DETAILED ACTION
This is in response to amendment/RCE filed on July 15th 2021.  Claims 1-4, 7-12, and 14-19 are pending and claims 1 and 19 are independent.  Claims 1, 7, 9-10, and 19 have been amended.  Claims 5-6, 13, and 20 have been canceled.  No new claims have been added.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Continued Examination Under 34 CFR 1.114
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection.  Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of  

Response to Arguments
Applicant’s argument regarding rejection under 35 U.S.C. §112(b) of claim 6 is persuasive and thus the 112(b) rejection is withdrawn.

Applicant’s argument filed on 07/15/2021 with respect to claims 1, and 19 have been considered but are moot due to the new grounds of rejection that do not rely on any reference relied in the prior rejection of record for any teachings or matter specifically challenged in the argument.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.

4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claims 19 is rejected under 35 U.S.C. 103 as being unpatentable over Haider et al. (US PGPUB No. 2015/0032633) in view of Reese et al. (US PGPUB No. 2018/0007037).
Regarding claim 19. Haider does disclose, a method of securely monitoring a data module receiving data from a medical device, the method comprising [Haider, para. 0041, FIG.1, according to one aspect of at least one embodiment, the invention relates to an authentication system for the authentication of a particular mobile electronic device(e.g., client device) (wherein a plurality of mobile electronic devices is basically connected to the system and is to be authenticated) against a central server (e.g., a server) for the secure exchange of medical data between device and server, wherein the server for its part exchanges data with a clinical system and has access to a repository (e.g., data module) containing clinical or medical data (also including patient data)]: 
storing, at a server, a private key of a public-private key pair associated with a data module [Haider, para. 0052, 0109, FIG. 1, The key can be part of a symmetric encryption method and is then used concordantly by the encryption unit on the patient's cell phone and by the decryption unit on the server.  (Para. 0109), the key (e.g, private key) is part of a cryptological method and can be designed as a symmetric key or as an asymmetric key pair 40, 40' (e.g., public-private key pair).]; 
[Haider, para. 0023-0028, In at least one embodiment, the following steps are executed on the part of the registry for authentication purposes: [0024] The message with the signature and the device ID are received and where necessary (optionally) symmetrically decrypted. [0025] the device ID is acquired. [0026] with the device ID acquired, access is effected to the central protected memory in order to read out the corresponding key (associated with the device ID) in each case. [0027] Decryption of the signature takes place using the key which has been read out. [0028] the decrypted device ID with time stamp is read out as the decryption result. The decryption unit can now compare the decryption result with the received device ID for a match. When a match occurs the authentication process is considered successful and an access to the repository can be executed. In order to find the data records in the repository, the device ID and/or further identifying labels associated with the device ID are used.];

