DETAILED ACTION
This communication is responsive to the application 16/362,890 filed on 03/25/2019. 
Claims 1-25 are directed towards “Secure Medical Apparatus Communication.”
Claims 1-25 have been presented.
Claims 1-25 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 06/12/2019 and 10/16/2020 was filed after the mailing date of the application filed on 03/25/2019.  The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner.


Oath



The Oath filed on 03/25/2019 complies with all the requirements set forth in MPEP 602 and is therefore accepted.

Drawings
The drawings filed on 03/25/2019 have been accepted.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1, 4-5 and 7 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 1 recites the limitation "in response to verifying the identity of the external device, perform an operation using the received data" in lines 14-15.  There is insufficient antecedent basis for this limitation in the claim.  The Examiner has interpreted the limitation in claim 1 to read, “in response to verifying the identity of the external communication component, perform an operation using the received data.”
Appropriate action is required/
Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159. See MPEP § 2146 et seq. for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 

Claims 1-25 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1-14 and 16-23 of U.S. Patent No. 10,839,190. Although the claims at issue are not identical, they are not patentably distinct from each other because the two inventions contain similar subject matter.

The following claims of the instant application are rejected on the ground of nonstatutory double patenting as being unpatentable over claims in of US Pat. 10,869,190.
Claims 1, 7, 2 and 9-11 of the instant application are unpatentable over claims 1, 2, 10 and 11 of US Pat. 10,869,190.
Claims 12, 14 and 16-17 of the instant application are unpatentable over claims 12, 14 and 16-17 of US Pat. 10,869,190.
Claims 18, 19, 20, 22 and 23-25 of the instant application are unpatentable over claims 18, 19, 20, 22 and 23 of US Pat. 10,869,190.
  


Current Application (16/362,809)
US Patent 10,826,190
1. An apparatus, comprising: 
a processing resource; 
memory having instructions executable by the processing resource; and 
an apparatus communication component coupled to the processing resource, wherein the apparatus communication component is configured to, in response to receiving data from an external communication component: 
generate an apparatus private key and an apparatus public key; 
provide the apparatus public key and data to an external communication component; 
receive data from the external communication component in response to providing the apparatus public key and data to the external communication component; 
decrypt the received data using the apparatus private key; 
verify an identity of the external communication component; and 
in response to verifying the identity of the external device, perform an operation using the received data.

7. The apparatus of claim 1, wherein the apparatus communication component receives an external digital signature with the data in order to verify the identity of the external device.
1. An apparatus, comprising: 
a processor; and 
an external communication component coupled to the processor, wherein the external communication component is configured to, in response to determining a vehicular entity is within a particular proximity to the external communication component: 
generate an external private key and an external public key; 
provide the external public key and data to a vehicular communication component associated with the vehicular entity; 
receive data from the vehicular communication component in response to providing the external public key and data to the vehicular communication component, wherein the received data comprises a vehicular digital signature; 
determine an identity of the vehicular entity based on the vehicular digital signature, wherein the determined identity prevents subsequent repudiation of a provided service; 
decrypt the received data using the external private key; and 
provide the service to the vehicular entity based on the decrypted received data.
2. The apparatus of claim 1, wherein the apparatus communication component is configured to, in response to performing the operation, provide confirmation of performance of the operation to the external communication component, wherein the confirmation is encrypted using the external public key.
2. (Original) The apparatus of claim 1, wherein the external communication component is configured to, in response to providing the service to the vehicular entity, receive confirmation data from the vehicular communication component encrypted using the external public key.
The apparatus of claim 1, wherein the external communication component is configured to receive the apparatus public key from the apparatus communication component.

