T 0755/20 (Implicit authentication in an NGN system using the line ID / Telekom) of 29.10.2020

European Case Law Identifier: ECLI:EP:BA:2020:T075520.20201029
Date of decision: 29 October 2020
Case number: T 0755/20
Application number: 11729565.9
IPC class: H04L12/24
H04L12/28
H04L29/08
H04L29/06
Language of proceedings: EN
Distribution: D
Download and more information:
Decision text in EN (PDF, 395 KB)
Documentation of the appeal procedure can be found in the Register
Bibliographic information is available in: EN
Versions: Unpublished
Title of application: METHOD AND SYSTEM FOR EFFICIENT USE OF A TELECOMMUNICATION NETWORK AND THE CONNECTION BETWEEN THE TELECOMMUNICATIONS NETWORK AND A CUSTOMER PREMISES EQUIPMENT
Applicant name: Deutsche Telekom AG
Opponent name: -
Board: 3.5.05
Headnote: -
Relevant legal provisions:
European Patent Convention Art 56 (2007)
European Patent Convention Art 83 (2007)
European Patent Convention Art 84 (2007)
RPBA2020 Art 011 (2020)
RPBA2020 Art 012(6) (2020)
RPBA2020 Art 013(1) (2020)
Keywords: Claims - clarity (yes)
Sufficiency of disclosure - (yes)
Inventive step - (no)
Remittal - (no)
Amendment to appeal case - amendment overcomes issues raised (yes)
Catchwords:

-

Cited decisions:
T 0197/10
Citing decisions:
-

Summary of Facts and Submissions

I. The appeal is against the decision of the examining division to refuse European patent application No. 11729565.9.

II. The examining division made reference to, inter alia, the following documents:

D1|"Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Security; Security Architecture", European Telecommunications Standards Institute (ETSI)DRAFT TS 187 003 V3.2.0, 15 June 2010, XP014055854 |

D2|"Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Functional Architecture", European Telecommunications Standards Institute (ETSI) DRAFT; ETSI ES 282 001 V3.0.0, 9 February 2009, XP014057066 |

D3|"Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); NGN Functional Architecture; Network Attachment Sub-System (NASS)", European Telecommunications Standards Institute (ETSI) STANDARD; ETSI ES 282 004 V3.4.1, March 2010, XP014046256 |

D4|"Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Resource and Admission Control Sub-System (RACS): Functional Architecture", European Telecommunications Standards Institute (ETSI)STANDARD; ETSI ES 282 003 V3.4.2, April 2010, XP014046255|

D5|Rebecca Copeland: "Converging NGN Wireline and Mobile 3G Networks with IMS: Converging NGN and 3G Mobile - Chapter 'Network Admission'", 22 December 2008 (2008-12-22), Auerbach Publications 2008, ISBN: 978-1-42-001378-8 pages 117-155 |

III. The examining division decided that the patent application did not disclose the claimed invention in a manner sufficiently clear and complete for it to be carried out by a person skilled in the art (Article 83 EPC). In an obiter dictum, the decision made reference to an assessment of novelty and inventive step (Articles 54(1) and 56 EPC) which had been provided in the summons and the brief communication dated 3 December 2019 for an earlier claim set.

IV. In its statement setting out the grounds of appeal, the appellant (applicant) requested that a patent be granted based on the claims as originally filed. On an auxiliary basis, the appellant requested that a patent be granted based on the claims considered in the impugned decision. On an auxiliary basis, the appellant requested that the case be remitted to the department whose decision was appealed for further prosecution.

V. The board issued a summons to oral proceedings. In an annex to the summons, the board set out its provisional view of the case (Article 15(1) RPBA 2020).

The board considered that the main request was not admissible since it related to a request that was no longer maintained (Article 12(6) RPBA 2020).

With respect to the auxiliary request, the board asserted that claim 1 would meet the requirements of Article 84 EPC and thus its wording was not open to interpretation, contrary to the decision under appeal. On the other hand, the board raised an objection pursuant to Article 84 EPC against independent claim 7. Further contrary to the decision under appeal, the board expressed its view that claim 1 would meet the requirements of Article 83 EPC.

In addition to what had been decided by the examining division, the board gave its preliminary opinion on inventive step of claim 1 of the auxiliary request. In the board's opinion, claim 1 failed to meet the requirements of Article 56 EPC. In the absence of a technical effect caused by either of the distinguishing features, no objective technical problem existed which could be used to support an inventive step.

