Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Continued Examination Under 37 CFR 1.114
A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114.  Applicant's submission filed on 11/02/2022 has been entered.
Claims 1, 2, 3-7, 11-13, 15, 18-20, 23, 24, 27, 30, 33 and 39-41 are pending and are being considered.
Claims 1, 2, 3-7, 11-13, 15, 18-20, 23, 24, 30, 33 and 39-41 are amended.
112f withdrawn based on amendments.

Response to 103
	Applicants arguments filed on 10/04/2022 have been fully considered and are persuasive but are moot in view of new grounds of rejection. The argument do not apply to the current art being used. 

Claim Objections
Claim 11 objected to because of the following informalities:
Claim 11 recites “Protoc0l” should read as “protocol”

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claim 2 recites the limitation " the initial network access".  There is insufficient antecedent basis for this limitation in the claim.
Dependent claim 4 is also rejected due to inheriting the deficiency of parent claim.


                                               Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1, 2, 5-7, 12, 13, 18-20, 23, 30, 33 and 39-41 are rejected under 35 U.S.C. 103 as being unpatentable over Park et al (hereinafter Park) (US 20160301529) in view of Le Saint (US 20150200774) and further in view of ANSLOT et al (hereinafter ANSLOT) (US 20200015069).

Regarding claim 1 Park teaches a method comprising: (Park on [0043] teaches a network access authentication method performed by mobile communication terminal);
 a communications device transmitting a primary message to a network node that is remote from the communications device and the network node is not a component of the communications device (Park on [0194-0196] teaches the terminal 620 (i.e. communication device) requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge (i.e. identity module challenge), the terminal 620 may transfer the eUICC challenge (i.e. primary message) and the Certificate_Info to profile providing server (i.e. network node which is not component of the communication device));
wherein the primary message comprises an identity module challenge obtained from an identity module comprising an integrated circuit card (ICC) within the communications device Park on [0043-0044] teaches a universal integrated circuit card (UICC) (i.e. identity module) is a smart card inserted into a mobile communication terminal. See on [0194-0196] teaches the terminal 620 requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge (i.e. identity module challenge), the terminal 620 may transfer the eUICC challenge and the Certificate_Info to profile providing server (i.e. network node));
the communications device receiving, from the network node, a second message(Park on [0199] teaches the profile providing server 610 (i.e. network node) may transfer authentication information (i.e. second message ) comprising the transaction ID, the DP challenge (i.e. authentication server challenge), the DP_Signal (i.e. signature in view of [0198]), a certificate of a profile providing server, and Cert_ToBe_Used information to the terminal 620);
wherein the second message comprises an [[ephemeral]] public key of the authentication server, an authentication server challenge, and an authentication server signature (Park on [0198-0199] teaches the profile providing server 610 may transfer authentication information (i.e. second message ) comprising  the transaction ID, the DP challenge (i.e. authentication server challenge), the DP_Signal (i.e. signature in view of [0198]), a certificate of a profile providing server, and Cert_ToBe_Used information to the terminal 620, wherein cert_to _be used comprises encryption key information (i.e. public key of authentication server) and certificate type);
wherein the authentication server signature is based on the [[ephemeral]] public key of the authentication server, the authentication server challenge, and the identity module challenge and follows a format used for handling remote subscription profile download to the identity module (Park on [0198-0199 and 0208] teaches the profile providing server 610 may then generate DP_Signal. The DP_Signal may be a signature value generated by the profile providing server 610, in which the signature value includes eUICC_Challenge, (i.e. identity module challenge) and DP_Challenge (i.e. authentication challenge) (i.e. The process of Fig 6A-6B is a specific format for downloading profile). Further teaches encryption key information is also used in generating signature by the profile providing server. See also on [0208] teaches the profile providing server 610 may generate DP_Sign2. The DP_Sign2 is a signature value using the pre-stored personal key of the profile providing server. See on [0112] teaches the profile providing server generates digital signature using its personal key);
wherein the third message comprises an ephemeral public key of the communications device and an identity module signature (Park on [0204] teaches the terminal 620 may transmit the profile request message (i.e. third message) to the profile providing server 630. The profile request message transmitted to the profile providing server 630 may include the eUICC authentication information received from the eUICC 630. The message may include the disposable public key of the eUICC (i.e. ephemeral public key) and the eUICC_Signal, the eUICC certificate (i.e. signature in view of [0202]));
wherein the identity module signature is based on the identity module credentials used for remote subscription profile download and is based on the ephemeral public key of the communications device and the authentication server challenge and follows the format used for remote subscription profile download to the identity module (Park on [0202] teaches the eUICC 630 may perform a signature using the personal key, profile installation key  (i.e. credential as part of signature and used in downloading profile) pre-stored in the eUICC 630, including the received DP challenge (i.e. authentication server challenge) along with the disposable public key of the eUICC 630 (i.e. ephemeral public key of communication device) (i.e. The process of Fig 6A-6B is a specific format for downloading profile));
	Although Park teaches generating session key using the shared secret but fails to explicitly teach the network node is configured to forward the identity module challenge to an authentication server, the communications device transmitting a third message towards the authentication server, the communication device establishing a secret using the ephemeral public key of the authentication server and a private key corresponding to the ephemeral public key of the communications device, the communications device obtaining data for transmission to a network node; the communications device using the MSK to encrypt the data, thereby producing encrypted data and the communications device transmitting the encrypted data to the network node, however Le Saint from analogous art teaches 
the communication device establishing a secret using the ephemeral public key of the authentication server and a private key corresponding to the ephemeral public key of the communications device (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device 101 generates shared secret using ephemeral public key of the access device and private key of the user device);
the communications device generating a master session key (MSK)using the (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device generates session key using the shared secret);
the communications device obtaining data for transmission to a network node (Le Saint on [0082] teaches obtaining user data and encrypting the user data with session key to generated encrypted response);
the communications device using the MSK to encrypt the data, thereby producing encrypted data (Le Saint on [0049, 0080-0082 and 0118-0119] teaches uses the session key to encrypt response data);
 and the communications device transmitting the encrypted data to the network node (Le Saint on [0049-0051, 0080-0082 and 0118-0119] teaches portable user device 101 sends a response message to access device 101. The response message may include the encrypted response data and other data).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Le Saint into the teaching of Park by generating shared secret using ephemeral public key and private key and generating session key using shared secret and encrypting the data using the session key. One would be motivated to do so in order to verify user device certificate based on the encrypted response generated by session key (Le Saint on [0004-0005]).