10. The apparatus of claim 9, wherein the external communication component is configured to, prior to providing the data to the apparatus communication component, encrypt the data using the apparatus public key.
10. (Original) The apparatus of claim 1, wherein the external communication component is configured to: 
receive a vehicular public key from the vehicular communication component; and 
prior to providing the data to the vehicular communication component, encrypt the data using the vehicular public key.
11. The apparatus of claim 1, wherein the apparatus communication component is configured to provide the apparatus public key to the external communication component using radio-frequency identification (RFID).
11. (Original) The apparatus of claim 1, wherein the external communication component is configured to provide the vehicular public key to the vehicular communication component using radio-frequency identification (RFID).
12, 14, 16-17 method for performing claims 1-11
12-14 and 16-17 method for performing claims 1-11
18. An apparatus, comprising: 
a processing resource; 
memory having instructions executable by the processing resource; and 
an apparatus communication component coupled to the processor, wherein the apparatus communication component is configured to, in response to determining the apparatus communication component is within a particular proximity to an external communication component: 
generate an apparatus private key and an apparatus public key; 
provide the apparatus public key to the external communication component; 
receive an external public key from the external communication component; 
encrypt data using the external public key;
provide the encrypted data to the external communication component; and 
receive data from the external communication component in response to providing the encrypted data to the external communication component; 
decrypt the received data using the apparatus private key; and 
provide confirmation that the data is executed by the apparatus communication component.
An apparatus, comprising: 
a processor; and 
a vehicular communication component coupled to the processor, wherein the vehicular communication component is configured to, in response to determining the vehicular communication component is within a particular proximity to an external communication component: 
generate a vehicular private key and a vehicular public key; 
provide the vehicular public key to the external communication component, wherein the external communication component is associated with a service;
receive an external public key from the external communication component; 
encrypt data using the external public key, wherein the encrypted data comprises a 
provide the encrypted data to the external communication component; and
receive data from the external communication component in response to providing the encrypted data to the external communication component; 
decrypt the received data using the vehicular private key; and
provide confirmation of acceptance of the service in response to the decrypted data indicating the service.
19. The apparatus of claim 18, wherein the apparatus communication component is configured to generate an apparatus certificate by: 
encrypting an apparatus identification and a private apparatus identification resulting in an encrypted value; and 
encrypting the encrypted value and the apparatus private key.
19. (Original) The apparatus of claim 18, wherein the vehicular communication component is configured to generate an external certificate by: 
encrypting a vehicular identification and a private vehicular identification resulting in an encrypted value; and 
encrypting the encrypted value and the vehicular private key.
20. The apparatus of claim 19, wherein the apparatus identification and the private apparatus identification are generated using an asymmetric identification generator.
20. (Original) The apparatus of claim 19, wherein the vehicular identification and the private vehicular identification are generated using an asymmetric identification generator.
22. The apparatus of claim 18, wherein the apparatus public key and the apparatus private key are generated using an asymmetric key generator.
22. (Original) The apparatus of claim 18, wherein the vehicular public key and the vehicular private key are generated using an asymmetric key generator.
23. A system, comprising: 
a medical apparatus associated with a patient, comprising: 
an apparatus processing resource; and 
an apparatus communication component coupled to the apparatus processing resource and configured to generate an apparatus private key and an apparatus public key; and 
an external device in communication with a remote server, the external device comprising:
an external processing resource; and 
an external communication component coupled to the external processing resource and configured to: 
generate an external private key and an external public key; 
receive the apparatus public key; and 
encrypt data from the external device using the apparatus public key, wherein the data from the external device indicates an instruction to be provided to the medical apparatus; 
wherein the apparatus communication component is further configured to: 
receive the external public key and the data from the external device; 
decrypt the data from the external device using the apparatus private key; and 
encrypt data from the medical apparatus using the external public key, wherein the encrypted data from the medical apparatus indicates confirmation that the instruction is executed on the apparatus communication component. 

24. The system of claim 23, wherein the external communication component is further configured to: receive the encrypted data from the medical apparatus; and decrypt the data from the medical apparatus using the external private key.