VI. In a reply dated 25 September 2020, the appellant submitted a new main request, replacing the previous main and auxiliary request.

VII. Oral proceedings were held on 29 October 2020. The appellant requested that the decision under appeal be set aside and that a patent be granted on the basis of claims 1 to 6 of the main request submitted with the letter dated 25 September 2020.

VIII. Claim 1 reads as follows (features labelled by the board):

Method for efficient establishing and/or configuring of a connection between a telecommunications network (5) and a CPE (10) via an access node (20), wherein the telecommunication network (5) is a next generation network (5), the method comprising the steps of:

(i) establishing a physical communication channel between the access node (20) of the telecommunications network (5) and the CPE (10), the physical communication channel being represented by a line ID information related to the access node (20),

(ii) the CPE (10) requesting a telecommunications network service, wherein the access node (20) complements the request of the CPE (10) by the line ID information and a port ID information, wherein the port ID information identifies a port of the access node (20) which is connected to the physical connection towards the CPE (10), wherein the line ID information and port ID information are known in a trusted manner to the telecommunication network (5),

(iii) an Internet Protocol Edge node (30) of the telecommunications network (5) providing a public or private Internet Protocol address to the CPE (10) for use by the CPE (10) to communicate with the Internet Protocol Edge node (30), the Internet Protocol address being associated with the line ID information and an Internet Protocol session (IP session) or connection realizing a logical communication channel being initiated between the Internet Protocol Edge node (30) of the telecommunications network (5) and the CPE (10), wherein the logical communication channel is established by using the line ID information and the port ID information as authentication information,

(iv) the Internet Protocol Edge node (30) initially assigning a first functionality level to the public or private Internet Protocol address, wherein the first functionality level is a reduced functionality level that permits only access to a limited range of target Internet Protocol addresses,

(v) the Internet Protocol Edge node (30) assigning a second functionality level to the public or private Internet Protocol address, in case that the telecommunications network (5) is able to relate the line ID information to a contract related identification information, wherein the second functionality level is an increased functionality level that permits access to an enhanced range of target Internet Protocol addresses, wherein the contract related identification information corresponds to a user,

(vi) relating the line ID information to the contract related identification information comprising an authentication based on a Network Attachment Subsystem (NASS).

Reasons for the Decision

1. The present application concerns a next generation network (NGN) providing authenticated access to a telecommunications network service. For the authentication of the customer premises equipment (CPE), the "line ID" and the "port ID" relating to the physical line and physical port, respectively, are used. The CPE may be authorised at a reduced or increased functionality level, depending on contract data.

2. Documents D1-D4 are ETSI TISPAN standardisation documents, disclosing the ETSI TISPAN architecture and explaining the functionality of the different entities. Since they disclose complementing aspects of the same system, documents D1-D4 are treated as a single document.

3. Admissibility

The set of claims submitted on 25 September 2020 addresses the objections pursuant to Article 84 EPC raised for the first time in the summons of the board. Since the amendments overcome these objections in deleting the objected claims without giving rise to new objections, the board decides to admit this set of claims into the procedure (Article 13(1) RPBA 2020).

4. Clarity (Article 84 EPC)

The board considers that independent claims 1 and 5 are clear and thus fulfil the requirements of Article 84 EPC.

Notably, the board asserts that the feature "an Internet Protocol Edge node ... [provides] a public or private IP address" is clear and possesses a precise meaning in the art. Therefore, this feature is not open to interpretation and has to be used in the analysis regarding the remaining requirements of the EPC as worded by the appellant (in line with T0197/10).

In addition, the board considers that, as correctly argued by the appellant, the terms "line" and "port" are commonly known in telecommunication networks. In the present context, "line" denotes the subscriber (copper) line and "port" the port of the DSLAM which the subscriber line is connected to.

5. Sufficiency of disclosure (Article 83 EPC)

Using its interpretation of "provides", the examining division considered that the skilled person would have been confronted with the task of moving the IP address allocation functionality from the NASS to the IP edge node. However, the application does not give further details on the dependencies and other changes that would be necessary to move this functionality to the IP edge node. The examining division therefore concluded that the skilled person would not have been able to implement the invention using common general knowledge.

The board asserts that, when attempting to implement this feature as actually worded, the skilled person would have been merely faced with the task of making available an already allocated IP address to the IP edge node. Especially since this was already disclosed in document D1 (see below), the skilled person would not have encountered any obstacles when trying to implement the claimed invention in the NGN system known from the cited prior art.