Although the combination of Park and Le Saint teaches sending primary message to network node but fails to explicitly teach first, second and third message transmitted between communication device and authentication server via network node, however ANSLOT from analogous art teaches a communications device transmitting a primary message to a network node that is remote from the communications device and the network node is configured to forward the identity module challenge to an authentication server (ANSLOT on Fig 8 block 60 and text on [0113] teaches transmitting by the terminal device (i.e. communication device) a request message (i.e. primary message in this case) with its unique identifier e-IMSI to MME wherein the MME (i.e. network node) forwards the message e-IMSI to D-HSS (i.e. authentication server in view of [0007] of the reference));
 the communications device receiving, from the network node, a second message (ANSLOT on Fig 8 block 62, 63 and text on [0115] teaches the terminal receives authentication request message (i.e. second message) containing t-IMSI from MME (i.e. network node) which was transmitted by D-HSS server (i.e. authentication server));
the communications device transmitting a third message towards the authentication server (ANSLOT on Fig 8 block 68, 69 and text on [0120-0121] teaches the terminal device transmits EMM attach request message containing t-IMSI (i.e. third message) to HSS server (i.e. authentication sever) via MME (i.e. network nodes)).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of ANSLOT into the combined teaching of Park and Le Saint by having first, second and third message transmitted between communication device and authentication server via network node. One would be motivated to do so in order to establish bi-directional communication between server, communication device and network node (ANSLOT on [0001-0004]).

Regarding claim 2 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above, ANSOLT further teaches further comprising: the communications device transmitting to the network node a network attachment request (ANSLOT on [0007 and 0113-0115] teaches the terminal sends attach request message to MME);
and receiving a network access identifier request message transmitted by the network node in response to the initial network access requires, wherein the communications device transmits the primary message in response to receiving the network access identifier request (ANSLOT on [0008 and 0113-0115] teaches  MME then sends two values, a RAND and an AUTN in an Authentication request message to the handset that forwards them in an APDU command to the eUICC. RAND is used for authenticating the eUICC and AUTN for authenticating the network, the MME sends the RAND and AUTN to the eUICC+ in an Authentication request message to initiate a challenge/response (i.e. primary message in response to network identifier ) communication. The RAND/AUTN messages contain t-IMSI).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of ANSLOT into the combined teaching of Park and Le Saint by having first, second and third message transmitted between communication device and authentication server via network node. One would be motivated to do so in order to establish bi-directional communication between server, communication device and network node (ANSLOT on [0001-0004]).

Regarding claim 5 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above Park further teaches wherein the primary message comprises at least one trusted public key identifier of the identity module of the communications device(Park on [0194-0196] teaches the terminal 620 requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge, the terminal 620 may transfer the eUICC challenge and the Certificate_Info (i.e. first message) to profile providing server. Further teaches the certification information Certificate_Info may include a kind of eUICC certificates and a kind of usable encryption keys (i.e. public key identifier)).
	Regarding claim 6 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above Park further teaches wherein at least one of the primary message and the third message comprises an identifier of the communications device (Park on [0057] teaches an eUICC identifier (eUICC ID) may be a unique identifier of the eUICC embedded in the terminal and may be described as an EID. See on [0134] teaches transmitting EID. See on [0136] teaches the profile information transfer server 309 may receive the profile information and register the received profile information. The profile information may include the address of the profile providing server and the eUICC information. The address of the profile providing server may be a server address in an FQDN type, an address in a full URL type, or an address of an IP server. The eUICC information may be a specific EID, a value providing a hash function operation result to the specific EID, or an EID).
Regarding claim 7 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above, Park further teaches4371 of PCT/ EP2018/057047 Preliminary AmendmentAttorney Docket: 3602-2051US1wherein the primary message comprises information enabling the network node(Park on [0197] teaches the profile providing server 610 may check whether the received profile providing server is valid. It may be checked whether the received profile providing server is valid by verifying whether the received address information of the profile providing server is the same as its own server address or acknowledging whether the received address information of the profile providing server corresponds to any of a plurality of valid addresses.).