generating, at the server, a first authentication key based at least on the private key [Haider, para. 0028 the decrypted device ID with time stamp is read out as the decryption result. The decryption unit can now compare the decryption result with the received device ID for a match. When a match occurs the authentication process is considered successful and an access to the repository can be executed. In order to find the data records in the repository, the device ID and/or further identifying labels associated with the device ID are used.][Haider, para. 0028 the decrypted device ID with time stamp is read out as the decryption result. The decryption unit can now compare the decryption result with the received device ID for a match. When a match occurs the authentication process is considered successful and an access to the repository can be executed. In order to find the data records in the repository, the device ID and/or further identifying labels associated with the device ID are used.];
receiving, at the server, an indication from the data module that the first authentication key generated at the server was entered [Haider, para. 0111, FIG. 2, After the encryption unit V has been installed locally on the device G, the user can on the first occasion subject himself to a registration process by way of the encryption unit V. The encryption unit V can subsequently be used in order to sign messages and thereby to authenticate the patient on the central registry 10 to enable accessing of the repository 12 in authenticated form to be performed. (Para. 0120), following successful authentication the registry 10 can then perform an access to the repository 12. As a rule the access is indexed by way of the device ID 50 in order to find the patient-specific and relevant data records in the repository 12 and convey them to the device G of the patient.]; and
in response to determining that the first authentication key generated by the server and a second authentication key generated by the data module match, granting the client device -4-Application No. 16/134,213Docket No. ABIO 3.0-123 [689]D00067.US02authenticated access to the data module [Haider, 0122-0123, (examiner notes that signature prototype SIG- is the second authentication key), In an alternative development the key 40' is not stored in the repository 12 (this is also possible if the storage area is access-protected) but in a separate memory to which the registry 10 has access. The decryption key 40' is associated in a one-to-one manner with the encryption key 40 and is part of an asymmetric encryption. As a rule it involves an asymmetric key pair comprising a private key and a public key. [0123] In this situation the private key cannot be viewed and is stored in hidden form in the program memory 30 of the device G, while the public key 40' is stored in a central memory. In this embodiment the memory (for example the repository 12) comprises an association table between device ID 50 and key 40, 40'. After the associated decryption key 40' has been released in each case it is forwarded to the decryption unit E. Thereupon the decryption unit E can decrypt the signature SIG, resulting in the signature prototype SIG-UB, in order to then perform the authentication process by comparison (as already described above).  (Para. 0124), On successful authentication an access can again be performed to the repository 12 in order to read in and preferably to encrypt in encrypted form (normally with the public key 40') the specifically requested data record and transmit it via the registry 10 to the device G. The encrypted data is identified in FIG. 3 by the oval label "ENC (DATA)".],
Haider does not disclose, determining, at the server, a first time;
generating, at the server, a first authentication key based at least on the private key and the first time, wherein the first authentication key is used to allow authenticated access to the data module;
wherein the second authentication key generated by the data module is generated based at least on the private key and a second time determined by the data module.
 determining, at the server, a first time; [Reese, para. 0074, FIG. 2 and FIG. 10, (Examiner notes that a time is provided during the authentication process by the timekeeping engine) Timekeeping engine 254, similar to timekeeping engine 204, is programmed, or otherwise configured, to provide access to a stable and trusted time source (which may be provided by an internal circuit or via a trusted external service).];
generating, at the server, a first authentication key based at least on the private key and the first time, wherein the first authentication key is used to allow authenticated access to the data module [Reese, para. 0074, 0076, FIG. 10 (Examiner notes a timestamp is obtained that represents the current time and the authentication transaction through an OTP would also generate the authentication key as cited in the application’s specification paragraph 0013, which is a one-time authentication key which expires after a period of time.  The secret key contains key pair including the private key) is a flow diagram illustrating operations of an authentication transaction carried out by OTP presenter 200 according to an embodiment. At 1002, OTP presenter 200 receives an authentication request. At 1004, timekeeping engine 204 of OTP presenter 200 provides a timestamp for use with the authentication transaction. The timestamp may be generated locally by timekeeping engine 204 in one embodiment. In another embodiment, the timestamp may be obtained from an external timekeeping service by timekeeping engine 204. (Para. 0076), At 1008, OTP sequence generator 208 generates a time- and party-dependent OTP sequence based on the shared secret and on the timestamp. In an embodiment, the OTP sequence is a cryptographic hash of the shared secret, concatenated with the timestamp. In a related embodiment, a sequence number may also be concatenated with the shared secret and timestamp as follows: OTPSeq=Hash(Z.parallel.N.parallel.T). where Hash( ) represents a cryptographic hashing operation using an algorithm such as SHA-256, SHA-1, MD5, or the like; Z represents the shared secret, N represents a sequence index number (e.g., 0001, 0002, etc.), T represents the timestamp value, and .parallel. represents byte-level concatenation of these values.];  
 wherein the second authentication key generated by the data module is generated based at least on the private key and a second time determined by the data module [Reese, para. 0034, 0074, 0076, FIG. 10 (Examiner notes a timestamp is obtained that represents the current time for each authentication different from one before, and the authentication transaction through an OTP would also generate the authentication key where the secret key includes the private key), OTP sequence generator 208 is constructed, programmed, or otherwise configured, to generate different one-time-use codes to authenticate OTP presenter 200 as the authenticating party. The one-time use codes are based on the shared secret and on a mutually-known changing value between OTP presenter 200 and the corresponding relying party, such as the current time e.g., available via timekeeping engine 204.   (Para. 0074) is a flow diagram illustrating operations of an authentication transaction carried out by OTP presenter 200 according to an embodiment. At 1002, OTP presenter 200 receives an authentication request. At 1004, timekeeping engine 204 of OTP presenter 200 provides a timestamp for use with the authentication transaction. The timestamp may be generated locally by timekeeping engine 204 in one embodiment. In another embodiment, the timestamp may be obtained from an external timekeeping service by timekeeping engine 204. (Para. 0076), At 1008, OTP sequence generator 208 generates a time- and party-dependent OTP sequence based on the shared secret and on the timestamp. In an embodiment, the OTP sequence is a cryptographic hash of the shared secret, concatenated with the timestamp. In a related embodiment, a sequence number may also be concatenated with the shared secret and timestamp as follows: OTPSeq=Hash(Z.parallel.N.parallel.T). where Hash( ) represents a cryptographic hashing operation using an algorithm such as SHA-256, SHA-1, MD5, or the like; Z represents the shared secret, N represents a sequence index number (e.g., 0001, 0002, etc.), T represents the timestamp value, and .parallel. represents byte-level concatenation of these values.].
Haider and Reese are in the same filed of endeavors as they are both pertinent to improving security, information processing and security, more particularly, to performing authentication of a transacting party using a one-time password (OTP) technique. 
Therefore, it would have been obvious to one of ordinary skilled in art before the effective filing date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with teachings of Reese that is related to information security and performing authentication of a transacting party using a one-time password technique to .

Claims 1-4, 7, 10-12, 14, and 17-18 are rejected under 35 U.S.C. 103 as being unpatentable over Haider et al. (US PGPUB No. 2015/0032633) in view of Spencer et al. (US Patent No. 9,980,140) further in view of Reese et al. (US PGPUB No. 2018/0007037).

