeral UE public key ePKue' and an identifier PKnw' ID for the updated public key PKnw'); and
allow, based on the second request, the second computing device to communicate via the network (Yang: ¶0081 at 1034, the UE 102 receives from the cellular wireless network entity 516 an authentication success indication. At 1036, the UE 102 establishes a secure connection with the cellular wireless network entity); and
the second computing device configured to: after the second request, communicate via the network (Yang: ¶0060 at 1036, the UE 102 establishes a secure connection with the cellular wireless network entity).
Yang does not explicitly disclose wherein the updated network credentials are encrypted by the first computing device using the public key.
However, Zou discloses wherein the updated network credentials are encrypted using the public key (Zou: ¶0035 a system for providing dynamically generated SSIDs [updated/new network credential] [] the access point may then verify the certification 314 and reply with an authentication response 315 with the generated SSID encrypted using the public key).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Zou with the system/method of Yang to include wherein the updated network credentials are encrypted using the public key. One would have been motivated for providing dynamically generated a unique service set identifier (SSID) for the requesting user device (Zou: ¶0009).

Regarding claim 17: Claim 17 is similar in scope to claim 2, and is therefore rejected under similar rationale.

Regarding claims 18-20: Claims 18-20 are similar in scope to claims 4-6, and are therefore rejected under similar rationale.

Claims 7 and 9-15 are rejected under 35 U.S.C. 103 as being unpatentable over YANG et al. (“Yang,” US 2021/0092603) in view of Zou et al. (“Zou,” US 2018/0167389) and Nagarajamoorthy et al. (“Nagarajamoorthy,” US 2018/0167812).

Regarding claim 7: Yang in view of Zou discloses the method of claim 1.
Yang further discloses receiving, by the second computing device, the one or more messages (Yang: ¶0056 at 524, the cellular wireless network entity 516 sends a downlink (DL) message to the UE 102); and
sending, by the second computing device to the first computing device, the second request to communicate via the network (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message).
Yang in view of Zou does not explicitly disclose decrypting, by the second computing device, the updated network credentials using a private key associated with the public key.
However, Nagarajamoorthy discloses decrypting, by the second computing device, the updated network credentials using a private key associated with the public key (Nagarajamoorthy: ¶0064 at step 722, the new client device 102 can decrypt the encrypted digital certificate [i.e., network credential] using its private key generated during step 708).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagarajamoorthy with the system/method of Yang and Zou to include decrypting the updated network credentials using the private key. One would have been motivated to granting network access to client device when the trusted authenticator approves the potential new connection (Nagarajamoorthy: ¶0008).

Regarding claim 9: Yang discloses a method comprising:
determining by a second computing device:
a public key, and a private key associated with the public key (Yang: ¶0048 the UE 102 generates ephemeral key pairs, which include an ephemeral UE public key [] and an ephemeral UE private key);
sending to a first computing device (Yang: fig. 5D item 516 cellular wireless network entity):
the public key, and a first request, to communicate via a network, that comprises network credentials associated with the network (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)] along with an associated ephemeral UE public key ePKue);3626141.0347U1
receiving, from the first computing device, one or more messages comprising updated network credentials (Yang: ¶0061 at 572, the cellular wireless network entity 516 [first computing device]can communicate to the UE 102 the DL message including the updated network public key PKnw' and a signature of the updated network public key PKnw'); and
sending, to the first computing device, a second request, to communicate via the network, that comprises the updated network credentials (Yang: ¶0060 at 568, the UE 102 [second computing device] sends a new UL message that includes a new encrypted subscription identifier SUCI' along with the associated ephemeral UE public key ePKue' and an identifier PKnw' ID for the updated public key PKnw').
Yang does not explicitly disclose wherein the updated network credentials are encrypted by the first computing device using the public key.
However, Zou discloses wherein the updated network credentials are encrypted using the public key (Zou: ¶0035 a system for providing dynamically generated SSIDs [updated/new network credential] [] the access point may then verify the certification 314 and reply with an authentication response 315 with the generated SSID encrypted using the public key).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Zou with the system/method of Yang to include wherein the updated network credentials are encrypted using the public key. One would have been motivated for providing dynamically generated a unique service set identifier (SSID) for the requesting user device (Zou: ¶0009).
Yang in view of Zou does not explicitly disclose decrypting the updated network credentials using the private key.
However, Nagarajamoorthy discloses decrypting the updated network credentials using the private key (Nagarajamoorthy: ¶0064 at step 722, the new client device 102 can decrypt the encrypted digital certificate [i.e., network credential] using its private key generated during step 708).
Therefore, it would have been obvious to a person of ordinary skill in the art, before the effective filing date of the claimed invention to combine the teachings of Nagarajamoorthy with the system/method of Yang to include decrypting the updated network credentials using the private key. One would have been motivated to granting network access to Yang client device when the trusted authenticator approves the potential new connection (Nagarajamoorthy: ¶0008).

