DETAILED ACTION
This first non-final action is in response to applicants’ filing on 07/15/2019.  Claims 1-20 are currently pending and have been considered as follows.
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
Drawings
The drawings filed on 07/15/2019 are accepted.
Information Disclosure Statement
The information disclosure statement (IDS) submitted on 04/28/2020 has been placed in the application file, and the information referred therein has been considered as to the merits.
Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claim 20 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 20 recites the limitations "the condition" in line 1, “the information” in line 2, and “the message” in line 2.  There is insufficient antecedent basis for these limitations in the claim.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

This application currently names joint inventors. In considering patentability of the claims the examiner presumes that the subject matter of the various claims was commonly owned as of the effective filing date of the claimed invention(s) absent any evidence to the contrary.  Applicant is advised of the obligation under 37 CFR 1.56 to point out the inventor and effective filing dates of each claim that was not commonly owned as of the effective filing date of the later invention in order for the examiner to consider the applicability of 35 U.S.C. 102(b)(2)(C) for any potential 35 U.S.C. 102(a)(2) prior art against the later invention.
Claims 1, 5-8, 12-15, and 18-20 are rejected under 35 U.S.C. 103 as being unpatentable over Birtwhistle et al. (US 20130173473 A1, hereinafter Birtwhistle) in view of XIONG (US 20120066501 A1).
As to Claim 1:
Birtwhistle discloses a method for authenticating a network device residing in a clinical environment using a token (e.g. Birtwhistle method for authenticating a medical device by an authentication server using a cryptographic token [Abstract]; clinical environment [0026]; diabetes management system [0030]; medical device module such as laptop computer, mobile device [0041]), the method comprising:
processing an authentication request from the network device residing in the clinical environment (e.g. Birtwhistle in response to user input request to pair the account, the medical device module generates pairing data request and transmits to the server module [0054]) via a first network connection (e.g. Birtwhistle communication using SOAP over internet or one or more networks [0044]), wherein the authentication request includes identifying information associated with the clinical environment (e.g. Birtwhistle pairing data request includes unique identifiers (GUID) of datastores [0054]), and wherein the clinical environment includes one or more infusion pumps in communication with the network device (e.g. Birtwhistle infusion pump [0007]; [0016]; insulin pump in communication using wireless interfaces [0028]-[0030] with medical device module [0041]);
identifying login credentials to be used to authenticate the network device residing in the clinical environment (e.g. Birtwhistle user input indicates username and a password [0054] for authentication by server module [0055]);
transmitting the login credentials to an authentication system configured to authenticate requests from the network device residing in the clinical environment (e.g. Birtwhistle transmitting the username and password input by the user [0054] to the server module [0055]);
receiving a security token from the authentication system (e.g. Birtwhistle receiving response including cryptographic token from the server module if the username and password are associated with an account that exists [0055]), the security token being usable by the network device to transmit requests to the authentication system via the second network connection (e.g. Birtwhistle “the medical device module 504 may update the data collection/synchronization application 506 such that the token 708 is transmitted for authentication each time a synchronization is attempted. The medical device module 504 transmits the token 708 to the server module 512 for authentication by the server module 512 each time before the medical data stored in the datastore 510 is synchronized with the medical data stored in the datastore 524 for the account. The server module 512 can identify the medical device module 504 and the associated account based on the token 708, and the medical data can then be synchronized” [0056]; transmitting the token to the server module as indicated by connection 904 in FIG. 10 [0064])
transmitting the security token to the network device residing in the clinical environment via the first network connection (e.g. Birtwhistle transmitting the  cryptographic token to the medical device module [0055] via communication using SOAP over internet or one or more networks [0044]);
But Birtwhistle does not specifically disclose:
transmitting the login credentials via a second network connection different from the first network connection.
However, the analogous art XIONG does disclose transmitting the login credentials via a second network connection different from the first network connection (e.g. XIONG sending authentication credentials to the server through a second communication channel being different from the first communication channel [0012]).  Birtwhistle and XIONG are analogous art because they are from the same field of endeavor in user device authentication through transmitted credentials.