25. The system of claim 23, wherein: the data from the medical apparatus comprises an apparatus digital signature; and the external communication component is configured to determine an identity of the medical apparatus based on the apparatus digital signature.
23. (Previously Presented) A system, comprising: 
a vehicular apparatus of a vehicular entity, comprising: 
a vehicular processor; and 
a vehicular communication component coupled to the vehicular processor and configured to generate a vehicular private key and a vehicular public key; and 
an external apparatus coupled to a transportation assistance entity, the external apparatus comprising: 
an external processor; and 
an external communication component coupled to the external processor and configured to: 
generate an external private key and an external public key; 
receive the vehicular public key; and encrypt external data using the vehicular public key; and
determine an identity of the vehicular entity based on the vehicular digital signature;
wherein the determined identity of the vehicular entity prevents subsequent repudiation of the provided service; and
wherein the external data indicates a service to be provided to the vehicular entity; 
wherein the vehicular communication component is further configured to: 
receive the external public key and external data; 
decrypt the external data using the vehicular private key; and 
encrypt vehicular data using the external public key, wherein the encrypted vehicular data comprises the vehicular digital signature and indicates confirmation of the provided service; and 
wherein the external communication component is further configured to: 
receive the encrypted vehicular data; and
decrypt the vehicular data using the external private key; and 
provide the service to the vehicular entity.



The apparatus/apparatus communication component and external communication components of the instant application provide substantially similar functionality to the apparatus/external communication component and vehicular communication component of the ‘190 US Patent.  In particular claim 1 of the instant application discloses:
An apparatus comprising a processing resource, executable instructions and a communications component configured in response to receiving data from an external communication component:
generate an apparatus private/public key pair; provide the apparatus public key and data to an external communication component; receive data from the external communication component in response to providing the apparatus public key and data, decrypt the received data with the apparatus private key; verify an identity of the external communication component; and in response to the identity verification, perform an operation.

Although, the instant claims are directed to secure (medical) apparatus communications between an apparatus and an external communication device, claims 1, 2, 10-11, 12, 14, 16-17, 18-20 and 22-23 of US Pat. ‘190 are directed to a securing vehicular communications services between an apparatus and an external vehicular component. The functional differences between the instant application and US Pat. ‘190 are related to which device the apparatus is attempting to establish secure communications with, i.e., a vehicle or an external communication component. 
Regarding presently presented claims 1-11, 12—17 and 18-25, the features of claims 1-11, 12—17 and 18-25 are substantively similar than those of patented claims 1-11, 12-14, 16-17, 18-20 and 22-23 of ‘920 for the reasons discussed above.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claim 1-4, 6-14, 18 and 22-25 are rejected under 35 U.S.C. 103 as being unpatentable over Pham (US Pat. 10,411,879 B2, filed 03/24/2017) in view of Wasily et al. (US Pub. 2019/0036688 A1 filed 09/17/2018).
As to claim 1, Pham discloses:
“An apparatus, comprising: 
a processing resource; 
memory having instructions executable by the processing resource” (Pham, fig. 3; hardware processor 302 and memory 304 ); and 
“an apparatus communication component coupled to the processing resource, wherein the apparatus communication component is configured to, in response to receiving data from an external communication component” (Pham, fig. 3, col. 5 lines 52-55; communication interfaces 316; received message, upon receiving a requests for data, requests to share encryption keys and/or requests for access to a memory of the hardware on which the application is running): 
generate an apparatus private key and an apparatus public key” (Pham, fig. 2, col. 5 lines 61-63, col. 10 lines 46-49 and col. 11 lines 64-67; user device 208 and 210 executing a first application (application A corresponds to the external component) and a second application (application B corresponds to apparatus communication component) respectively, can each generate public and private key pairs); 
“provide the apparatus public key and data to an external communication component” (Pham, col. 5 lines 61-63; first and second applications (executing on user devices 208 and 210) exchange respective public keys); 
(Pham, col. 5 lines 61-63; first and second applications (executing on user devices 208 and 210) exchange respective public keys); 
“decrypt the received data using the apparatus private key” (Pham, col. 9 lines 26-28; application A can decrypt the encrypted [acknowledgement] message using the new PKI private key generated by Application A).
Pham does not explicitly disclose:
Pham does not explicitly disclose:
“verify an identity of the external communication component; and
“in response to verifying of the external device, perform an operation using the received data.”
However, Wasily discloses:
“verify an identity of the external communication component” (Wasily, pars. 0032 and 0056-0057; personal device 102 may send an access request, i.e., a command and/or other operation or instruction that controls a function of a medical device 104; the access request may identify, i.e., International Mobile Equipment Identity (IMEI) number, a phone number, Media Access Control (MAC) address, or other immutable identifier indicating that the medical application 118 of the personal device 102 is a device manager of the medical device 104).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a secure communication between a personal device, the medical device and/or the 
Wasily further discloses:
“in response to verifying of the external device, perform an operation using the received data” (Wasily, par. 0056; executing the command to control the administration of a treatment or medication, such as dispensing insulin).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a personal device 102 with functionality, e.g., a medical application, to securely control, manage or otherwise interact with medical device 104, and other applications 120 loaded on the personal device 102 (Wasily, par. 0028). 