Regarding claim 1. Haider does disclose, a data monitoring system comprising: 
a server communicatively coupled to a client device and a data module via a data network, wherein the server is configured to [Haider, para. 0041, FIG.1, according to one aspect of at least one embodiment, the invention relates to an authentication system for the authentication of a particular mobile electronic device(e.g., client device) (wherein a plurality of mobile electronic devices is basically connected to the system and is to be authenticated) against a central server (e.g., a server) for the secure exchange of medical data between device and server, wherein the server for its part exchanges data with a clinical system and has access to a repository (e.g., data module) containing clinical or medical data (also including patient data)]: 
[Haider, para. 0052, 0109, FIG. 1, The key can be part of a symmetric encryption method and is then used concordantly by the encryption unit on the patient's cell phone and by the decryption unit on the server.  (Para. 0109), the key (e.g, private key) is part of a cryptological method and can be designed as a symmetric key or as an asymmetric key pair 40, 40' (e.g., public-private key pair).];
receive a request from the client device for authenticated access to the data module [Haider, para. 0023-0028, (Examiner note that the repository is the data module where the medical data are stored), In at least one embodiment, the following steps are executed on the part of the registry for authentication purposes: [0024] The message with the signature and the device ID are received and where necessary (optionally) symmetrically decrypted (Examiner interprets that the private key stored on the server is used for decryption). [0025] the device ID is acquired. [0026] with the device ID acquired, access is effected to the central protected memory in order to read out the corresponding key (associated with the device ID) in each case. [0027] Decryption of the signature takes place using the key which has been read out. [0028] the decrypted device ID with time stamp is read out as the decryption result. The decryption unit can now compare the decryption result with the received device ID for a match. When a match occurs the authentication process is considered successful and an access to the repository can be executed. In order to find the data records in the repository, the device ID and/or further identifying labels associated with the device ID are used.];
 
generate a first authentication key based at least on the private key  [Haider, para. 0028 the decrypted device ID with time stamp is read out as the decryption result. The decryption unit can now compare the decryption result with the received device ID for a match. When a match occurs the authentication process is considered successful and an access to the repository can be executed. In order to find the data records in the repository, the device ID and/or further identifying labels associated with the device ID are used.]

wherein the first authentication key is used to allow authenticated access to the data module [Haider, para. 0028 the decrypted device ID with time stamp is read out as the decryption result. The decryption unit can now compare the decryption result with the received device ID for a match. When a match occurs the authentication process is considered successful and an access to the repository can be executed. In order to find the data records in the repository, the device ID and/or further identifying labels associated with the device ID are used.];
the client device configured to:
 generate the request for authenticated access to the data module [Haider, para. 0054, FIG. 1, the resulting signature is then (preferably likewise initiated by the encryption unit) conveyed from the patient's local cell phone in the form of a message to the server. The message can contain requests for access to data and where applicable also further commands which can be resolved on the server side.]; and
[Haider. Para. 0054, 0101, FIG. 1, the message can contain requests for access to data (data inside the repository) and where applicable also further commands which can be resolved on the server side. The signature, optionally with a message, is conveyed by the cell phone over the mobile network or by a network provider to the server. The device ID is also transmitted in plain text in this situation. (Para. 0101, FIG. 1), the devices in question are cell phones or other mobile radio devices G. The mobile radio devices or smartphones G exchange data with a central server over the internet and/or over a mobile network (which is operated by any mobile radio network operator).]; and

store the private key of the public-private key pair associated with the data module [Haider, para. 0109, FIG. 1, the key (e.g, private key) is part of a cryptological method and can be designed as a symmetric key or as an asymmetric key pair 40, 40' (e.g., public-private key pair). Both the key 40 and also the device ID 50 are stored in hidden form in a program memory 30 of the device G.];
 receive data from a medical device [Haider, para. 0080-0081, the signature is sent with the device ID (e.g., data form the medical device) and where applicable with a message from the device to the registry. [0081] the signature is sent together with the device ID and where applicable a message and optionally symmetrically encrypted and instead the encryption result is sent.];
[Haider, 0122-0123, (examiner notes that signature prototype SIG- is the second authentication key), In an alternative development the key 40' is not stored in the repository 12 (this is also possible if the storage area is access-protected) but in a separate memory to which the registry 10 has access. The decryption key 40' is associated in a one-to-one manner with the encryption key 40 and is part of an asymmetric encryption. As a rule it involves an asymmetric key pair comprising a private key and a public key. [0123] In this situation the private key cannot be viewed and is stored in hidden form in the program memory 30 of the device G, while the public key 40' is stored in a central memory. In this embodiment the memory (for example the repository 12) comprises an association table between device ID 50 and key 40, 40'. After the associated decryption key 40' has been released in each case it is forwarded to the decryption unit E. Thereupon the decryption unit E can decrypt the signature SIG, resulting in the signature prototype SIG-UB, in order to then perform the authentication process by comparison (as already described above).  (Para. 0124), On successful authentication an access can again be performed to the repository 12 in order to read in and preferably to encrypt in encrypted form (normally with the public key 40') the specifically requested data record and transmit it via the registry 10 to the device G. The encrypted data is identified in FIG. 3 by the oval label "ENC (DATA)".].