Regarding claim 12 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above Park further teaches wherein the primary message comprises a network address of the authentication server (Park on [0194-0196] teaches eUICC challenge (i.e. primary message) comprises address information of profile providing server).

Regarding claim 13 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above ANSLOT further teaches wherein the second message comprises the identity module challenge and the method further comprises verifying that the identity module challenge in the second message matches the identity module challenge in the first message (Park on [0193-196] teaches receiving identify module challenge comprising address information and comparing the received address information with stored address information to verify the challenge further teaches computing a DP challenge).
Regarding claim 18 Park teaches A method(Park on [0043] teaches a network access authentication method performed by mobile communication terminal);
 Park on [0043-0044] teaches a universal integrated circuit card (UICC) (i.e. identity module) is a smart card inserted into a mobile communication terminal. See on [0194-0196] teaches the terminal 620 (i.e. communication device) requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge (i.e. identity module challenge), the terminal 620 may transfer the eUICC challenge and the Certificate_Info to profile providing server (i.e. network node));

wherein the second message comprises an ephemeral public key of the authentication server, an authentication server challenge, and an authentication server signature (Park on [0198-0199] teaches the profile providing server 610 may transfer authentication information (i.e. second message ) comprising  the transaction ID, the DP challenge (i.e. authentication server challenge), the DP_Signal (i.e. signature in view of [0198]), a certificate of a profile providing server, and Cert_ToBe_Used information to the terminal 620, wherein cert_to _be used comprises encryption key information (i.e. public key of authentication server) and certificate type);
wherein the authentication server signature is based on the ephemeral public key of the authentication server, the authentication server challenge, and the identity module challenge and follows a format used for handling remote subscription profile download to the identity module (Park on [0198-0199 and 0208] teaches the profile providing server 610 may then generate DP_Signal. The DP_Signal may be a signature value generated by the profile providing server 610, in which the signature value includes eUICC_Challenge, (i.e. identity module challenge) and DP_Challenge (i.e. authentication challenge) (i.e. The process of Fig 6A-6B is a specific format for downloading profile). Further teaches encryption key information is also used in generating signature by the profile providing server. See also on [0208] teaches the profile providing server 610 may generate DP_Sign2. The DP_Sign2 is a signature value using the pre-stored personal key of the profile providing server. See on [0112] teaches the profile providing server generates digital signature using its personal key);
wherein the third message comprises an ephemeral public key of the communications device and an identity module signature (Park on [0204] teaches the terminal 620 may transmit the profile request message (i.e. third message) to the profile providing server 630. The profile request message transmitted to the profile providing server 630 may include the eUICC authentication information received from the eUICC 630. The message may include the disposable public key of the eUICC (i.e. ephemeral public key) and the eUICC_Signal, the eUICC certificate (i.e. signature in view of [0202]));
wherein the identity module signature is based on the identity module credentials used for remote subscription profile download and is based on the ephemeral public key of the communications device and the authentication server challenge and follows the format used for remote subscription profile download to the identity module (Park on [0202] teaches the eUICC 630 may perform a signature using the personal key, profile installation key  (i.e. credential as part of signature and used in downloading profile) pre-stored in the eUICC 630, including the received DP challenge (i.e. authentication server challenge) along with the disposable public key of the eUICC 630 (i.e. ephemeral public key of communication device) (i.e. The process of Fig 6A-6B is a specific format for downloading profile));
and the authentication server providing the MSK to the network node (Park on [0202-0210] teaches the key pair of the public key and personal key is separately generated at different values even by the profile providing server. When only the public key among the so generated values is swapped with each other, a session key may be shared by combining the public key with the personal key. In this case, the public key becomes disposable, and therefore a new session key may be shared whenever the profile is downloaded (i.e. session key is shared to perform encrypted communication between network node and terminal device));

Although Park teaches generating session key using the shared secret but fails to explicitly teach the authentication server establishing a secret using the ephemeral public key of the communications device and a private key corresponding to the ephemeral public key of the authentication server; the authentication server generating a master session key (MSK)using the established secret, however Le Saint from analogous art teaches 
the authentication server establishing a secret using the ephemeral public key of the communications device and a private key corresponding to the ephemeral public key of the authentication server (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device 101 generates shared secret using ephemeral public key of the access device and private key of the user device);
 the authentication server generating a master session key (MSK)using the established secret (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device generates session key using the shared secret);
 
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Le Saint into the teaching of Park by generating shared secret using ephemeral public key and private key and generating session key using shared secret and encrypting the data using the session key. One would be motivated to do so in order to verify user device certificate based on the encrypted response generated by session key (Le Saint on [0004-0005]).