(e.g. see XIONG, “a method of multi-channel authentication of a user, wherein the user uses a handheld electronic device in communication with a server of a service provider and a terminal. The method includes the device sending an authentication request to the server through a first communication channel; the device receiving an instruction message generated by the server based on the authentication request through the first communication channel; the device sending authentication credentials to the server through a second communication channel based on the instruction message, the second communication channel being different from the first communication channel; and the terminal receiving [0012]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle and XIONG before him or her, to modify the invention of Birtwhistle with the teachings of XIONG to include transmitting the login credentials via a second network connection different from the first network connection as claimed because Birtwhistle provides a system and method for authenticating user device requests through credentials and tokens (Birtwhistle [Abstract]-[0090]) which could be communicated through different communication channels (XIONG [0012]).  The suggestion/motivation for doing so would have been to provide a multi-channel ID authentication and transaction control system and method, which is capable of providing full management capacity to service providers without requiring a centralized station (XIONG [0002]).  Therefore, it would have been obvious to combine Birtwhistle and XIONG to obtain the invention as specified in the instant claim(s).
As to Claim 5:
Birtwhistle in view of XIONG discloses the method of claim 1, wherein the first network connection and the second network connection are both established over a wide area network (e.g. Birtwhistle communicate via the internet or one or more networks [0044]).
As to Claim 6:
Birtwhistle in view of XIONG discloses the method of claim 1, further comprising receiving a message from the network device residing in the clinical environment via the (e.g. Birtwhistle “The diabetes management device 104 performs various tasks including measuring and recording bG measurements, determining an amount of insulin to be administered to the patient 100 via the insulin pump 204, receiving user input via a user interface, archiving data, performing structured bG tests, etc. The diabetes management device 104 can transmit instructions to the insulin pump 204, and the insulin pump 204 selectively delivers insulin to the patient 100. Insulin can be delivered in the form of a meal bolus dose, a correction bolus dose, a basal dose, etc” [0029]; [0036]; “The medical device module 504 receives the medical data from one or more input/output (I/O) devices 508. The I/O devices 508 may include, for example, a keyboard, a mouse, a scanner/recognizer, one or more computers and/or servers, one or more medical devices, such as the diabetes management device 104, the CGM 200, the insulin pump 204… The medical device module 504 stores the medical data in a datastore 510” [0042]).
As to Claim 7:
Birtwhistle in view of XIONG discloses the method of claim 6, wherein the network device is configured to communicate with the one or more infusion pumps over a local area network (e.g. Birtwhistle “The diabetes management device 104 can be configured as a system "hub" and communicate with one or more of the other devices of the system 300. The insulin pump 204, the mobile device 302, or another suitable device can alternatively serve as the system hub. Communication between various devices in the system 300 can be performed using wireless interfaces (e.g., Bluetooth) and/or wired interfaces (e.g., USB). Communication protocols used by these devices can include protocols compliant with the IEEE 11073 standard” [0030]; XIONG “The device 2102 can directly communicate with the server 2106, as shown in FIG. 19A. This direct communication can be implemented through the network capacity of the device 2102, such as 2G, 3G or WIFI communication or the like” [0089]).  The Examiner supplies the same rationale for the combination of references Birtwhistle and XIONG as in Claim 1 above.