 and[Haider, 0122, (examiner notes that signature prototype SIG- is the second authentication key), In an alternative development the key 40' is not stored in the repository 12 (this is also possible if the storage area is access-protected) but in a separate memory to which the registry 10 has access. The decryption key 40' is associated in a one-to-one manner with the encryption key 40 and is part of an asymmetric encryption. As a rule it involves an asymmetric key pair comprising a private key and a public key.] 
Haider does not explicitly disclose, the data module including a user interface configured to display data and receive a user input, wherein the data module is configured to:
However, Spencer does disclose, the data module including a user interface configured to display data and receive a user input, wherein the data module is configured to [Spencer, Col. 1 and 2, lines 62-67 and 1-2 and  Col. 9, lines 15-19, For example, a drug delivery device, such as an insulin pump, may have a limited user interface that includes one or more lights (e.g., LED lights) to provide status information for the device, but may not include a display that would be capable of readily outputting information or a user interface through which a user could provide input to configure secure connections and communication with other devices, such as smartphones.  (Col. 9, lines 15-19), the controller 104 can provide a user interface through which a user can input a unique identifier for the device 106, which may be identified on the device 106 or other associated materials (e.g., product package).]:

Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of Spencer (Spencer, Col. 1 and 2, lines 62-67 and 1-2 and Col. 9, lines 15-19, Spencer “providing an encrypted interface communication”) that would enable Haider to provide an improved computer security and secure communication between medical devices and computing devices by implementing an interface for the medical device so that client/patent can enter/exchange data to the server and the medical database.
Haider and Spencer does not disclose, determine a first time;
generate a first authentication key based at least on the private key and the first time,
determine a second time;
generate a second authentication key based at least on the private key and the second time;
However, Reese does disclose, determine a first time [Reese, para. 0074, FIG. 2 and FIG. 10, (Examiner notes that a time is provided during the authentication process by the timekeeping engine) Timekeeping engine 254, similar to timekeeping engine 204, is programmed, or otherwise configured, to provide access to a stable and trusted time source (which may be provided by an internal circuit or via a trusted external service).] and 
generate a first authentication key based at least on the private key and the first time [Reese, para. 0074, 0076, FIG. 10 (Examiner notes a timestamp is obtained that represents the current time and the authentication transaction through an OTP would also generate the authentication key as cited in the application’s specification paragraph 0013, which is a one-time authentication key which expires after a period of time.  The secret key contains key pair including the private key) is a flow diagram illustrating operations of an authentication transaction carried out by OTP presenter 200 according to an embodiment. At 1002, OTP presenter 200 receives an authentication request. At 1004, timekeeping engine 204 of OTP presenter 200 provides a timestamp for use with the authentication transaction. The timestamp may be generated locally by timekeeping engine 204 in one embodiment. In another embodiment, the timestamp may be obtained from an external timekeeping service by timekeeping engine 204. (Para. 0076), At 1008, OTP sequence generator 208 generates a time- and party-dependent OTP sequence based on the shared secret and on the timestamp. In an embodiment, the OTP sequence is a cryptographic hash of the shared secret, concatenated with the timestamp. In a related embodiment, a sequence number may also be concatenated with the shared secret and timestamp as follows: OTPSeq=Hash(Z.parallel.N.parallel.T). where Hash( ) represents a cryptographic hashing operation using an algorithm such as SHA-256, SHA-1, MD5, or the like; Z represents the shared secret, N represents a sequence index number (e.g., 0001, 0002, etc.), T represents the timestamp value, and .parallel. represents byte-level concatenation of these values.], 
 determine a second time; [Reese, para. 0034, 0074, FIG. 2 and FIG. 10, (Examiner notes that a time is provided during the authentication process by the timekeeping engine thus during the second authentication a current time is different which is the second time), OTP sequence generator 208 is constructed, programmed, or otherwise configured, to generate different one-time-use codes to authenticate OTP presenter 200 as the authenticating party. The one-time use codes are based on the shared secret and on a mutually-known changing value between OTP presenter 200 and the corresponding relying party, such as the current time e.g., available via timekeeping engine 204.  (Para. 0074), Timekeeping engine 254, similar to timekeeping engine 204, is programmed, or otherwise configured, to provide access to a stable and trusted time source (which may be provided by an internal circuit or via a trusted external service).];
generate a second authentication key based at least on the private key and the second time [Reese, para. 0074, 0076, FIG. 10 (Examiner notes a timestamp is obtained that represents the current time for each step of authentication that is different from one before, and the authentication transaction through an OTP would also generate the authentication key where the secret key is the private key) is a flow diagram illustrating operations of an authentication transaction carried out by OTP presenter 200 according to an embodiment. At 1002, OTP presenter 200 receives an authentication request. At 1004, timekeeping engine 204 of OTP presenter 200 provides a timestamp for use with the authentication transaction. The timestamp may be generated locally by timekeeping engine 204 in one embodiment. In another embodiment, the timestamp may be obtained from an external timekeeping service by timekeeping engine 204. (Para. 0076), At 1008, OTP sequence generator 208 generates a time- and party-dependent OTP sequence based on the shared secret and on the timestamp. In an embodiment, the OTP sequence is a cryptographic hash of the shared secret, concatenated with the timestamp. In a related embodiment, a sequence number may also be concatenated with the shared secret and timestamp as follows: OTPSeq=Hash(Z.parallel.N.parallel.T). where Hash( ) represents a cryptographic hashing operation using an algorithm such as SHA-256, SHA-1, MD5, or the like; Z represents the shared secret, N represents a sequence index number (e.g., 0001, 0002, etc.), T represents the timestamp value, and .parallel. represents byte-level concatenation of these values.].
Haider, Spencer, and Reese are in the same filed of endeavors as they are both pertinent to field of medical technology and information technology and generally relates to an authentication system for the authentication of mobile electronic devices against central server for the secure exchange of medical data and information processing and security, more particularly, to performing authentication of a transacting party using a one-time password (OTP) technique.
Therefore, it would have been obvious to one of ordinary skilled in art before the effective filing date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a 