Although the combination of Park and Le Saint teaches sending primary message to network node but fails to explicitly teach first, second and third message transmitted between communication device and authentication server via network node, however ANSLOT from analogous art teaches
an authentication server receiving a first message transmitted by a network node (ANSLOT on Fig 8 block 60 and text on [0113] teaches transmitting by the terminal device (i.e. communication device) a request message (i.e. primary message in this case) with its unique identifier e-IMSI to MME wherein the MME (i.e. network node) forwards the message e-IMSI to D-HSS (i.e. authentication server in view of [0007] of the reference));
the authentication server transmitting a second message towards the communications device (ANSLOT on Fig 8 block 62, 63 and text on [0115] teaches the terminal receives authentication request message (i.e. second message) containing t-IMSI from MME (i.e. network node) which was transmitted by D-HSS server (i.e. authentication server));
the authentication server receiving a third message transmitted by the network node (ANSLOT on Fig 8 block 68, 69 and text on [0120-0121] teaches the terminal device transmits EMM attach request message containing t-IMSI (i.e. third message) to HSS server (i.e. authentication sever) via MME (i.e. network nodes)).

 Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of ANSLOT into the combined teaching of Park and Le Saint by having first, second and third message transmitted between communication device and authentication server via network node. One would be motivated to do so in order to establish bi-directional communication between server, communication device and network node (ANSLOT on [0001-0004]).

Regarding claim 19 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 18 above Park further teaches establishing a secure connection to the network node before receiving the first message (Park on [0192-0196] teaches before transmitting the primary message to profile providing server the terminal device inputs security code using profile installation key in order to initiate challenge).
Regarding claim 20 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 18 above Park further teaches wherein the first message comprises at least one trusted public key identifier of the identity module used for remote subscription profile download to the identity module (Park on [0194-0196] teaches the terminal 620 requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge, the terminal 620 may transfer the eUICC challenge and the Certificate_Info (i.e. first message) to prfolie providing server. Further teaches the certification information Certificate_Info may include a kind of eUICC certificates and a kind of usable encryption keys (i.e. public key identifier));
the method further comprising: verifying that at least one of the at least one public key identifier is trusted by the authentication server (Park on [0189] teaches the profile providing server 610 may also check the Certificate_Info. It may be checked whether the certificate type is valid. Further, it may be checked whether the encryption key information may be supported by the profile providing server 610. The check may be a process of comparing whether the encryption key information for the signature of the eUICC 630 coincides with the encryption key information which may be verified by the profile providing server 610 with whether the encryption key information for the verification by the eUICC 630 coincides with the encryption key information used to generate the signature by the profile providing server );
 and wherein the second message comprises at least one of the at least one public key identifier trusted by the authentication server (Park on [0296 and 0313] teaches receive encryption key generation data from the electronic apparatus if a verification for the signature information and the certificate succeeds).
Regarding claim 23 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 18 above Park further teaches verifying, by using the identifier and before generating the MSK, that initial network access is to be granted to the communications device (Park on [0118-0123 and 0208] teaches verifying the signature value and if the verification succeeds then generating the session key).