As to claim 2, Pham and Wasily disclosed the invention of claim 1.  Pham further discloses:
“wherein the apparatus communication component is configured to, in response to performing the operation, provide confirmation of performance of the operation to the external communication component, wherein the confirmation is encrypted using the external public key” (Pham, fig. 1, steps 170-240, col. 3 line 6 – col. 4 line 1; after determining that a command message from application A is authentic (step 190), application B builds acknowledgement message, encrypts the acknowledgement message with application A’s public key, and sends encrypted [acknowledgement] message to application A).

“wherein the apparatus communication component configured to perform the operation comprises the apparatus communication component configured to perform one of an update, a calibration, a parameter trimming.”
However, Wasily discloses:
“wherein the apparatus communication component configured to perform the operation comprises the apparatus communication component configured to perform one of an update, a calibration, a parameter trimming” (Wasily, par. 0048; processor 132 may transmit a response to the medical application 118, receive instructions from the medical application 118, control the medical device 104, encrypt and/or decrypt secure over-the-air firmware updates, and verify a firmware signature on the firmware to securely boot the firmware on the medical device 104).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a secure communication between a personal device, and securely manage or verify updates to the firmware of a medical device, thereby protecting the medical device from unintended software installations (Wasily, par. 0023).

As to claim 4, Pham and Wasily disclosed the invention of claim 1.  Pham does not explicitly disclose:

However, Wasily discloses:
“wherein the apparatus communication component is configured to, in response to being unable to verify the identity of the external device, determining to ignore the received data and not perform an operation associated with the received data” (Wasily, par. 0116; If the digital signature is verified, the medical device 104 may exchange the payload with the personal device 102 (710). If the digital signature is not verified, the medical device 104 may determine that the request has failed and does not exchange the payload).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a secure communication between a personal device, and securely manage or verify updates to the firmware of a medical device, thereby protecting the medical device from unintended software installations (Wasily, par. 0023).

As to claim 6, Pham and Wasily disclosed the invention of claim 1.  Pham does not disclose:
 “wherein the apparatus communication component is coupled to one of a heart apparatus, a blood apparatus, a pulse apparatus, a prosthetic apparatus, a bone inserted apparatus, insulin measurement system, a position system, and an electronic body part.”

“wherein the apparatus communication component is coupled to one of a heart apparatus, a blood apparatus, a pulse apparatus, a prosthetic apparatus, a bone inserted apparatus, insulin measurement system, a position system, and an electronic body part” (Wasily, par. 0023; securing communication between a personal mobile device and a medical device, i.e., a continuous glucose monitor (CGM), an artificial pancreas (AP) system, a pacemaker or an insulin pump).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to
provide control/management different treatments of a medical device by a  patient, doctor, nurse or other healthcare professional from a single device (Wasily, par. 0023).

As to claim 7, Pham and Wasily disclosed the invention of claim 1.  Pham does not explicitly disclose:
“wherein the apparatus communication component receives an external digital signature with the data in order to verify the identity of the external device.”
However, Wasily discloses:
“wherein the apparatus communication component receives an external digital signature with the data in order to verify the identity of the external device” (Wasily, par. 0048; The processor 132 may transmit a response to the medical application 118 and verify one or more authentication factors and/or signatures sent by the medical application 118).