Regarding claim 2. The combination of Haider, Spencer, and Reese does disclose, the system of claim 1.  Furthermore, Haider does disclose, wherein the data module is further configured to, in response to determining that the second authentication key generated by the data module and the first authentication key generated by the server do not match, display a message indicating an authentication failure [Haider, para. 0090, the authentication process comprises a further additional comparison, namely a comparison of the times of day. If the device ID matches, meaning that the authentication process is considered successful, but the times, in other words the time stamp, do not match, then the device should be informed by way of a warning signal that the times of day need to be updated. According to an aspect of at least one embodiment of the invention, provision is however also made in this case that the deviation of the time stamps could possibly indicate the message having been compromised. The server is therefore also informed by means of a report that a compromised situation has possibly occurred here. Further analysis steps can be triggered here if necessary.] .  

Regarding claim 3. The combination of Haider, Spencer, and Reese does disclose, the system of claim 1.  Haider and Reese does not disclose, wherein the data module is configured to grant authenticated access using a challenge-response protocol.
However, Spencer does disclose, wherein the data module is configured to grant authenticated access using a challenge-response protocol [Spencer, Col. 13 lines 1-11, FIG. 1, Step L148, in response to receiving the challenge, the device 106 can determine an appropriate value, such as selecting an appropriate shared secret to retransmit and/or computing a value from such a shared secret, and can transmit it as a challenge response to the computer system 102, as indicated by step L (148). For example, the challenge response can include a certificate, another shared secret, and/or a value determined by the computing device 106 from one or more shared secrets. The computer system 102 can receive the challenge response and use it to determine whether the device 106 is valid/authentic.].
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an 
  
Regarding claim 4. The combination of Haider, Spencer, and Reese does disclose, the system of claim 1.  Furthermore, Haider does disclose, wherein, upon successful authentication, the data module is configured to transmit the data to the client device [Haider, para. 0028, 0064, when a match occurs the authentication process is considered successful and an access to the repository can be executed. In order to find the data records in the repository, the device ID and/or further identifying labels associated with the device ID are used.  (Para. 0064) after successful authentication, using his smartphone each patient then reaches his patient-specific entries in the repository by way of the registry.].
Regarding claim 7. The combination of Haider, Spencer and Reese does disclose, the system of claim 1. Haider, Spencer does not disclose, wherein the data module determines the first time by rounding a time maintained by the data module to a time interval and by the server determines the second time by rounding a time maintained by the server to the time interval such that the first time determined by the data module and the second time determined by the server are the same.
the data module determines the first time by rounding a time maintained by the data module to a time interval and by the server determines the second time by rounding a time maintained by the server to the time interval such that the first time determined by the data module and the second time determined by the server are the same [Reese, para. 0083-0084, FIG. 11, (Examiner notes that within the time window corresponds to an expected rime duration which is interpreted as the rounding of time) At 1108, certificate verifier 262 checks whether the certificate is the same certificate that was previously registered in the processes of FIGS. 8-9. If the certificate is not the same as the registered one, the authentication transaction may be terminated due to a failure of certificate verification. If the certificate matches the registration, the process advances to 1110, where timekeeping engine 254 obtains a series of timestamps within a time window preceding the current time. [0084] At 1112, shared secret generator 526 uses the OTP presenter's public key from the certificate and the private key of OTP verifier 250 to compute the shared secret value Z. At 1114, OTP sequence verifier 528 determines a time window over which the OTP sequence is considered valid. This time window may be in the range of some fraction of a second to several seconds according to an example embodiment. More generally, the time window corresponds to an expected rime duration between the timestamp obtained by OTP presenter 200 at operation 1004, and receipt of the certificate and OTP sequence at 1106. In a related embodiment, the time window is based on the time of execution of operation 1104 and the time of execution of operation 1106.].  