Regarding claim 30 Park teaches a communication device comprising processing circuitry, the processing circuitry being configured to cause the communication device to: (Park on [0009-0014] teaches a communication terminal comprising eUICC circuit);
 transmit a primary message to a network node that is remote from the communications device and the network node is not a component of the communications device (Park on [0194-0196] teaches the terminal 620 (i.e. communication device) requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge (i.e. identity module challenge), the terminal 620 may transfer the eUICC challenge (i.e. primary mssage) and the Certificate_Info to profile providing server (i.e. network node which is not component of the communication device));
wherein the primary message comprises an identity module challenge obtained from an identity module comprising an integrated circuit card (ICC) within the communications device Park on [0043-0044] teaches a universal integrated circuit card (UICC) (i.e. identity module) is a smart card inserted into a mobile communication terminal. See on [0194-0196] teaches the terminal 620 requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge (i.e. identity module challenge), the terminal 620 may transfer the eUICC challenge and the Certificate_Info to profile providing server (i.e. network node));
receive, from the network node, a second message(Park on [0199] teaches the profile providing server 610 (i.e. network node) may transfer authentication information (i.e. second message ) comprising the transaction ID, the DP challenge (i.e. authentication server challenge), the DP_Signal (i.e. signature in view of [0198]), a certificate of a profile providing server, and Cert_ToBe_Used information to the terminal 620);
wherein the second message comprises an [[ephemeral]] public key of the authentication server, an authentication server challenge, and an authentication server signature (Park on [0198-0199] teaches the profile providing server 610 may transfer authentication information (i.e. second message ) comprising  the transaction ID, the DP challenge (i.e. authentication server challenge), the DP_Signal (i.e. signature in view of [0198]), a certificate of a profile providing server, and Cert_ToBe_Used information to the terminal 620, wherein cert_to _be used comprises encryption key information (i.e. public key of authentication server) and certificate type);
wherein the authentication server signature is based on the [[ephemeral]] public key of the authentication server, the authentication server challenge, and the identity module challenge and follows a format used for handling remote subscription profile download to the identity module (Park on [0198-0199 and 0208] teaches the profile providing server 610 may then generate DP_Signal. The DP_Signal may be a signature value generated by the profile providing server 610, in which the signature value includes eUICC_Challenge, (i.e. identity module challenge) and DP_Challenge (i.e. authentication challenge) (i.e. The process of Fig 6A-6B is a specific format for downloading profile). Further teaches encryption key information is also used in generating signature by the profile providing server. See also on [0208] teaches the profile providing server 610 may generate DP_Sign2. The DP_Sign2 is a signature value using the pre-stored personal key of the profile providing server. See on [0112] teaches the profile providing server generates digital signature using its personal key);
wherein the third message comprises an ephemeral public key of the communications device and an identity module signature (Park on [0204] teaches the terminal 620 may transmit the profile request message (i.e. third message) to the profile providing server 630. The profile request message transmitted to the profile providing server 630 may include the eUICC authentication information received from the eUICC 630. The message may include the disposable public key of the eUICC (i.e. ephemeral public key) and the eUICC_Signal, the eUICC certificate (i.e. signature in view of [0202]));
wherein the identity module signature is based on the identity module credentials used for remote subscription profile download and is based on the ephemeral public key of the communications device and the authentication server challenge and follows the format used for remote subscription profile download to the identity module (Park on [0202] teaches the eUICC 630 may perform a signature using the personal key, profile installation key  (i.e. credential as part of signature and used in downloading profile) pre-stored in the eUICC 630, including the received DP challenge (i.e. authentication server challenge) along with the disposable public key of the eUICC 630 (i.e. ephemeral public key of communication device) (i.e. The process of Fig 6A-6B is a specific format for downloading profile));
	Although Park teaches generating session key using the shared secret but fails to explicitly teach the network node is configured to forward the identity module challenge to an authentication server, the communications device transmitting a third message towards the authentication server, the communication device establishing a secret using the ephemeral public key of the authentication server and a private key corresponding to the ephemeral public key of the communications device, the communications device obtaining data for transmission to a network node; the communications device using the MSK to encrypt the data, thereby producing encrypted data; and the communications device transmitting the encrypted data to the network node, however Le Saint from analogous art teaches 
the communication device establishing a secret using the ephemeral public key of the authentication server and a private key corresponding to the ephemeral public key of the communications device (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device 101 generates shared secret using ephemeral public key of the access device and private key of the user device);
the communications device generating a master session key (MSK)using the (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device generates session key using the shared secret);
the communications device obtaining data for transmission to a network node (Le Saint on [0082] teaches obtaining user data and encrypting the user data with session key to generated encrypted response);
the communications device using the MSK to encrypt the data, thereby producing encrypted data (Le Saint on [0049, 0080-0082 and 0118-0119] teaches uses the session key to encrypt response data);
 and the communications device transmitting the encrypted data to the network node (Le Saint on [0049-0051, 0080-0082 and 0118-0119] teaches portable user device 101 sends a response message to access device 101. The response message may include the encrypted response data and other data).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Le Saint into the teaching of Park by generating shared secret using ephemeral public key and private key and generating session key using shared secret and encrypting the data using the session key. One would be motivated to do so in order to verify user device certificate based on the encrypted response generated by session key (Le Saint on [0004-0005]).

Although the combination of Park and Le Saint teaches sending primary message to network node but fails to explicitly teach first, second and third message transmitted between communication device and authentication server via network node, however ANSLOT from analogous art teaches a communications device transmitting a primary message to a network node that is remote from the communications device and the network node is configured to forward the identity module challenge to an authentication server (ANSLOT on Fig 8 block 60 and text on [0113] teaches transmitting by the terminal device (i.e. communication device) a request message (i.e. primary message in this case) with its unique identifier e-IMSI to MME wherein the MME (i.e. network node) forwards the message e-IMSI to D-HSS (i.e. authentication server in view of [0007] of the reference));
 the communications device receiving, from the network node, a second message (ANSLOT on Fig 8 block 62, 63 and text on [0115] teaches the terminal receives authentication request message (i.e. second message) containing t-IMSI from MME (i.e. network node) which was transmitted by D-HSS server (i.e. authentication server));
the communications device transmitting a third message towards the authentication server (ANSLOT on Fig 8 block 68, 69 and text on [0120-0121] teaches the terminal device transmits EMM attach request message containing t-IMSI (i.e. third message) to HSS server (i.e. authentication sever) via MME (i.e. network nodes)).

Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of ANSLOT into the combined teaching of Park and Le Saint by having first, second and third message transmitted between communication device and authentication server via network node. One would be motivated to do so in order to establish bi-directional communication between server, communication device and network node (ANSLOT on [0001-0004]).