As to Claim 8:
Birtwhistle discloses a system configured to authenticate a network device residing in a clinical environment using a token (e.g. Birtwhistle method for authenticating a medical device by an authentication server using a cryptographic token [Abstract]; clinical environment [0026]; diabetes management system [0030]; medical device module such as laptop computer, mobile device [0041]), the system comprising:
one or more processors (e.g. Birtwhistle processor [0037]); and
one or more memories (e.g. Birtwhistle memory that stores code executed by the processor [0037]; [0038]; [0039]) in communication with the one or more processors and storing computer-executable instructions that, when executed by the one or more processors, configure the one or more processors to:
process an authentication request from the network device residing in the clinical environment (e.g. Birtwhistle in response to user input request to pair the account, the medical device module generates pairing data request and transmits to the server module [0054]) via a first network connection (e.g. Birtwhistle communication using SOAP over internet or one or more networks [0044]), wherein the authentication request includes identifying information associated with the clinical environment (e.g. Birtwhistle pairing data request includes unique identifiers (GUID) of datastores [0054]), and wherein the clinical environment includes one or more infusion pumps in communication with the network device (e.g. Birtwhistle infusion pump [0007]; [0016]; insulin pump in communication using wireless interfaces [0028]-[0030] with medical device module [0041]);
identify login credentials to be used to authenticate the network device residing in the clinical environment (e.g. Birtwhistle user input indicates username and a password [0054] for authentication by server module [0055]);
cause the login credentials to be transmitted to an authentication system configured to authenticate requests from the network device residing in the clinical environment (e.g. Birtwhistle transmitting the username and password input by the user [0054] to the server module [0055]);
receive a security token from the authentication system (e.g. Birtwhistle receiving response including cryptographic token from the server module if the username and password are associated with an account that exists [0055]), the security token being usable by the network device to transmit requests to the authentication system via the second network connection (e.g. Birtwhistle “the medical device module 504 may update the data collection/synchronization application 506 such that the token 708 is transmitted for authentication each time a synchronization is attempted. The medical device module 504 transmits the token 708 to the server module 512 for authentication by the server module 512 each time before the medical data stored in the datastore 510 is synchronized with the medical data stored in the datastore 524 for the account. The server module 512 can identify the medical device module 504 and the associated account based on the token 708, and the medical data can then be synchronized” [0056]; transmitting the token to the server module as indicated by connection 904 in FIG. 10 [0064]); and
cause the security token to be transmitted to the network device residing in the clinical environment via the first network connection (e.g. Birtwhistle transmitting the  cryptographic token to the medical device module [0055] via communication using SOAP over internet or one or more networks [0044]);
But Birtwhistle does not specifically disclose:
transmitting the login credentials via a second network connection different from the first network connection.
However, the analogous art XIONG does disclose transmitting the login credentials via a second network connection different from the first network connection (e.g. XIONG sending authentication credentials to the server through a second communication channel being different from the first communication channel [0012]).  Birtwhistle and XIONG are analogous art because they are from the same field of endeavor in user device authentication through transmitted credentials.
(e.g. see XIONG, “a method of multi-channel authentication of a user, wherein the user uses a handheld electronic device in communication with a server of a service provider and a terminal. The method includes the device sending an authentication request to the server through a first communication channel; the device receiving an instruction message generated by the server based on the authentication request through the first communication channel; the device sending authentication credentials to the server through a second communication channel based on the instruction message, the second communication channel being different from the first communication channel; and the terminal receiving an authentication message generated by the server based on the authentication credentials” [0012]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle and XIONG before him or her, to modify the invention of Birtwhistle with the teachings of XIONG to include transmitting the login credentials via a second network connection different from the first network connection as claimed because Birtwhistle provides a system and method for authenticating user device requests through credentials and tokens (Birtwhistle [Abstract]-[0090]) which could be communicated through different communication channels (XIONG [0012]).  The suggestion/motivation for doing so would have been to provide a multi-channel ID authentication and transaction control system and method, which is capable of providing full management capacity to service  (XIONG [0002]).  Therefore, it would have been obvious to combine Birtwhistle and XIONG to obtain the invention as specified in the instant claim(s).
As to Claim 12:
Birtwhistle in view of XIONG discloses the system of claim 8, wherein the first network connection and the second network connection are both established over a wide area network (e.g. Birtwhistle communicate via the internet or one or more networks [0044]).
