Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The present Office Action is responsive to communication received 3/30/2020. Claims 1-20 are pending.

Information Disclosure Statement
The information disclosure statements (IDS) submitted on 3/30/2020 and 8/18/2020 are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statements are being considered by the examiner.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.



Claim 2 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.
Claim 2 recites “ receiving a command ..., wirelessly pairing the pairing responder device with the pairing initiator device without further input from the user” and further ... “ based on the detecting, prompting the user whether to input the command to wirelessly pair with the pairing responder device; and based on receiving the command to wirelessly pair with the pairing responder device, sending, to the pairing responder device, a request to wirelessly pair with the pairing responder device”.
It is unclear whether a command is used to wirelessly pair with the responder device and further the command is inputted (again) to wirelessly pair with the responder device. Is it a subsequent pairing? Additionally, claim 2 recites a pairing without further input from the user, yet claim 2 also recites prompting the user to input the command, rendering the claim indefinite.
Clarification is kindly requested.


Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.



Claims 1, 7, 11, 16 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over US 20190036688 to Wasily et al., hereinafter Wasily,  in view of publication titled “A framework for secure device pairing by demonstration of physical proximity” by Malkani et al., 2010, 6 pages,  hereinafter Malkani.
Regarding claim 1, Wasily discloses:
A pairing initiator device comprising (Fig. 1a, device 102 personal device): a computer processor system; a transceiver; and a computer memory storing instructions executable by the computer processor system to cause the pairing initiator device to perform operations comprising (Fig. 2: processors, memory, [0042]: network access device 124 is the transceiver): receiving, a command to wirelessly pair with a pairing responder device ([0056]: personal device sends access request to establish a connection with the medical device (i.e pairing request, see also [104]), wireless connection [0042]); ranging, using the transceiver, with a transceiver of the pairing responder device to determine a distance between the pairing responder device and the pairing initiator device  ; and based on the distance being below a threshold distance, wirelessly pairing the pairing responder device with the pairing initiator device ([0048] processor (transceiver) communicates with other devices; [0043] determine distance is less than a threshold, establish the connection based on the distance).  
Wasily discloses a start command from the personal device but does not explicitly teach the start command is from a user; however, Wasily suggests action from a user such as the access request to establish the connection (pairing) includes a command or instruction to control administration of a treatment ([0056]), inputted by a user thru a user interface ([0031]). 
Wasily discloses the personal device scans the network to discover the medical device to pair with ([0055]), and a multiple medical devices can be controlled by the personal device ([0023]), but Wasily does not teach the pairing without further input from the user. In an analogous art, Malkani discloses a client device displaying devices from a user and  the pairing without further input from the user. It would have been obvious to a skilled artisan before the instant application was effectively filed to explicitly request the pairing from the user, the request being the only input associated with the pairing because it would allow minimize user’s involvement (Malkani p. 2 first paragraph) as well as ensuring “that commands, communication and/or instructions among the devices are secure” (Wasily [0023]).

Regarding claim 7, Wasily discloses 
A method comprising: receiving, at a pairing initiator device, a pairing operation start command to wirelessly pair with a pairing responder device ([0056]: personal device sends access request to establish a connection with the medical device (i.e pairing request, see also [104]), wireless connection [0042]); and based on receiving the pairing operation start command, performing, with the pairing initiator device, a pairing operation to wirelessly pair with the pairing responder device ([0074][0075]: verify digital certificate or identifiers included in request prior to the pairing).  
Wasily discloses a start command from the personal device but does not explicitly teach the start command is from a user; however, Wasily suggests action 
Wasily discloses the personal device scans the network to discover the medical device to pair with ([0055]), and a multiple medical devices can be controlled by the personal device ([0023]), but Wasily does not teach wherein the pairing operation start command is the only user input associated with the pairing operation. In an analogous art, Malkani discloses a client device displaying devices discovered from the scanning, a user selecting the device the client device wants to pair with and the PoP (proof-of-proximity)protocol  (Fig. 8e-f) and requesting pairing (p. 5, right column, last paragraph); Malkani also discloses 4 categories of PoP protocols, including one which does not involve user in PoP process at all, i.e automatic pairing (p.4, paragraph below Fig. 4). Therefore Malkani discloses a pairing request from a user and  the pairing operation start command is the only user input associated with the pairing operation. It would have been obvious to a skilled artisan before the instant application was effectively filed to explicitly request the pairing from the user, the request being the only input associated with the pairing because it would allow minimize user’s involvement (Malkani p. 2 first paragraph) as well as ensuring “that commands, communication and/or instructions among the devices are secure” (Wasily [0023]).