Regarding claim 10: Yang in view of Zou and Nagarajamoorthy discloses the method of claim 9.
Yang further discloses wherein the first computing device comprises at least one of a gateway, a router, a network hub, a repeater, a bridge, or an access point, and wherein the second computing device comprises at least one of a user device, a tablet, a laptop, a desktop, a mobile device, a set-top box, a sensor, a camera, an appliance, or a smart device (Yang: ¶0029 client wireless communication devices, interconnected to an access point (AP); ¶0028 consumer electronic devices may relate to: a cellular phone or a smart phone, a tablet computer, a laptop computer, a notebook computer, a personal computer).

Regarding claim 11: Yang in view of Zou and Nagarajamoorthy discloses the method of claim 9.
Yang further discloses wherein the public key comprises a time to live ("TTL") element, and wherein sending the one or more messages comprising the updated network credentials is based on: determining that the TTL element, the updated network credentials (Yang: ¶0079 at a time indicated by 902, a first network public key K1 is established for use over a time period indicated as the K1 lifetime [] as indicated in FIG. 9, the K1 and K2 lifetimes span an overlapping time period 912, where both the first key K1 and the second key K2 can be validly used before the first key K1 expires at time 906)..

Regarding claim 12: Yang in view of Zou and Nagarajamoorthy discloses the method of claim 9.
Yang further discloses wherein the one or more messages comprise at least one of a network message, a broadcast frame, an Internet Protocol packet, or a beacon frame (Yang: ¶0056 at 524, the cellular wireless network entity 516 sends a downlink (DL) message to the UE 102).

Regarding claim 13: Yang in view of Zou and Nagarajamoorthy discloses the method of claim 9.
Yang further discloses wherein sending the one or more messages comprising the updated network credentials comprises at least one of: sending, until a time to live ("TTL") element associated with the public key expires, the one or more messages comprising the updated network credentials; or
sending, until the second request to communicate via the network is received, the one or more messages comprising the updated network credentials (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message that includes the updated SUCI').

Regarding claim 14: Yang in view of Zou and Nagarajamoorthy discloses the method of claim 9.
Yang further discloses receiving, from the second computing device via the network, at least one communication (Yang: ¶0029 fig. 5B step 518; ¶0055 at 518, the UE 102 communicates an UL message to the cellular wireless network entity 516).

Regarding claim 15: Yang in view of Zou and Nagarajamoorthy discloses the method of claim 9.
Yang further discloses receiving, by the first computing device, from the second computing device: the first request to communicate via the network, and3726141.0347U1 the public key (Yang: ¶0059 at 559, the UE 102 communicates an UL message to the cellular wireless network entity 516, such as for authentication to attach to a wireless network or to provide a location area update to the wireless network, where the UL message includes one of the encrypted SUCIs [a subscription id (i.e. a network credential)] along with an associated ephemeral UE public key ePKue and the identifier PKnw ID for the network public key PKnw);
sending, by the first computing device, the one or more messages (Yang: ¶0056 at 524, the cellular wireless network entity 516 sends a downlink (DL) message to the UE 102); and
receiving, by the first computing device from the second computing device, the second request to communicate via the network (Yang: ¶0091 at 1032, the UE 102 sends to the cellular wireless network entity 516 a second UL message).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Fahimeh Mohammadi whose telephone number is (571)270-7857. The examiner can normally be reached Monday - Friday 9:00 - 5:00.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Luu Pham can be reached on 5712705002. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/FAHIMEH MOHAMMADI/ Examiner, Art Unit 2439   


/LUU T PHAM/Supervisory Patent Examiner, Art Unit 2439