Therefore, the board considers that the independent claims fulfil the requirements of Article 83 EPC.

6. No remittal

The board decides that although the decision under appeal does not deal with the further issues of novelty and inventive step, it is more sensible to continue the appeal proceedings in this case in view of further related applications pending to promote the examination proceedings as suggested by the appellant in its statement setting out the grounds of appeal (Article 11 RPBA 2020). Albeit not considered in the impugned decision, the board notes that novelty was previously discussed during the examination procedure for an earlier claim version, containing many of the features of the present independent claims.

7. Patentability

7.1

7.2 Novelty (Article 54(2) EPC)

7.2.1 Based on the passages cited during the examination procedure, documents D1-D4 disclose the features of claim 1 as follows (the references in parentheses referring to the respective documents; strike-through is used to mark undisclosed features; alternative features disclosed in these documents are underlined):

Method for efficient establishing and/or configuring of a connection between a telecommunications network (see D2, figure 2a and figure A.1: Access Transport Network/Core Transport Network) and a CPE ("User Equipment", see D2, figure 2a; "RGW [Residential Gateway]", see D2, figure A.1) via an access node ("Access Node", see D2, figure 2a and figure A.1), wherein the telecommuni­cation network is a next generation network ("NGN", see titles of D1, D2, etc.),

the method comprising the steps of:

(i) establishing a physical communication channel between the access node of the telecommunications network and the CPE ("Access segment", see D2, figure 2a), the physical communication channel being represented by a line ID information related to the access node (implied by: "binding between the IP address and the location information (contains the Line Identifier)", see D1, sect. D.1, step 1),

(ii) the CPE requesting a telecommunications network service ("accessing the IMS", see D3, sect. 5.2.1), wherein the [deleted: access node] P-CSCF complements the request of the CPE by the line ID information [deleted: and a port ID information], wherein [deleted: the] a port ID information identifies a port of the access node which is connected to the physical connection towards the CPE, wherein the line ID information [deleted: and port ID information are] is known in a trusted manner to the telecommunication network ("The P-CSCF embeds the location information [containing the Line Identifier] into the SIP message and forwards it towards the S-CSCF for verification", see D1, sect. 4.4.1),

(iii) an Internet Protocol Edge node (D2, figure A.1 shows that all access transport passes through the "IP edge node") of the telecommunications network providing a public or private Internet Protocol address to the CPE for use by the CPE to communicate with the Internet Protocol Edge node ("During the network attachment, the NASS authenticates the UE and allocates an IP address", see D1, sect. 4.4.1), the Internet Protocol address being associated with the line ID information ("binding between the IP address and the location information (contains the Line Identifier), which the user holds per the xDSL connectivity", see D1, sect. D.1, step 1) and an IP session or connection realizing a logical communication channel being initiated between the Internet Protocol Edge node of the telecommunications network and the CPE (IP transport drawn from RGW to IP edge node, see D2, figure A.1), wherein the logical communication channel is established by using the line ID information [deleted: and the port ID information] as authentication information (see D1, page 54, item 'R-IR-3'),

(iv) the Internet Protocol Edge node initially assigning a first functionality level to the public or private Internet Protocol address, wherein the first functionality level is a reduced functionality level that permits only access to a limited range of target Internet Protocol addresses (implied by: "authorization may be granted without requiring authentication or identification e.g. emergency call services", see D3, sect. 3.1, item 'authorization'; Note: this is commonly known and referred to as 'basic network service', see, e.g. D5, page 137, item 1),

(v) the Internet Protocol Edge node assigning a second functionality level to the public or private Internet Protocol address, in case that the telecommunications network is able to relate the line ID information to a contract related identification information ("upon successful authentication of the NASS User", see D3, sect. 5.3.4.1), wherein the second functionality level is an increased functionality level that permits access to an enhanced range of target Internet Protocol addresses ("list of default destination IP addresses ... to which traffic can be sent", see D3, page 20, table 5.5, row 22), wherein the contract related identification information corresponds to a user (implied),

(vi) relating the line ID information ("location information" wherein "location information contains the Line Identifier", see D1, sect. D.1, step 1) to the contract related identification information ("The S-CSCF verifies this location information with the location information obtained from the UPSF [User Profile Server Function]", see D1, sect. 4.4.1) comprising an authentication based on a Network Attachment Subsystem NASS ("extending the successful authentication in the NASS layer to the service layer", see D1, sect. 4.4.1).