Regarding claim 10. The combination of Haider, Spencer, and Reese does disclose, the system of claim 1.  Haider and Spencer does not disclose, wherein the first time is a current time determined by the server. 
However, Reese does disclose, wherein the first time is a current time determined by the server [Reese, para. 0092 and 0109, In Example 7, the subject matter of any one or more of Examples 1-6 optionally include a timekeeping engine to produce a first timestamp based on a current time; and wherein the OTP sequence generator is to generate the first OTP sequence based on the first timestamp. (Para. 0109), in Example 24, the subject matter of any one or more of Examples 17-23 optionally include a timekeeping engine to produce a series of timestamps in a time window preceding a current time and wherein the OTP sequence verifier is to generate the estimates of the first OTP sequence based on at least a portion of the series of timestamps, wherein the verification copy of the first OTP sequence is one of the estimates].
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of with the teachings of Spencer (Spencer, Col. 29, lines 9-21, Col. 17, lines 1-7, FIG. 2) and further with teachings of Reese that is related to information security and performing authentication of a transacting party using a one-time password technique (Reese, para. 0092 and 0109)  would enable Haider and Spencer to further implement a secure exchange between the client the server to provide an additional factor to authentication protocols to assist in providing assurances that the authenticating party is legitimate and is the individual to whom authorizations should be issued based on a successful authentication.
Regarding claim 11. The combination of Haider, Spencer, and Reese does disclose, the system of claim 1.  Haider and Reese does not disclose, wherein the request for authenticated access to the data module includes additional information for instructing the data module. 
[Spencer, Col. 15, lines 20-47 FIG. 2, the device 206 can communicate with the computer system 202 using a communication channel that passes through the controller 204. For instance, the controller 204 can establish a network connection with the device 206 over the network 228 and another network connection with the computer system 202 over another network 258 (e.g., internet, WAN, LAN, mobile data network, Wi-Fi network, or any combination thereof), and can retransmit communication between the device 206 and the computer system 202. Such pass-through communication can be encrypted from endpoint to endpoint by the device 206 (using the encryption chipset 209) and the computer system 202 so as to make the communication private (indecipherable to the controller 204 and any other computing devices along the communication path). For example, all packets transmitted by the device 206 to the computer system 202 can be encrypted with AES in GCM mode, and all packets transmitted by the computer system 202 to the device 206 can be encrypted with AES in GCM mode as well. The communication over the network 228 can using additional layers of encryption, such as BLE with 128 bit AES encryption. The communication over the network 258 can also include additional layers of encryption, such as a secure socket layer (SSL) between the computer system 202 and the controller 204. In some cases, the network 228 and the network 258 can be different communication networks, while in other cases the network 228 and the network 258 can be the same communication network.].  