Regarding claim 11, Wasily in view of Malkani discloses the method of claim 7, wherein the pairing operation includes: determining a distance between the pairing initiator device and the pairing responder device; and completing the pairing operation 
Regarding claim 16, Wasily discloses:
A pairing responder device comprising (Fig. 1a: medical device): a computer processor system; a transceiver; and a computer memory storing instructions executable by the computer processor system to cause the pairing responder device to perform operations comprising: ranging, with a transceiver of a pairing initiator device to determine a distance between the pairing responder device and the pairing initiator device ([0048] the medical device ‘s processor communicates with the personal device (transceiver), [0043]: the ranging to measure the proximity between the 2 devices) ; and based on the distance being below a threshold, wirelessly pairing the pairing responder device with the pairing initiator device ([0043]: pair if distance below a threshold)  .  
Wasily does not explicitly teach the ranging is using the transceiver of the medical device. However, it is well known in the art that proximity measurements involve the two devices, as evidenced by Malkani. Malkani discloses a resource device (responder) receiving a message from an initiator device and starting to generate proof-of-proximity (PoP) data, using a PoP protocol which does not require involvement of the user at all i.e an automatic pairing scheme (p. 4, on left, paragraph below Fig. 4). Therefore Malkani discloses using a transceiver and the pairing  without input from a user to the pairing responder device. It would have been obvious to a skilled artisan before the instant application was effectively filed to perform the ranging using the responder’s device transceiver and pair automatically as taught by Malkani because it 
Regarding claim 17, Wasily in view of Malkani discloses the pairing responder device of claim 16, further comprising: a cryptographic circuit (Wasily [0048]: the medical device ‘s processor encrypts, decrypts data and verifies signatures); wherein the cryptographic circuit is a secure circuit and stores a unique identifier that was determined prior to wirelessly pairing with the pairing initiator device (Wasily [0084]: certificate provisioned during manufacturing; [0095]-[0096] identifiers such as embedded secrets provisioned at manufacturing).  

Claim 12 is rejected under 35 USC 103 as being unpatentable over Wasily in view of Malkani and further view of publication titled “Near Field Communication”, by Curran et al., 2012, IJECE, p. 371-382, hereinafter Curran.
Regarding claim 12, Wasily in view of Malkani discloses the method of claim 11, but does not teach wherein the threshold distance is between 10 cm and 50 cm.  However, Wasily discloses proximity sensors that measure the distance between the initiator and the responder devices including those used in NFC, Bluetooth ... ([0042][0043). In an analogous art, Curran discloses a maximum distance of 20 cm or less, for communicating between two devices using NFC (see abstract, see also p. 373, second paragraph). Therefore Curran teaches a threshold distance is between 10 cm and 50cm. It would have been obvious to a skilled artisan before the application was filed to set a threshold distance as taught by Curran because it would mitigate .

Claim 13 is rejected under 35 USC 103 as being unpatentable over Wasily in view of Malkani and further view of publication titled “Trustworthiness of Medical Devices and Body Area Networks”, by Zhang et al., 2014, IEEE, p. 1174-1188, hereinafter Zhang. 
Regarding claim 13, Wasily in view of Malkani discloses the method of claim 7, but does not explicitly teach wherein the pairing responder device is not configured to communicate with an attestation server prior to the pairing operation.  
In an analogous art, Zhang discloses medical devices organized in a body area network and configured to communicate with a hub using short range communications (p. 1176, Fig. 1c); the medical devices use “communications that are designed to be inherently short range” ... (p. 1180, last paragraph on right). Therefore knowing the teachings of Zhang, it would have been obvious to a skilled artisan before the application was filed to implement the responder device enabled for short range communications only, therefore not configured to communicate with any server; One would be motivated to use such a responder device because it would “mediate radio attacks”, increasing security (Zhang, p. 1180, left column, last paragraph).