As to Claim 13:
Birtwhistle in view of XIONG discloses the system of claim 8, wherein the computer-executable instructions, when executed by the one or more processors, further configure the one or more processors to receive a message from the network device residing in the clinical environment via the first network connection, wherein the messages include information associated with the one or more infusion pumps in communication with the network device (e.g. Birtwhistle “The diabetes management device 104 performs various tasks including measuring and recording bG measurements, determining an amount of insulin to be administered to the patient 100 via the insulin pump 204, receiving user input via a user interface, archiving data, performing structured bG tests, etc. The diabetes management device 104 can transmit instructions to the insulin pump 204, and the insulin pump 204 selectively delivers insulin to the patient 100. Insulin can be delivered in the form of a meal bolus dose, a correction bolus dose, a basal dose, etc” [0029]; [0036]; “The medical device module 504 receives the medical data from one or more input/output (I/O) devices 508. The I/O devices 508 may include, for example, a keyboard, a mouse, a scanner/recognizer, one or more computers and/or servers, one or more medical devices, such as the diabetes management device 104, the CGM 200, the insulin pump 204… The medical device module 504 stores the medical data in a datastore 510” [0042]).
As to Claim 14:
Birtwhistle in view of XIONG discloses the system of claim 13, wherein the network device is configured to communicate with the one or more infusion pumps over a local area network (e.g. Birtwhistle “The diabetes management device 104 can be configured as a system "hub" and communicate with one or more of the other devices of the system 300. The insulin pump 204, the mobile device 302, or another suitable device can alternatively serve as the system hub. Communication between various devices in the system 300 can be performed using wireless interfaces (e.g., Bluetooth) and/or wired interfaces (e.g., USB). Communication protocols used by these devices can include protocols compliant with the IEEE 11073 standard” [0030]; XIONG “The device 2102 can directly communicate with the server 2106, as shown in FIG. 19A. This direct communication can be implemented through the network capacity of the device 2102, such as 2G, 3G or WIFI communication or the like” [0089]).  The Examiner supplies the same rationale for the combination of references Birtwhistle and XIONG as in Claim 8 above.


As to Claim 15:
Birtwhistle discloses Non-transitory physical computer storage storing computer-executable instructions that (e.g. Birtwhistle memory that stores code executed by the processor [0037]; [0038]; [0039]), when executed by one or more computing devices (e.g. Birtwhistle “a laptop computer, a desktop computer, a mobile device or tablet, or another suitable type of medical device that receives electronic medical data” [0041]), configure the one or more computing devices to:
process an authentication request from the network device residing in the clinical environment (e.g. Birtwhistle in response to user input request to pair the account, the medical device module generates pairing data request and transmits to the server module [0054]) via a first network connection (e.g. Birtwhistle communication using SOAP over internet or one or more networks [0044]), wherein the authentication request includes identifying information associated with the clinical environment (e.g. Birtwhistle pairing data request includes unique identifiers (GUID) of datastores [0054]), and wherein the clinical environment includes one or more infusion pumps in communication with the network device (e.g. Birtwhistle infusion pump [0007]; [0016]; insulin pump in communication using wireless interfaces [0028]-[0030] with medical device module [0041]);
identify login credentials to be used to authenticate the network device residing in the clinical environment (e.g. Birtwhistle user input indicates username and a password [0054] for authentication by server module [0055])
cause the login credentials to be transmitted to an authentication system configured to authenticate requests from the network device residing in the clinical environment (e.g. Birtwhistle transmitting the username and password input by the user [0054] to the server module [0055]);
receive a security token from the authentication system (e.g. Birtwhistle receiving response including cryptographic token from the server module if the username and password are associated with an account that exists [0055]), the security token being usable by the network device to transmit requests to the authentication system via the second network connection (e.g. Birtwhistle “the medical device module 504 may update the data collection/synchronization application 506 such that the token 708 is transmitted for authentication each time a synchronization is attempted. The medical device module 504 transmits the token 708 to the server module 512 for authentication by the server module 512 each time before the medical data stored in the datastore 510 is synchronized with the medical data stored in the datastore 524 for the account. The server module 512 can identify the medical device module 504 and the associated account based on the token 708, and the medical data can then be synchronized” [0056]; transmitting the token to the server module as indicated by connection 904 in FIG. 10 [0064]); and
cause the security token to be transmitted to the network device residing in the clinical environment via the first network connection (e.g. Birtwhistle transmitting the  cryptographic token to the medical device module [0055] via communication using SOAP over internet or one or more networks [0044]);
But Birtwhistle does not specifically disclose:
transmitting the login credentials via a second network connection different from the first network connection.