As to claim 8, Pham and Wasily disclosed the invention of claim 1.  Pham does not explicitly disclose:  
“wherein the data received from the external communication component comprises external identification data and medical data.”
However, Wasily discloses: 
“wherein the data received from the external communication component comprises external identification data and medical data” (Wasily, pars. 0032, 0048 and 0056-57; personal device 102 may send an access request that identifies the personal device as a device manage of medical device 104).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a secure communication between a personal device, the medical device and/or the server to ensure that commands, communication and/or other instructions among the devices are secure and protected from viruses, malware, and other security vulnerabilities (Wasily, par. 0023).


“wherein the external communication component is configured to receive the apparatus public key from the apparatus communication component” (Pham, col. 5 lines 61-63; first and second applications (executing on user devices 208 and 210) exchange respective public keys).

As to claim 10, Pham and Wasily disclosed the invention claim 9.  Pham further discloses:
“wherein the external communication component is configured to, prior to providing the data to the apparatus communication component, encrypt the data using the apparatus public key” (Pham, col. 5 lines 63-65; first application (A) executing on device 208 generates a new public/private key pair and encrypts message using the second application’s (B) executing on device 210 public key).

As to claim 11, Pham and Wasily disclosed the invention of claim 1.  Pham does not explicitly disclose:
“wherein the apparatus communication component is configured to provide the apparatus public key to the external communication component using radio-frequency identification (RFID)).”
However, Wasily discloses:
“wherein the apparatus communication component is configured to provide the apparatus public key to the external communication component using radio-frequency (Wasily, par. 0042; network access device 124 may include a communication port or channel, such as one or more of a Wi-Fi unit, a Bluetooth.RTM. unit, a radio frequency identification ( RFID) tag or reader).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to
provide control/management different treatments of a medical device by a  patient, doctor, nurse or other healthcare professional from a single device (Wasily, par. 0023).

As to claim 12, Pham discloses:
“generating an external private key and an external public key” (Pham, fig. 2, col. 5 lines 61-63, col. 10 lines 46-49 and col. 11 lines 64-67; user device 208 and 210 executing a first application (application A corresponds to the external component) and a second application (application B corresponds to apparatus communication component) respectively, can each generate public and private key pairs; 
“providing the external public key to an apparatus communication component” (Pham, col. 5 lines 61-63; first and second applications (executing on user devices 208 and 210) exchange respective public keys); 
“receiving an apparatus public key from the apparatus communication component” (Pham, col. 5 lines 61-63; first and second applications (executing on user devices 208 and 210) exchange respective public keys); 
“encrypting data using the apparatus public key” (Pham, col. 5 lines 63-65; first application (A) executing on device 208 generates a new public/private key pair and encrypts message using the second application’s (B) executing on device 210 public key); 
“providing the encrypted data to the apparatus communication component” (Pham, col. 5 lines 65-67; first application (A) transmits the encrypted message and the newly generated public key of the public/private key pair to the second application (B)); 
“receiving data from the apparatus communication component in response to providing the encrypted data to the apparatus communication component” (Pham, col. 6 lines 2-5; second application (B) generates acknowledgement message and encrypts the acknowledgement message using the first application’s (A) new public key); 
“decrypting the received data using the external private key” (Pham, col. 9 lines 26-28; application A can decrypt the encrypted [acknowledgement] message using the new PKI private key generated by Application A at block 112).
Pham does not explicitly disclose:
“providing additional data to the apparatus communication component  based on the decrypted received data.”
However, Wasily discloses:
“providing additional data to the apparatus communication component  based on the decrypted received data” (Wasily, par. 0048; processor 132 may communicate with the medical application 118 and control the medical device 104 and may use a server secret to authenticate, encrypt and/or decrypt secure over-the-air firmware updates).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a secure communication between a personal device, the medical device and/or the 

As to claim 13, Pham and Wasily disclosed the invention of claim 12. 
“determining that the apparatus communication component includes a portion that is not up to date; and 
in response to determining that the portion is not up to date, providing an update to the apparatus communication component to update the portion (Wasily, par. 0048; processor 132 may transmit a response to the medical application 118, receive instructions from the medical application 118, control the medical device 104, encrypt and/or decrypt secure over-the-air firmware updates, and verify a firmware signature on the firmware to securely boot the firmware on the medical device 104).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a secure communication between a personal device, and securely manage or verify updates to the firmware of a medical device, thereby protecting the medical device from unintended software installations (Wasily, par. 0023).