Regarding claim 12. The combination of Haider, Spencer, and Reese does disclose, the system of claim 11.  Haider and Reese does not disclose, wherein the additional information includes a request for access to the data module.
However, Spencer does disclose, wherein the additional information includes a request for access to the data module[Spencer, Col. 9, lines 33-50, FIG. 1 and Col. 24, lines 21-35, FIG. 3 and FIG. 6, Component 616, in response to receiving the request to register the device 106 with the controller 104 and its associated user, the computer system 102 can verify the controller and user (e.g., verify username and password, verify authentication certificate for the controller 104 and/or its application), and can check whether the device is already registered, as indicated by step C (122). For example, the computer system 102 can be programmed to restrict registration of each device to a single user account. However, the computer system 102 may permit each user account to register multiple devices and/or multiple controllers… (Col. 24, lines 21-35, FIG. 3 and FIG. 6, Component 616), the device 302 can authenticate on a crypto processor with certificate, such as authenticating against a crypto processor file system node (dependent on crypto processor). For example, the device 306 can access a crypto processor file system (614), which can unlock device and application information (616), such as a device policy, an app certificate, computer system authentication keys, application authentication keys, a computer system certificate, and/or a device certificate. Such values may have been encrypted by the crypto processor on the device 306 with a random AES key and the user's password, and may have been stored in an operating system keychain. Such decrypted values can be used to determine whether the user and the app on the controller 304 are authentic/valid (618).] .  
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of Reese that relates to information processing and security, more particularly, to performing authentication of a transacting party using a one-time password (OTP) technique (Reese, please see abstract and para. 0001) with the teachings of Spencer (Spencer, Col. 9, lines 33-50, FIG. 1 and Col. 24, lines 21-35, FIG. 3 and FIG. 6) would enable Haider and Rees to further secure the exchange 
Regarding claim 14. The combination of Haider, Spencer, and Reese does disclose, the system of claim 11.  Haider and Reese does not disclose, wherein the additional information includes a request for the data module to enter a maintenance mode.
However, Spencer does disclose, wherein the additional information includes a request for the data module to enter a maintenance mode [Spencer, Col. 29, lines 9-21, Col. 17, lines 1-7, FIG. 2, the controller application 252 can be programmed to transmit control signals to the device 206, to receive operational data from the device 206 (e.g., data describing operations that are performed and user feedback (active and/or passive feedback) in response to the operations), to determine updates to operational models (e.g., dosing models) that are used by the device 206, and to transmit control signals to use the updated operational models.  (Col. 29, lines 9-21), the mobile computing device 60 provides a user interface (e.g., graphical user interface (GUI), speech-based user interface, motion-controlled user interface) through which users can provide information regarding maintenance activities and/or review upcoming scheduled maintenance tasks. Although mobile computing device 60 is depicted in FIG. 9A as including the primary user interface, with a limited user interface available on controller 900, in some cases methods, devices, and systems provided herein can have a primary user interface as part of pump assembly 15 and can operate with a mobile computing device 60 acting as a secondary user interface.].  
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) that relates to information processing and security, more particularly, to performing authentication of a transacting party using a one-time password (OTP) technique (Reese, please see abstract and para. 0001) With the teachings of Reese, with the teachings of Spencer (Spencer, Col. 29, lines 9-21, Col. 17, lines 1-7, FIG. 2) would enable Haider and Reese to further secure the exchange between the client the server and the repository or data module when communication is enabled to add additional information such as enter a maintenance mode.
Regarding claim 17. The combination of Haider, Spencer, and Reese does disclose, the system of claim 1.  Haider and Reese does not disclose, wherein the private key is loaded into the data module during at least one of manufacturing or distribution of the data module.
However, Spencer does disclose, wherein the private key is loaded into the data module during at least one of manufacturing or distribution of the data module [Spencer, Col. 7, lines 62-67 and Col. 8, lines 1-12, the computer system 102 can have previously received information 112 for the device 106 that is stored in a data repository 110 (e.g., databases, data server system, cloud-based storage system) that is accessible to the computer system 102. The information 112 can include a variety of details regarding the device 106, such as a unique identifier (e.g., serial number, assigned unique identifier), product information (e.g., model number, manufacture date, ship date, point of sale, firmware/operating system version, MAC address for the device 106), secure communication information (e.g., public encryption key for the device 106), authentication information (e.g., authentication certificate, other secret value), and/or other appropriate information that can be used to communicate with the device 106. The information 112 can be generated and populated into the data repository 110 from before sale/distribution of the device 106 (e.g., populated during a manufacturing/production process).].  
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of Reese that relates to information processing and security, more particularly, to performing authentication of a transacting party using a one-time password (OTP) technique (Reese, please see abstract and para. 0001) with the teachings of Spencer (Spencer, Col. 7, lines 62-67 and Col. 8, lines 1-12) would enable Haider and Reese to implement a secure environment so that the client, the server and the repository or data module when a manufacturing or distribution of the data module is included.
Regarding claim 18. The combination of Haider, Spencer, and Reese does disclose, the system of claim 17.  Furthermore, Haider does disclose, wherein the private key is further stored by the server after the private key is loaded into the data module [Haider, para. 0059, for the encryption in the context of signature generation an asymmetric encryption of the personal data by the central server is normally provided for the particular device. To this end, according to at least one embodiment of the invention the private key is stored in protected fashion ("hidden") in the device and an associated public key is stored on the server. The association of the key pair (public key, private key) is either made available by a third-party supplier or is stored in the central server.].  

Claims 8-9 and 15-16 are rejected under 35 U.S.C. 103 as being unpatentable over Haider et al. (US PGPUB No. 2015/0032633) in view of Spencer et al. (US Patent No. 9,980,140) further in view of Reese et al. US PGPUB No. 2018/0007037) and further in view of Meric et al. (US PGPUB No. 2017/0222815).

Regarding claim 8. The combination Haider, Spencer, and Reese does disclose, the system of claim 7.  Haider and Spencer and Reese, does not disclose, wherein the time interval is adjustable to set a floor or ceiling of acceptable synchronization precision.
However, Meric does disclose, wherein the time interval is adjustable to set a floor or ceiling of acceptable synchronization precision [Meriac, para. 0193, as the time values of timers 421 and 423 are synchronised, the time value within the data communication 431 from the server 402 should match the time value generated by timer 421. (Matching includes being within an allowable time window to take account of any delays/latency in the communication between server and client device).]. 
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of Spencer that discloses security and secure communication between medical devices and other computing devices such as a computer system and/or smartphones (Spencer, please see the abstract and Col. 1 lines 15-19) along with teachings of Meriac (Meriac, para. 0193) that would enable Haider and Spencer and Reese to implement a verification data which would comprise of synchronized time value or a counter time and further verifying the signature at the data processing device communications that can be trusted and relied upon to prevent and/or detect security risks and attempted acts of intrusion by third parties. 
 