However, the analogous art XIONG does disclose transmitting the login credentials via a second network connection different from the first network connection (e.g. XIONG sending authentication credentials to the server through a second communication channel being different from the first communication channel [0012]).  Birtwhistle and XIONG are analogous art because they are from the same field of endeavor in user device authentication through transmitted credentials.
(e.g. see XIONG, “a method of multi-channel authentication of a user, wherein the user uses a handheld electronic device in communication with a server of a service provider and a terminal. The method includes the device sending an authentication request to the server through a first communication channel; the device receiving an instruction message generated by the server based on the authentication request through the first communication channel; the device sending authentication credentials to the server through a second communication channel based on the instruction message, the second communication channel being different from the first communication channel; and the terminal receiving an authentication message generated by the server based on the authentication credentials” [0012]).
Birtwhistle and XIONG before him or her, to modify the invention of Birtwhistle with the teachings of XIONG to include transmitting the login credentials via a second network connection different from the first network connection as claimed because Birtwhistle provides a system and method for authenticating user device requests through credentials and tokens (Birtwhistle [Abstract]-[0090]) which could be communicated through different communication channels (XIONG [0012]).  The suggestion/motivation for doing so would have been to provide a multi-channel ID authentication and transaction control system and method, which is capable of providing full management capacity to service providers without requiring a centralized station (XIONG [0002]).  Therefore, it would have been obvious to combine Birtwhistle and XIONG to obtain the invention as specified in the instant claim(s).
As to Claim 18:
Birtwhistle in view of XIONG discloses the non-transitory physical computer storage of claim 15, wherein the first network connection and the second network connection are both established over a wide area network (e.g. Birtwhistle communicate via the internet or one or more networks [0044]).
As to Claim 19:
Birtwhistle in view of XIONG discloses the non-transitory physical computer storage of claim 15, wherein the computer-executable instructions, when executed by the one or more computing devices, further configure the one or more computing devices to receive a message from the network device residing in the clinical environment via the (e.g. Birtwhistle “The diabetes management device 104 performs various tasks including measuring and recording bG measurements, determining an amount of insulin to be administered to the patient 100 via the insulin pump 204, receiving user input via a user interface, archiving data, performing structured bG tests, etc. The diabetes management device 104 can transmit instructions to the insulin pump 204, and the insulin pump 204 selectively delivers insulin to the patient 100. Insulin can be delivered in the form of a meal bolus dose, a correction bolus dose, a basal dose, etc” [0029]; [0036]; “The medical device module 504 receives the medical data from one or more input/output (I/O) devices 508. The I/O devices 508 may include, for example, a keyboard, a mouse, a scanner/recognizer, one or more computers and/or servers, one or more medical devices, such as the diabetes management device 104, the CGM 200, the insulin pump 204… The medical device module 504 stores the medical data in a datastore 510” [0042]).
As to Claim 20:
Birtwhistle in view of XIONG discloses the non-transitory physical computer storage of claim 15, wherein the condition is satisfied based on the information in the message being usable to generate one or more user interfaces in response to a request from the clinical environment (e.g. Birtwhistle “A patient can interface the configurator through standard web based or computer graphical user interfaces (GUIs). The configurator selectively transmits patient-approved configurations to the devices of the system 300. The analyzer selectively retrieves data from the devices of the system 300, stores the data in a database, selectively analyzes the data, and outputs analysis results through standard web based or computer GUIs” [0031]).
Claims 2, 3, 9, 10, and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Birtwhistle in view of XIONG as applied to Claims 1, 8, and 15, and further in view of BROWN et al. (US 20140266794 A1, hereinafter Brown).
As to Claim 2:
Birtwhistle in view of XIONG discloses the method of claim 1, but does not specifically disclose:
the first network connection is a WebSocket connection.