As to claim 14, Pham and Wasily disclosed the invention of claim 12.  Pham does not explicitly disclose: 
“receiving a digital signature from the apparatus communication component; verifying the digital signature using the apparatus public key; and 

However, Wasily discloses:
“receiving a digital signature from the apparatus communication component” (Wasily, par. 0048; The processor 132 may transmit a response to the medical application 118 and verify one or more authentication factors and/or signatures sent by the medical application 118).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to provide a secure communication between a personal device, and securely manage or verify updates to the firmware of a medical device, thereby protecting the medical device from unintended software installations (Wasily, par. 0023).
Wasily further discloses: 
“verifying the digital signature using the apparatus public key” (Wasily, par. 0048); and 
“providing the additional data in response to verifying the digital signature” (Wasily, par. 0069; after the authentication factors has been renewed or if the authentication factor is valid, the personal device 102 may generate a response to the medical device 104 and encrypt the response to the medical device 104 (314). The response may include additional information, such as the communication protocol, to establish the connection between the personal device 102 and the medical device 104).



“An apparatus, comprising: 
a processing resource; 
memory having instructions executable by the processing resource” (Pham, fig. 3; hardware processor 302 and memory 304); and 
Pham does not explicitly disclose:
“an apparatus communication component coupled to the processor, wherein the apparatus communication component is configured to, in response to determining the apparatus communication component is within a particular proximity to an external communication component:
generate an apparatus private key and an apparatus public key.”
However, Wasily discloses:
“an apparatus communication component coupled to the processor, wherein the apparatus communication component is configured to, in response to determining the apparatus communication component is within a particular proximity to an external communication component (Wasily, par. 0055; personal device 102 may determine that the personal device 102 is within proximity or within a threshold distance of the medical device 104): 
generate an apparatus private key and an apparatus public key (Wasily, par. 0025; medical application 118 may use a secure element 138 to generate the public key and/or the private key).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham with Wasily to use a 
Pham further discloses
provide the apparatus public key to the external communication component (Pham, fig. 2, col. 5 lines 61-63, col. 10 lines 46-49 and col. 11 lines 64-67; user device 208 and 210 executing a first application (application A corresponds to the apparatus communication component) and a second application (application B corresponds to external component) respectively, can each generate public and private key pairs); 
receive an external public key from the external communication component (Pham, col. 5 lines 61-63; first and second applications (executing on user devices 208 and 210) exchange respective public keys); encrypt data using the external public key; 
provide the encrypted data to the external communication component (Pham, col. 5 lines 65-67; first application (A) transmits the encrypted message and the newly generated public key of the public/private key pair to the second application (B)); and 
receive data from the external communication component in response to providing the encrypted data to the external communication component (Pham, col. 6 lines 2-5; second application (B) generates acknowledgement message and encrypts the acknowledgement message using the first application’s (A) new public key); 
(Pham, col. 9 lines 26-28; application A can decrypt the encrypted [acknowledgement] message using the new PKI private key generated by Application A at block 112); and 
provide confirmation that the data is executed by the apparatus communication component (Pham, fig. 1, steps 170-240, col. 3 line 6 – col. 4 line 1; after determining that a command message from application A is authentic (step 190), application B builds acknowledgement message, encrypts the acknowledgement message with application A’s public key, and sends encrypted [acknowledgement] message to application A).

As to claim 22, Pham and Wasily disclosed the invention of claim 18.  Pham further discloses:
“wherein the apparatus public key and the apparatus private key are generated using an asymmetric key generator” (Pham, col. 5 lines 60-62; first application and a second application can each generate public and private [asymmetric] key pairs).

As to claim 23, claim 23 represents a system comprising a medical apparatus associated with a patient in communication with an external device and a server that is substantively similar in scope to the inventions of claims 1 (apparatus), 2 (confirmation) and 12 (external device) above.  Claim 23 is therefore rejected for the same reasons outlined in the rejection of claims 1, 2 and 12 above.