Claims 5, 14 and 20 are rejected under 35 USC 103 as being unpatentable over Wasily in view of Malkani and further view of US 20070300070 to Shen-Orr et al., hereinafter Shen-Orr.
Regarding claim 5, Wasily in view of Malkani discloses the pairing initiator device of claim 1, further comprising: a cryptographic circuit (Wasily Fig. 1A trusted environment 112) ; wherein the operations further comprise: receiving, from the pairing responder device, a first cryptographic indicator generated by the pairing responder device, wherein the first cryptographic indicator is useable by an attestation server to authenticate the pairing responder device (Wasily [0084] receive from responder a message including the responder’s certificate, known to be used to authenticate the responder); and generating, with the cryptographic circuit, a shared ranging key based on cryptographic identities of the pairing initiator device and the pairing responder device (Wasily [0101]: generate shared secret based on exchange of identities with the responder device; [0045] secure element is used for key generation and storage)); Wasily in view of Malkani does not teach: wherein the ranging is performed using the shared ranging key.  
In an analogous art, In an analogous art, Shen-Orr discloses determining proximity between 2 devices, the devices exchanging and verifying certificates ([0069]), performing a handshake in which each party uses a random number ([0070]-[0071], which are combined to produce a shared key ([0073]). The shared key is used to sign messages in a “proximity challenge” ([0081], used to determine the proximity of the 2 devices compared to a threshold ([0077]-[0078]) ; therefore, Shen-Orr discloses wherein the ranging is performed using the shared ranging key.  It would have been obvious to a skilled artisan before the instant application was filed to secure the ranging communications  with a shared key as taught by Shen-Orr because it would ensure “securely measuring proximity between network elements in a network while minimizing 

Regarding claim 14, Wasily in view of Malkani discloses the method of claim 7, wherein the pairing operation includes: receiving, from the pairing responder device at the pairing initiator device, a first cryptographic indicator useable by an attestation server to authenticate the pairing responder device (Wasily[0084] responder device provides its certificate to initiator, a certificate is known to be usable by an attestation server to authenticate a device ); generating a shared ranging key based on cryptographic identities of the pairing initiator device and the pairing responder device (Wasily [0101]: generate a shared secret based on the certificate); 
Wasily in view of Malkani does not teach the rest of the claim. 
In an analogous art, Shen-Orr discloses determining proximity between 2 devices, the devices exchanging and verifying certificates ([0069]), performing a handshake in which each party uses a random number ([0070]-[0071], which are combined to produce a shared key ([0073]). The shared key is used to sign messages in a “proximity challenge” ([0081], used to determine the proximity of the 2 devices compared to a threshold ([0077]-[0078]) ; therefore, Shen-Orr discloses ranging, with the pairing initiator device using the shared ranging key to secure ranging communications, to determine a distance between the pairing responder device and the pairing initiator device.  It would have been obvious to a skilled artisan before the instant application was filed to secure the ranging communications  with a shared key as taught by Shen-Orr because it would ensure “securely measuring proximity between network 

Regarding claim 20, Wasily in view of Malkani discloses the pairing responder device of claim 16, further comprising a cryptographic circuit (Wssily [0048]); wherein the operations further comprise: generating, with the cryptographic circuit, a shared ranging key based on cryptographic identities of the pairing initiator device and the pairing responder device (Wasily [0101]: generate a shared secret based on the certificate) ; Wasily in view of Malkani does not explicitly teach wherein the ranging is performed using the shared ranging key to secure ranging communications.  In an analogous art, Shen-Orr discloses determining proximity between 2 devices, the devices exchanging and verifying certificates ([0069]), performing a handshake in which each party uses a random number ([0070]-[0071], which are combined to produce a shared key ([0073]). The shared key is used to sign messages in a “proximity challenge” ([0081], used to determine the proximity of the 2 devices compared to a threshold ([0077]-[0078]) ; therefore, Shen-Orr discloses the ranging is performed using the shared ranging key to secure ranging communications.  It would have been obvious to a skilled artisan before the instant application was filed to secure the ranging communications  with a shared key as taught by Shen-Orr because it would ensure “securely measuring proximity between network elements in a network while minimizing hardware requirements through using facilities of secure devices and secure elements in the network” (Shen-Orr [0010]).

Claims 2, 15 and 19 are rejected under 35 USC 103 as being unpatentable over Wasily in view of Malkani and further view of US 10796563 to Bell, hereinafter Bell.

Regarding claim 2, Wasily in view of Malkani discloses the pairing initiator device of claim 1, wherein the operations further comprise: detecting the pairing responder device (Wasily [0055]: detect, discover the responder);
Wasily in view of Malkani does not explicitly teach yet Bell discloses in an analogous art discloses based on the detecting, prompting the user whether to input the command to wirelessly pair with the pairing responder device (col.9:63-67:; col. 10:12-23: detect clock, ask user whether to pair and update the clock); and based on receiving the command to wirelessly pair with the pairing responder device, sending, to the pairing responder device, a request to wirelessly pair with the pairing responder device (col.10:24-32: instructions to perform the paring between the 2 devices). It would have been obvious to a skilled artisan before the instant application was filed to have the user confirm the paring command because it would ensure the proper command and device are involved with the pairing, increasing security.