However, the analogous art Brown does disclose the first network connection is a WebSocket connection (e.g. Brown websocket connection is secure and/or encrypted using authentication with SSL, once established, patient data is received [0059]).  Birtwhistle, XIONG, and Brown are analogous art because they are from the same field of endeavor in user device authentication through transmitted credentials.
(e.g. see Brown, “the websocket connection is secure and/or encrypted, for example using standard TCP/IP encryption techniques such as basic authentication with secure socket layer (SSL) encryption. Once the websocket connection is established, the processor 200 receives patient data via the websocket connection” [0059]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Brown before him or her, to modify the combination of Birtwhistle and XIONG with the Brown to include the first network connection is a WebSocket connection as claimed because Birtwhistle provides a system and method for authenticating user device requests through credentials and tokens over network communications (Birtwhistle [Abstract]-[0090]) which could include secure websocket connections using authentication (Brown [0059]).  The suggestion/motivation for doing so would have been to provide a low latency bi-directional communication pipe, which, once established, is not driven by requests like HTTP but is instead an established communications pipe (Brown [0059]).  Therefore, it would have been obvious to combine Birtwhistle, XIONG, and Brown to obtain the invention as specified in the instant claim(s).
As to Claim 3:
Birtwhistle in view of XIONG discloses the method of claim 1, but does not specifically disclose:
the first network connection is secured and authenticated.
However, the analogous art Brown does disclose the first network connection is secured and authenticated (e.g. Brown websocket connection is secure and/or encrypted using authentication with SSL, once established, patient data is received [0059]).  Birtwhistle, XIONG, and Brown are analogous art because they are from the same field of endeavor in user device authentication through transmitted credentials.
(e.g. see Brown, “the websocket connection is secure and/or encrypted, for example using standard TCP/IP encryption techniques such as basic authentication with secure socket layer (SSL) encryption. Once the websocket [0059]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Brown before him or her, to modify the combination of Birtwhistle and XIONG with the teachings of Brown to include the first network connection is secured and authenticated as claimed because Birtwhistle provides a system and method for authenticating user device requests through credentials and tokens over network communications (Birtwhistle [Abstract]-[0090]) which could include secure websocket connections using authentication (Brown [0059]).  The suggestion/motivation for doing so would have been to provide a low latency bi-directional communication pipe, which, once established, is not driven by requests like HTTP but is instead an established communications pipe (Brown [0059]).  Therefore, it would have been obvious to combine Birtwhistle, XIONG, and Brown to obtain the invention as specified in the instant claim(s).
As to Claim 9:
Birtwhistle in view of XIONG discloses the system of claim 8, but does not specifically disclose:
the first network connection is a WebSocket connection.
However, the analogous art Brown does disclose the first network connection is a WebSocket connection (e.g. Brown websocket connection is secure and/or encrypted using authentication with SSL, once established, patient data is received [0059]).  Birtwhistle, XIONG, and Brown are analogous art because they are 
(e.g. see Brown, “the websocket connection is secure and/or encrypted, for example using standard TCP/IP encryption techniques such as basic authentication with secure socket layer (SSL) encryption. Once the websocket connection is established, the processor 200 receives patient data via the websocket connection” [0059]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Brown before him or her, to modify the combination of Birtwhistle and XIONG with the teachings of Brown to include the first network connection is a WebSocket connection as claimed because Birtwhistle provides a system and method for authenticating user device requests through credentials and tokens over network communications (Birtwhistle [Abstract]-[0090]) which could include secure websocket connections using authentication (Brown [0059]).  The suggestion/motivation for doing so would have been to provide a low latency bi-directional communication pipe, which, once established, is not driven by requests like HTTP but is instead an established communications pipe (Brown [0059]).  Therefore, it would have been obvious to combine Birtwhistle, XIONG, and Brown to obtain the invention as specified in the instant claim(s).
As to Claim 10:
Birtwhistle in view of XIONG
the first network connection is secured and authenticated.
However, the analogous art Brown does disclose the first network connection is secured and authenticated (e.g. Brown websocket connection is secure and/or encrypted using authentication with SSL, once established, patient data is received [0059]).  Birtwhistle, XIONG, and Brown are analogous art because they are from the same field of endeavor in user device authentication through transmitted credentials.