Regarding claim 9. The combination of Haider, Spencer, and Reese does disclose, the system of claim 1. Haider, Spencer, and Reese does not disclose, wherein the first time and the second time each includes at least one of TAI, UTC, and UNIX time
However, Meriac does disclose, wherein the first time and the second time each includes at least one of TAI, UTC, and UNIX time [Meriac. Para. 0191, the client device 401 comprises a timer 421 within the trusted region 404 whilst the server 402 comprises a timer 423, whereby the timers 421/423 generate a synchronised common time value (for example a UNIX time value).].  
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of Spencer that discloses security and secure communication between medical devices and other computing devices such as a computer system and/or smartphones (Spencer, please see the abstract and Col. 1 lines 15-19) and with teachings of Meriac (Meriac, para. 0191 that would enable Haider and Spencer and Reese to implement a verification data which would comprise of synchronized time value or a counter time and further verifying the signature at the data processing device communications that can be trusted and relied upon to prevent and/or detect security risks and attempted acts of intrusion by third parties.
Regarding claim 15. The combination of Haider Spencer, and Reese does disclose, the system of claim 1. Haider, Spencer, and Reese does not disclose, wherein the first and second authentication keys are one-time authentication keys
 However, Meriac does disclose, wherein the first and second authentication keys are one-time authentication keys [Meriac, para. 0171, the crypto-watchdog 405 may require a verifiable communication from the trusted server 402 in order to reset the watchdog timer 406. In the present embodiment, the crypto-watchdog 405 is operable to generate a challenge communication 408 comprising authentication data, for example a cryptographic nonce, whereby the nonce is generated within the trusted region.].
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of Spencer that discloses security and secure communication between medical devices and other computing devices such as a computer system and/or smartphones (Spencer, please see the abstract and Col. 1 lines 15-19) and with teachings of Meriac (Meriac, para. 0171) that would enable Haider and Spencer and Rees to implement a verification data which would comprise of synchronized time value or a counter time and further verifying the signature at the data processing device communications that can be trusted and relied upon to prevent and/or detect security risks and attempted acts of intrusion by third parties.   
Regarding claim 16. The combination of Haider, Spencer, and Reese, does disclose, the system of claim 15.  Haider, Spencer, and Reese, does not disclose, wherein the first and second authentication keys expire after a period of time.
However, Meriac does disclose, wherein the first and second authentication keys expire after a period of time [Meriac, para. 0254, the instructions/commands within communications from the server to the client device may include instructions relating to the capabilities/functions/features of client devices which may be permitted or restricted for a predetermined period of time, which, depending on the requirements of the client device, could range from seconds, minutes, hours and/or days, or until subsequent reconnection with a trusted server is restored. Alternatively, capabilities/functions/features, may be permitted or restricted when connection to a trusted server is lost for a period of time.].
Therefore, it would have been obvious to one ordinary skill in art before the effective date of claimed invention to modify the teachings of Haider that relates to an authentication system for the authentication of mobile electronic devices against a central server for the secure exchange of medical data (Haider, please see abstract and para. 0002) with the teachings of Spencer that discloses security and secure communication between medical devices and other computing devices such as a computer system and/or smartphones (Spencer, please see the abstract and Col. 1 lines 15-19) and with teachings of Meriac (Meriac, para. 0254) that would enable Haider and Spencer and Rees to implement a verification data which would comprise of synchronized time value or a counter time and further verifying the signature at the data processing device communications that can be trusted and relied upon to prevent and/or detect security risks and attempted acts of intrusion by third parties.

Conclusion
The prior art made of record and not relied upon is considered pertinent to application’s disclosure:
US PGPUB No. (2017/0310662) to Hamlin disclose, Systems and methods for time-based local authentication are described. In some embodiments, an Information Handling System (IHS) may include a processor; and a memory coupled to the processor, the memory having program instructions stored thereon that, upon 
US PGPU No. (2019/0173881) to Zhang disclose, an authentication method. The method includes receiving an authentication request sent from a target browser, the authentication request comprising information to be authenticated and a jump parameter used for implementing a jump between the target browser and the authentication client; after authenticating the information to be authenticated to obtain an authentication result, searching for identification information of the target.
US PGPUB No. () to Yoo disclose, a user authentication method with enhanced security is provided. The method includes generating a first common authentication key if a user of the user terminal enters a private password and providing the generated first common authentication key to an authentication server, registering the first common authentication key and user information by matching the first common authentication key with the user information, generating a second common authentication key in real time if the user enters the private password, generating a server authentication key, generating first server authentication information by calculating a one time password (OTP) by using the server authentication key.
US Patent No. (9,848,075) to Ahmad disclose, A user device and a breath analysis device (or other types of portable devices) use a pairing and communication protocol that address user convenience and connectivity issues. For example, a breath 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MOHAMMAD S SHAMS whose telephone number is (571)272-3406.  The examiner can normally be reached on Monday-Friday 8:00 AM-5:30 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kambiz Zand can be reached on (571) 272-3811.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 






/MOHAMMAD S SHAMS/Examiner, Art Unit 2434    


/SAMSON B LEMMA/Primary Examiner, Art Unit 2498