Regarding claim 33 Park teaches An authentication server, the authentication server comprising processing circuitry, the processing circuitry being configured to cause the authentication server to (Park on [0012] teaches a profile information transfer server);
receive a first message transmitted by a network node, wherein the first message comprises an identity module challenge that the network node received from a communications device (Park on [0043-0044] teaches a universal integrated circuit card (UICC) (i.e. identity module) is a smart card inserted into a mobile communication terminal. See on [0194-0196] teaches the terminal 620 (i.e. communication device) requests the generation of the eUICC challenge, the eUICC 630 generates the eUICC challenge (i.e. identity module challenge), the terminal 620 may transfer the eUICC challenge and the Certificate_Info to profile providing server (i.e. network node));
transmit a second message towards the communications device, wherein the second message comprises an ephemeral public key of the authentication server, an authentication server challenge, and an authentication server signature (Park on [0198-0199] teaches the profile providing server 610 may transfer authentication information (i.e. second message ) comprising  the transaction ID, the DP challenge (i.e. authentication server challenge), the DP_Signal (i.e. signature in view of [0198]), a certificate of a profile providing server, and Cert_ToBe_Used information to the terminal 620, wherein cert_to _be used comprises encryption key information (i.e. public key of authentication server) and certificate type);
wherein the authentication server signature is based on the ephemeral public key of the authentication server, the authentication server challenge, and the identity module challenge and follows a format used for handling remote subscription profile download to the identity module (Park on [0198-0199 and 0208] teaches the profile providing server 610 may then generate DP_Signal. The DP_Signal may be a signature value generated by the profile providing server 610, in which the signature value includes eUICC_Challenge, (i.e. identity module challenge) and DP_Challenge (i.e. authentication challenge) (i.e. The process of Fig 6A-6B is a specific format for downloading profile). Further teaches encryption key information is also used in generating signature by the profile providing server. See also on [0208] teaches the profile providing server 610 may generate DP_Sign2. The DP_Sign2 is a signature value using the pre-stored personal key of the profile providing server. See on [0112] teaches the profile providing server generates digital signature using its personal key);
wherein the third message comprises an ephemeral public key of the communications device and an identity module signature (Park on [0204] teaches the terminal 620 may transmit the profile request message (i.e. third message) to the profile providing server 630. The profile request message transmitted to the profile providing server 630 may include the eUICC authentication information received from the eUICC 630. The message may include the disposable public key of the eUICC (i.e. ephemeral public key) and the eUICC_Signal, the eUICC certificate (i.e. signature in view of [0202]));
wherein the identity module signature is based on the identity module credentials used for remote subscription profile download and is based on the ephemeral public key of the communications device and the authentication server challenge and follows the format used for remote subscription profile download to the identity module (Park on [0202] teaches the eUICC 630 may perform a signature using the personal key, profile installation key  (i.e. credential as part of signature and used in downloading profile) pre-stored in the eUICC 630, including the received DP challenge (i.e. authentication server challenge) along with the disposable public key of the eUICC 630 (i.e. ephemeral public key of communication device) (i.e. The process of Fig 6A-6B is a specific format for downloading profile));
provide the MSK to the network node (Park on [0202-0210] teaches the key pair of the public key and personal key is separately generated at different values even by the profile providing server. When only the public key among the so generated values is swapped with each other, a session key may be shared by combining the public key with the personal key. In this case, the public key becomes disposable, and therefore a new session key may be shared whenever the profile is downloaded (i.e. session key is shared to perform encrypted communication between network node and terminal device));

Although Park teaches generating session key using the shared secret but fails to explicitly teach the authentication server establishing a secret using the ephemeral public key of the communications device and a private key corresponding to the ephemeral public key of the authentication server; the authentication server generating a master session key (MSK)using the established secret, however Le Saint from analogous art teaches 
establishing a secret using the ephemeral public key of the communications device and a private key corresponding to the ephemeral public key of the authentication server (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device 101 generates shared secret using ephemeral public key of the access device and private key of the user device);
 generating a master session key (MSK)using the established secret (Le Saint on [0049, 0080-0082 and 0118-0119] teaches user device generates session key using the shared secret);
 
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Le Saint into the teaching of Park by generating shared secret using ephemeral public key and private key and generating session key using shared secret and encrypting the data using the session key. One would be motivated to do so in order to verify user device certificate based on the encrypted response generated by session key (Le Saint on [0004-0005]).

Although the combination of Park and Le Saint teaches sending primary message to network node but fails to explicitly teach first, second and third message transmitted between communication device and authentication server via network node, however ANSLOT from analogous art teaches
an authentication server receiving a first message transmitted by a network node (ANSLOT on Fig 8 block 60 and text on [0113] teaches transmitting by the terminal device (i.e. communication device) a request message (i.e. primary message in this case) with its unique identifier e-IMSI to MME wherein the MME (i.e. network node) forwards the message e-IMSI to D-HSS (i.e. authentication server in view of [0007] of the reference));
the authentication server transmitting a second message towards the communications device (ANSLOT on Fig 8 block 62, 63 and text on [0115] teaches the terminal receives authentication request message (i.e. second message) containing t-IMSI from MME (i.e. network node) which was transmitted by D-HSS server (i.e. authentication server));
the authentication server receiving a third message transmitted by the network node (ANSLOT on Fig 8 block 68, 69 and text on [0120-0121] teaches the terminal device transmits EMM attach request message containing t-IMSI (i.e. third message) to HSS server (i.e. authentication sever) via MME (i.e. network nodes)).

 Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of ANSLOT into the combined teaching of Park and Le Saint by having first, second and third message transmitted between communication device and authentication server via network node. One would be motivated to do so in order to establish bi-directional communication between server, communication device and network node (ANSLOT on [0001-0004]).

Regarding claim 39 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above ANSLOT further teaches further comprising:  prior to transmitting the primary message, the communications device transmitting to the network node a network attachment request (ANSLOT on [0007 and 0113-0115] teaches the terminal sends attach request message to MME);
after transmitting the network attachment request, the communication device receiving a request transmitted by the network node  (ANSLOT on [0008 and 0113-0115] teaches  MME then sends two values, a RAND and an AUTN in an Authentication request message to the handset that forwards them in an APDU command to the eUICC. RAND is used for authenticating the eUICC and AUTN for authenticating the network, the MME sends the RAND and AUTN to the eUICC+ in an Authentication request message to initiate a challenge/response (i.e. primary message in response to network identifier ) communication. The RAND/AUTN messages contain t-IMSI).
 after receiving the request transmitted by the network node, the communications device obtaining the identity module challenge from the identity module, wherein the primary message is responsive to the request message transmitted by the network node (ANSLOT on [0008 and 0113-0115] teaches  MME then sends two values, a RAND and an AUTN in an Authentication request message to the handset that forwards them in an APDU command to the eUICC. RAND is used for authenticating the eUICC and AUTN for authenticating the network, the MME sends the RAND and AUTN to the eUICC+ in an Authentication request message to initiate a challenge/response (i.e. primary message in response to network identifier ) communication. The RAND/AUTN messages contain t-IMSI).

Regarding claim 40 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 11 above Park further teaches wherein using the MSK to encrypt the data comprises using the MSK to derive a first encryption key and encrypting the data using the first encryption key (Park on [0210] teaches encrypting is performed by combining the encryption profile package encrypted with a random key randomly pre-generated for the non-encrypted profile package with an encryption random key (i.e. first encryption key) obtained by encrypting the random key with the generated session key.)

Regarding claim 41 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 40 above Le Saint further teaches further comprising: the communications device generating a second encryption key (EKEY) using the established secret; (Le Saint on [0029 and 0052-0053] teaches shared secret may then be used to re-generate the session key (i.e. second session key) and decrypt the encrypted user device data and encrypt response data using session key)
 and the communication device using the second encryption key (EKEY) to encrypt plaintext data, thereby producing encrypted plaintext data, wherein the third message comprises the encrypted plaintext data (Le Saint on [0029 and 0052-0053] teaches shared secret may then be used to re-generate the session key (i.e. second session key) and decrypt the encrypted user device data and encrypt response data using session key).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Le Saint into the teaching of Park by generating shared secret using ephemeral public key and private key and generating session key using shared secret and encrypting the data using the session key. One would be motivated to do so in order to verify user device certificate based on the encrypted response generated by session key (Le Saint on [0004-0005]).

Claims 4, 11, 15, 24 and 27 are rejected under 35 U.S.C. 103 as being unpatentable over Park et al (hereinafter Park) (US 20160301529) in view of Le Saint (US 20150200774) in view of ANSLOT et al (hereinafter ANSLOT) (US 20200015069) and further in view of Townsley et al (hereinafter Townsley) (US 20070204330).

Regarding claim 4 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 2 above Park further teaches prior to transmitting the network attachment request, the communication device determining that it does not have a subscription profile, wherein the communication device transmits the network attachment request as a result of the communication device determining that it does not have the subscription profile, (Park on [0073-0074, 0092 and 0127] teaches transmitting a communication to download profile (i.e. indicates that it does not have profile already installed )).
The combination fails to explicitly teach the network attachment request is an Extensible Authentication Protocol (EAP) based network attachment request, however Townsley from analogous art teaches the network attachment request is an Extensible Authentication Protocol (EAP) based network attachment request (Townsley on [0032] teaches response message formatted according to the Extensible Authentication Protocol (EAP)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Townsley into the combined teaching of Park, Le Saint and ANSLOT by having message in an EAP-Response/Identity. One would be motivated to do so in order perform secure communication between client and server (Townsley on [0032]).