“wherein the external communication component is further configured to: 
receive the encrypted data from the medical apparatus” (Pham, col. 5 lines 61-63; first and second applications (executing on user devices 208 and 210) exchange respective public keys); and 
“decrypt the data from the medical apparatus using the external private key” (Pham, col. 9 lines 26-28; application A can decrypt the encrypted [acknowledgement] message using the new PKI private key generated by Application A).

As to claim 25, Pham and Wasily disclosed the invention of claim 23.  Pham does not explicitly disclose: 
“wherein: the data from the medical apparatus comprises an apparatus digital signature; and the external communication component is configured to determine an identity of the medical apparatus based on the apparatus digital signature.”
However, Wasily discloses
“wherein: the data from the medical apparatus comprises an apparatus digital signature; and the external communication component is configured to determine an identity of the medical apparatus based on the apparatus digital signature.”

Claim 5 is rejected under 35 U.S.C. 103 as being unpatentable over Pham in view of Wasily in further view of Du et al. (US Pat. 9,450,756 B2 filed 12/22/2010)

“wherein the apparatus communication component is further configured to, in response to being unable to verify the identity of the external device, requesting additional data to be verified.”
However Du discloses:
“wherein the apparatus communication component is further configured to, in response to being unable to verify the identity of the external device, requesting additional data to be verified” (Du, col. 8 lines 40-64; failure of either entity A OR B authentication results in a request from the authenticating entity (A OR B) resending the authentication request message to the entity that failed original authentication request).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham and Wasily with Du to re-send and authentication request to a device that has failed authentication, thereby allowing device to attempt authentication with additional credentials/data within a time-out period before determining that the authentication of a device fails (Du, col. 8 lines 40-53).

Claims 15 and 16 are rejected under 35 U.S.C. 103 as being unpatentable over Pham in view of Wasily in further view of Wu et al. (US Pub. 2019/0036886 A1 filed 07/25/2017).
As to claim 15, Pham and Wasily disclosed the invention of claim 12.  Pham does not explicitly disclose:

However, Wu discloses:
“wherein subsequent data provided to the apparatus communication component that instructs the apparatus communication component to execute a same instruction is altered based on a particular parameter, wherein the altered subsequent data still instructs the apparatus communication component to execute the same instruction” (Wu, par. 0073; programmable operating parameters used by the controller circuit 560 are stored and modified, as required, in order to customize the operation of implantable medical device (IMD) 101 to suit the needs of a particular patient; memory 594 may store instructions to direct the controller circuit 560 to analyze the cardiac signals and heart sounds identify characteristics of interest and derive values for predetermined statistical parameters). 
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham and Wasily with Wu to provide secure and customizable operation of a medical implant device according to a particular patient’s needs (Wu, par. 0073).



“wherein the particular parameter comprises at least one of a period of time and a frequency of the same instruction being sent.”
However, Wu discloses:
“wherein the particular parameter comprises at least one of a period of time and a frequency of the same instruction being sent” (Wu, par. 0073; programmable operating parameters used by the controller circuit 560 are stored and modified, to customize the operation of implantable medical device (IMD) 101 to suit the needs of a particular patient may store [capture] patient data, i.e., IEGM data, heart sound data, pressure data, Sv02 data and the like for a desired period of time (e.g., 5 hour, 24 hours, 5 month); memory 594 may store instructions to direct the controller circuit 560 to analyze the cardiac signals and heart sounds identify characteristics of interest and derive values for predetermined statistical parameters).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham and Wasily with Wu to provide secure and customizable operation of a medical implant device according to a particular patient’s needs (Wu, par. 0073).

Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over Pham in view of Wasily in further view of (Mattoon, Denis,”Implementng DICE”, Trusted Computing Group, 03/20/2018,  develop.trustedcomputinggroup.org/2018/03/20/implementing-dice/, Accessed 05/07/2020, hereinafter referred to as Mattoon).

“wherein the encrypting and decrypting are performed using a device identification composition engine (DICE)-robust internet of thing (RIOT) protocol.”
However Mattoon discloses:
“wherein the encrypting and decrypting are performed using a device identification composition engine (DICE)-robust internet of thing (RIOT) protocol” (Mattoon, pages 5-7; implementing and leveraging DICE-RIoT protocol for device identity and cryptographic operations to secure program data protection and secure boot and remote management).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham and Wasily with Mattoon in order to provide improved security and resiliency of a hardware/software configuration based on device and application attestation that ensures that the hardware/software configuration has not been altered (Mattoon, page 2). 