7.2.2 The differences between the subject-matter of claim 1 and what is known from documents D1-D4 reside in that (differences marked by underlining):

(A) "the access node complements the request of the CPE by the line ID information and a port ID information"

(B) "the logical communication channel is established by using the line ID information and the port ID information as authentication information"

7.2.3 The subject-matter of claim 1 is therefore novel.

7.3 Inventive step (Article 56 EPC)

In the present context, "line" denotes the subscriber (e.g. copper) line and "port" the port of the access node (e.g. DSLAM) which the subscriber line is connected to. From this definition of "line" and "port", it follows that there is a fixed relationship between the "port ID" and the "line ID". Therefore, the board asserts that no technical effect is derivable from using the "port ID" in addition to the "line ID", as defined in difference (B) and the second part of difference (A). Furthermore, there are no special properties caused by the "access node" complementing the request of the CPE (see difference (A), first part), instead of the "P-CSCF" as known from the prior art documents D1-D4 (see the passage cited with respect to feature (ii) above).

In the absence of a technical effect caused by either of these distinguishing features (A) and (B), no objective technical problem exists which could be used to support an inventive step.

7.4 Arguments of the appellant

7.4.1 The appellant argues that using the "port ID" in addition to the "line ID" would only be redundant if there were a fixed pairing of these identifiers known to all network components.

The board notes that claim 1 specifies the latter: "wherein the line ID information and port ID information are known in a trusted manner to the telecommunication network", the telecommunication network comprising "the access node (20) of the telecommuni­cations network (5)". Hence, the board maintains its view that it is redundant to use the "port ID" in addition to the "line ID".

7.4.2 Furthermore, the appellant argues that the invention deals with the case where the access node is unaware of the "line ID".

The board considers that this case is not covered by the wording of claim 1, which mandates that "the access node (20) complements the request of the CPE (10) by the line ID information". Hence, this argument does not relate to the invention as claimed and thus fails to convince the board as well.

7.4.3 In addition, the appellant argues that the invention would solve the problem of creating an inventory comprising the mapping between "line ID" and "port ID" "in a trusted manner". The access node provides "line ID" and "port ID" information during the initial set-up, thus facilitating that a reliable inventory is created in the telecommunication network (see the description from paragraph [0068] onwards).

The board is not convinced by this argument since claim 1 does not specify how the network gains its knowledge about "the line ID information and port ID information" that are "known in a trusted manner". Since this knowledge could also be provided by a trusted source, claim 1 neither comprises nor implies the step of matching the then trusted entries with the actual line/port set-up, as alleged by the appellant.

7.4.4 The appellant also argues that by additionally considering the "port ID", it is possible to make use of the port status and detect a mismatch between the "line ID" and the "port ID", as disclosed in paragraphs [0079]-[0084] of the description. In particular, in case of a mismatch between "port ID" and "line ID", provision of the telecommunications network service may be denied. According to the appellant, this solves the technical problem of verifying whether a service request is trustworthy.

The board is not convinced by this argument either since the wording of claim 1 fails to recite any features relating to port status or to detecting such a mismatch. In particular, claim 1 does not refer to the denial of the telecommunications network service. Thus, the problem formulated by the appellant is not solved by the claimed subject-matter.

7.4.5 Moreover, the appellant contests that documents D1-D4 constitute the closest prior art since a DSLAM would not be able to process the SIP messages disclosed in these documents.

The board asserts that the wording of claim 1 is not limited to a DSLAM. Thus, the board concludes that no such incompatibility between the teaching of documents D1-D4 and the invention according to claim 1 exists.

7.4.6 Finally, the appellant argues in favour of an inventive step caused by the distinguishing feature (A), first part, by stating that this difference would cause the technical effect of increasing efficiency by avoiding data transfers and that the underlying technical problem was to increase the efficiency of the communication flow in the network.

The board notes that this alleged technical effect is not credibly achieved and thus the underlying technical problem not solved. In the case of the access node (rather than the P-CSCF) complementing the request of the CPE by the "line ID" information and the "port ID" information, these identifiers are transmitted from the access node to the P-CSCF with each request message. This increases the amount of data transmitted rather than decreasing it as alleged by the appellant. As a consequence, this argument also fails to convince the board.

7.5 Consequently, the board considers that the subject-matter of claim 1 is not inventive.

8. Thus, the appeal is not allowable.

Order

For these reasons it is decided that:

The appeal is dismissed.

Quick Navigation