Regarding claim 11 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1, the combination fails to explicitly teach the primary message is an EAP-Response/Identity message, however Townsley from analogous art teaches primary message is an Extensible Authentication Protocol (EAP) EAP-Response/Identity message (Townsley on [0032] teaches response message formatted according to the Extensible Authentication Protocol (EAP)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Townsley into the combined teaching of Park, Le Saint and ANSLOT by having message in an EAP-Response/Identity. One would be motivated to do so in order perform secure communication between client and server (Townsley on [0032]).
Regarding claim 15 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 1 above Park further teaches wherein the second message comprises at least one of the at least one public key identifier as trusted by the authentication server (Park on [0199] teaches the profile providing server 610 may transfer the transaction ID, the DP challenge (i.e. authentication server challenge), the DP_Signal (i.e. signature in view of [0198]), a certificate of a profile providing server, and Cert_ToBe_Used information to the terminal 620, wherein Cert_ToBe_Used encryption key in view of [0208] (i.e. public key identifier)).
The combination fails to explicitly teach the second message is an EAP-Request/Authenticate message and the third message is an EAP-Response/Authenticate message, however Townsley from analogous art teaches the second message is an Extensible Authentication Protocol (EAP) EAP-Request/Authenticate message (Townsley on [0032] teaches response message formatted according to Extensible Authentication Protocol (EAP)).
and the third message is an EAP-Response/Authenticate message (Townsley on [0032] teaches response message formatted according to the Extensible Authentication Protocol (EAP)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Townsley into the combined teaching of Park, Le Saint and ANSLOT by having message in an EAP-Response/Identity. One would be motivated to do so in order perform secure communication between client and server (Townsley on [0032]).

Regarding claim 24 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 18 above Park further teaches the ephemeral public keys are ephemeral Elliptic Curve public keys (Park on [0060] teaches The PPC may include at least one of a symmetric key, a rivest shamir adleman (RSA) certificate and personal key, an elliptic curved cryptography (ECC) certificate and personal key, and a root certification authority (root CA) and certificate chain);
Le Saint teaches the credentials comprise a private key, a certificate certifying the public key corresponding to the private key, and trusted public key identifiers (Le Saint on [0019-0022 and 0066-0068] teaches certificate including public key of public private key pair, serial number, hash data and signed using private key).
The combination fails to explicitly teach wherein all messages transmitted between the communications device and the authentication server are Extensible Authentication Protocol messages, however Townsley from analogous art teaches wherein all messages transmitted between the communications device and the authentication server are Extensible Authentication Protocol messages (Townsley on [0032] teaches response message formatted according to the Extensible Authentication Protocol (EAP)).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Townsley into the combined teaching of Park, Le Saint and ANSLOT by having message in an EAP-Response/Identity. One would be motivated to do so in order perform secure communication between client and server (Townsley on [0032]).

Regarding claim 27 the combination of Park, Le Saint and ANSLOT teaches all the limitations of claim 18 above Park further teaches the identity module is an universal integrated-circuit card, UICC, an embedded universal integrated-circuit card, eUICC, or an integrated universal integrated-circuit card, iUICC  (Park on [0043] teaches  a universal integrated circuit card (UICC) is a smart card inserted into a mobile communication terminal and describes a chip storing personal information such as network access authentication information on a mobile communication subscriber, a telephone directory, and short message service (SMS) to perform subscriber authentication and a generation of a traffic security key upon an access to mobile communication networks such as global system for mobile communications (GSM), wideband code division multiple access (WCDMA), and long term evolution (LTE), thereby implementing the use of the safe mobile communication. The UICC includes communication applications such as a subscriber identification module (SIM), a universal SIM (USIM), and an internet protocol (IP) multimedia SIM (ISIM);
 and the remote subscription profile download follows the GSMA Remote SIM Provisioning, RSP, protocol (Park on [0043] teaches  a universal integrated circuit card (UICC) is a smart card inserted into a mobile communication terminal and describes a chip storing personal information such as network access authentication information on a mobile communication subscriber, a telephone directory, and short message service (SMS) to perform subscriber authentication and a generation of a traffic security key upon an access to mobile communication networks such as global system for mobile communications (GSM), wideband code division multiple access (WCDMA), and long term evolution (LTE), thereby implementing the use of the safe mobile communication. The UICC includes communication applications such as a subscriber identification module (SIM), a universal SIM (USIM), and an internet protocol (IP) multimedia SIM (ISIM).
	The combination fails to explicitly teach wherein the authentication server is an Authentication, Authorization and Accounting server, an Authentication Server Function server, or a Mobility Management Entity, however Townsley from analogous art teaches wherein the authentication server is an Authentication, Authorization and Accounting server, an Authentication Server Function server, or a Mobility Management Entity (Townsley on [0035] teaches end nodes 120 include Authentication, Authorization, Accounting (AAA) server host 120e, and a DHCP server host 120f.).
Thus, it would have been obvious to one ordinary skill in the art before the effective filing date to implement the teaching of Townsley into the combined teaching of Park, Le Saint and ANSLOT by having the authentication server is an Authentication, Authorization and Accounting server. One would be motivated to do so in order perform secure communication between client and server (Townsley on [0032]).

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOEEN KHAN whose telephone number is (571)272-3522. The examiner can normally be reached 7AM-5PM EST M-TH Alternate Fridays.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Shewaye Gelagay can be reached on (571)272-4219. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MOEEN KHAN/               Examiner, Art Unit 2436