Claims 19 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Pham in view of Wasily in further view of Spencer et al. (US Pat. 10,341,866 A1 filed 04/23/2018).
As to claim 19, Pham and Wasily disclosed the invention of claim 18.  Pham does not explicitly disclose:
“wherein the apparatus communication component is configured to generate an apparatus certificate by: 

encrypting the encrypted value and the apparatus private key.”
However, Spencer discloses:
“wherein the apparatus communication component is configured to generate an apparatus certificate by: 
encrypting an apparatus identification and a private apparatus identification resulting in an encrypted value; and 
encrypting the encrypted value and the apparatus private key (Spencer, col. 20 lines 25-34; If there is no existing user-specific certificate on the controller 304, this mutually authenticated channel with the computer system 302 can be used to generate a new certificate. As part of the new certificate, the application on the controller 304 can generate an asymmetric key pair (e.g., APP_PUB_KEY, APP_PRV_KEY), and passes the public key with a unique identifier (e.g., controller identifier (e.g., phone uniqueID (IDFV), application identifier) with a certificate request to the computer system 302 (416), which can receive the key and the unique identifier (418)).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham and Wasily with Spencer to establish a secure wireless connection and device validation between a mobile computing device and a medical apparatus, e.g., an insulin pump, via cryptographic processing for certificate generation and verification of devices with limited user interface to output and/or input user authentication information (Spencer, col. 1 lines 53-65).

“wherein the apparatus identification and the private apparatus identification are generated using an asymmetric identification generator.”
However, Spencer discloses:
“wherein the apparatus identification and the private apparatus identification are generated using an asymmetric identification generator” (Spencer, col. 18 lines 36-58;    The computer system 202, the controller 204, and the device 206 can use one or more encryption algorithms to establish secure channels of communication and to encrypt data that is stored locally by each of the devices 202-206. For example, 2048 bit Rivest-Shamir-Adelman (RSA) and/or Elliptical Curve Cryptography (ECC) 224 can be used for asymmetric keys and certificates, and all actors can be first authenticated using mutual authentication via an asymmetric key).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham and Wasily with Spencer to establish a secure wireless connection and device validation between a mobile computing device and a medical apparatus, e.g., an insulin pump, via cryptographic processing for certificate generation and verification of devices with limited user interface to output and/or input user authentication information (Spencer, col. 1 lines 53-65).

Claims 21 is rejected under 35 U.S.C. 103 as being unpatentable over Pham in view of Wasily in view of Spencer in further view of Khassanov et al. (US Pub. 2019/0327311 A1 priority 04/18/2018 - Provisional app. 62/659,587).
As t claim 21, Pham, Wasily and Spencer disclosed the invention of claim 19.  Pham does not explicitly disclose: 
“wherein the apparatus certificate indicates an identification of a patient associated with the apparatus communication component.”
However, Khassanova discloses:
“wherein the apparatus certificate indicates an identification of a patient associated with the apparatus communication component” (Khassanov, fig. 5, par. 0073;  re-encrypts a data storage device's User Key with a newly updated Revolving Security/Encryption Certificate of the data access device issued by a health insurance company or another operating entity; the certificate is periodically renewed each time the patient's card is inserted into the data access device the card's security key is re-encrypted with the latest data access device's certificate).
A person of ordinary skill in the art prior to the effective filing date of the invention would have motivated to combine the technical features of Pham and Wasily with Khassanov to identify a patient via a digital certificate so that medical personal can electronically identify a patient receiving medical services, thereby providing the most up to date information associated with the particular patient receiving medical care Khassanov, par. 0073).


Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to /FELICIANO S MEJIA/ whose telephone number is (571)270-5994.  The examiner can normally be reached on 8:30am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/FELICIANO S. MEJIA/
Examiner
Art Unit 2492




/SALEH NAJJAR/           Supervisory Patent Examiner, Art Unit 2492