(e.g. see Brown, “the websocket connection is secure and/or encrypted, for example using standard TCP/IP encryption techniques such as basic authentication with secure socket layer (SSL) encryption. Once the websocket connection is established, the processor 200 receives patient data via the websocket connection” [0059]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Brown before him or her, to modify the combination of Birtwhistle and XIONG with the teachings of Brown to include the first network connection is secured and authenticated as claimed because Birtwhistle provides a system and method for authenticating user device requests through credentials and tokens over network communications (Birtwhistle [Abstract]-[0090]) which could include secure websocket connections using authentication (Brown [0059]).  The suggestion/motivation for doing so would have been to provide a low latency bi-directional communication pipe, which, once established, is not driven by requests like HTTP but is instead an established communications pipe (Brown [0059]).  Therefore, it would have been obvious to Birtwhistle, XIONG, and Brown to obtain the invention as specified in the instant claim(s).
As to Claim 16:
Birtwhistle in view of XIONG discloses the non-transitory physical computer storage of claim 15, but does not specifically disclose:
the first network connection is a secured and authenticated WebSocket connection.
However, the analogous art Brown does disclose the first network connection is a secured and authenticated WebSocket connection (e.g. Brown websocket connection is secure and/or encrypted using authentication with SSL, once established, patient data is received [0059]).  Birtwhistle, XIONG, and Brown are analogous art because they are from the same field of endeavor in user device authentication through transmitted credentials.
(e.g. see Brown, “the websocket connection is secure and/or encrypted, for example using standard TCP/IP encryption techniques such as basic authentication with secure socket layer (SSL) encryption. Once the websocket connection is established, the processor 200 receives patient data via the websocket connection” [0059]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Brown before him or her, to modify the combination of Birtwhistle and XIONG with the teachings of Brown to include the first network connection is a secured and authenticated WebSocket connection as claimed because Birtwhistle provides a (Birtwhistle [Abstract]-[0090]) which could include secure websocket connections using authentication (Brown [0059]).  The suggestion/motivation for doing so would have been to provide a low latency bi-directional communication pipe, which, once established, is not driven by requests like HTTP but is instead an established communications pipe (Brown [0059]).  Therefore, it would have been obvious to combine Birtwhistle, XIONG, and Brown to obtain the invention as specified in the instant claim(s).
Claims 4, 11, and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Birtwhistle in view of XIONG as applied to Claims 1, 8, and 15, and further in view of Serenyi et al. (US 8312272 B1, hereinafter Serenyi).
As to Claim 4:
Birtwhistle in view of XIONG discloses the method of claim 1, but does not specifically disclose:
causing the network device to transmit a signed request to the authentication system.
However, the analogous art Serenyi does disclose causing the network device to transmit a signed request to the authentication system (e.g. Serenyi client’s authentication token management system transmits the signed request to the verification server [column 1 lines 53-56]; [column 2 lines 5-9; 34-37]).  Birtwhistle, XIONG, and Serenyi
(e.g. see Serenyi, “An authentication token management system on a client requests, receives and securely manages an authentication token. The authentication token management system uses hardware based security extensions on the client computer” [column 1 lines 53-56]; “The RIM then uses the hardware based security extensions to sign the request for an authentication token. The authentication token management system transmits the signed request to the server, and in response receives from the server an authentication token encrypted with the public key” [column 2 lines 5-9]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Serenyi before him or her, to modify the combination of Birtwhistle and XIONG with the teachings of Serenyi to include causing the network device to transmit a signed request to the authentication system as claimed because Birtwhistle provides a system and method for transmitting and authenticating user device requests through credentials and tokens over network communications (Birtwhistle [Abstract]-[0090]) where the requests could be signed requests (Serenyi [columns 1-2]).  The suggestion/motivation for doing so would have been to verify that the signed request for the authentication token originates from an authorized client, based on the request being signed by authentic hardware-based security extensions on the client (Serenyi [column 2 lines 34-37]).  Therefore, it would have been obvious to combine Birtwhistle, XIONG, and Serenyi to obtain the invention as specified in the instant claim(s).

As to Claim 11:
Birtwhistle in view of XIONG discloses the system of claim 8, but does not specifically disclose:
cause the network device to transmit a signed request to the authentication system.
However, the analogous art Serenyi does disclose cause the network device to transmit a signed request to the authentication system (e.g. Serenyi client’s authentication token management system transmits the signed request to the verification server [column 1 lines 53-56]; [column 2 lines 5-9; 34-37]).  Birtwhistle, XIONG, and Serenyi are analogous art because they are from the same field of endeavor in user device authentication.
(e.g. see Serenyi, “An authentication token management system on a client requests, receives and securely manages an authentication token. The authentication token management system uses hardware based security extensions on the client computer” [column 1 lines 53-56]; “The RIM then uses the hardware based security extensions to sign the request for an authentication token. The authentication token management system transmits the signed request to the server, and in response receives from the server an authentication token encrypted with the public key” [column 2 lines 5-9]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Serenyi before him or her, to modify the combination of Birtwhistle and XIONG with the teachings of Serenyi to include cause the network device to transmit a signed request to the authentication system as claimed because Birtwhistle provides a system and method for transmitting and authenticating user device requests through credentials and tokens over network communications (Birtwhistle [Abstract]-[0090]) where the requests could be signed requests (Serenyi [columns 1-2]).  The suggestion/motivation for doing so would have been to verify that the signed request for the authentication token originates from an authorized client, based on the request being signed by authentic hardware-based security extensions on the client (Serenyi [column 2 lines 34-37]).  Therefore, it would have been obvious to combine Birtwhistle, XIONG, and Serenyi to obtain the invention as specified in the instant claim(s).
As to Claim 17:
Birtwhistle in view of XIONG discloses the non-transitory physical computer storage of claim 15, but does not specifically disclose:
cause the network device to transmit a signed request to the authentication system.
However, the analogous art Serenyi does disclose cause the network device to transmit a signed request to the authentication system (e.g. Serenyi client’s authentication token management system transmits the signed request to the verification server [column 1 lines 53-56]; [column 2 lines 5-9; 34-37]).  Birtwhistle, XIONG, and Serenyi are analogous art because they are from the same field of endeavor in user device authentication.
(e.g. see Serenyi, “An authentication token management system on a client requests, receives and securely manages an authentication token. The [column 1 lines 53-56]; “The RIM then uses the hardware based security extensions to sign the request for an authentication token. The authentication token management system transmits the signed request to the server, and in response receives from the server an authentication token encrypted with the public key” [column 2 lines 5-9]).
It would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art, having the teachings of Birtwhistle, XIONG, and Serenyi before him or her, to modify the combination of Birtwhistle and XIONG with the teachings of Serenyi to include cause the network device to transmit a signed request to the authentication system as claimed because Birtwhistle provides a system and method for transmitting and authenticating user device requests through credentials and tokens over network communications (Birtwhistle [Abstract]-[0090]) where the requests could be signed requests (Serenyi [columns 1-2]).  The suggestion/motivation for doing so would have been to verify that the signed request for the authentication token originates from an authorized client, based on the request being signed by authentic hardware-based security extensions on the client (Serenyi [column 2 lines 34-37]).  Therefore, it would have been obvious to combine Birtwhistle, XIONG, and Serenyi to obtain the invention as specified in the instant claim(s).
Conclusion
The prior art made of record and not relied upon is considered pertinent to applicants’ disclosure.
Lee et al. (US 20140194817 A1)
Baker et al. (US 9077544 B2)
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Kenneth W Chang whose telephone number is (571)270-7530.  The examiner can normally be reached on Monday - Friday 9-5pm EST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Taghi Arani can be reached on 571-272-3787.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access 





/KENNETH W CHANG/Primary Examiner, Art Unit 2438                                                                                                                                                                                                        
    PNG
    media_image1.png
    35
    280
    media_image1.png
    Greyscale

02.13.2021