Regarding claim 15, Wasily in view of Malkani discloses the method of claim 7, but does not teach the rest of the limitations. 
In an analogous art Bell discloses a primary device (initiator) receiving a command from a user to pair with a new device (responder) such as a clock  (Fig. 1, col.6:29-44, col.8:45-56); the primary device identifies the new device and pairs with it (col.9:50-67), receives instructions from a server to configure the displayed time on the 

Regarding claim 19, Wasily in view of Malkani discloses the pairing responder device of claim 16, but does not teach the rest of the limitations. 
In an analogous art Bell discloses a primary device (initiator) receiving a command from a user to pair with a new device (responder) such as a clock  (Fig. 1, col.6:29-44, col.8:45-56); the primary device identifies the new device and pairs with it (col.9:50-67), receives instructions from a server to configure the displayed time on the new device (col.10:12-44). Therefore, Bell discloses the operations further comprising: receiving, from the pairing initiator device, commands to change one or more settings of the pairing responder device; and changing one or more settings of the pairing responder device based on the commands.  It would have been obvious to a skilled artisan before the instant application was filed to configure the responder device as taught by Bell because it makes the configuration of devices effortless for the user (Bell col.1:5-10).



Claims 3-4, 8-10 and 18 are rejected under 35 USC 103 as being unpatentable over Wasily, in view of Malkani and further view of US 10382203 to Loladia et al., hereinafter Loladia.
Regarding claim 3, Wasily in view of Malkani discloses the pairing initiator device of claim 1; although Wassily discloses the responder device providing a certificate ([0084]) or identifiers such as embedded secrets to the initiator to  be sent to the server ([0095]), Wasily or Malkani does not teach but Loladia in an analogous art disclose: wherein the operations further comprise: receiving, from the pairing responder device, a first cryptographic indicator generated by the pairing responder device, wherein the first cryptographic indicator is useable by an attestation server to authenticate the pairing responder device (col. 10:25-30: the user of the mobile selects an IoT device to be paired with ... col.10:52-54: The IoT device sends to the mobile device a copy of an encrypted token plus the IoT device ID); sending, from the pairing initiator device to the attestation server, the first cryptographic indicator (col.10:55-67: the mobile device forwards the encrypted token and device ID to the server (IoT service), where the decrypted token and the device ID are validated); receiving, from the attestation server, an authentication indicator of the authenticity of the pairing responder device; and wherein the ranging and wirelessly pairing are performed based on receiving the authentication indicator (col.11:1-10: the mobile device receives from the server a message indicating that the pairing was successful).  Wasily also teaches verifying all authentication factors such as identifiers, token ...included in the response ([0078]-[0082] )and establish connection [0089]). It would have been obvious to a skilled artisan 

Regarding claim 4, Wasily in view of Malkani and Loladia discloses the pairing initiator device of claim 3, the operations further comprising: verifying the authentication indicator (Loladia col.10:55-67: the mobile device forwards the encrypted token and device ID to the server (IoT service), where the decrypted token and the device ID are validated); wherein the ranging and wirelessly pairing are performed based on verifying the authentication indicator (Loladia col.11:1-10: the mobile device receives from the server a message indicating that the pairing was successful).  

Regarding claim 8, Wasily in view of Malkani discloses the method of claim 7, but does not teach the rest of the limitations. In an analogous art, Loladia discloses:
wherein the pairing operation includes: sending, from the pairing initiator device to the pairing responder device, a request to pair the pairing initiator device with the pairing responder device (col. 10:25-30: the user of the mobile selects an IoT device to be paired with); receiving, from the pairing responder device at the pairing initiator device, a first cryptographic indicator useable by an attestation server to authenticate the pairing responder device (col.10:52-54: The IoT device sends to the mobile device a copy of an encrypted token plus the IoT device ID); sending, from the pairing initiator 

Regarding claim 9, Wasily in view of Malkani and Loladia discloses the method of claim 8, wherein the pairing operation further includes: verifying, with the pairing initiator device, the authentication indicator; and wherein completing the pairing operation is also based on successfully verifying the authentication indicator (Loladia col.11:1-10: the mobile device receives from the server a message indicating that the pairing was successful; Wasily [0088]: certificate must be validated prior to establishing the connection).  

Regarding claim 10, Wasily in view of Malkani discloses the method of claim 7, but does not teach the rest of the limitations. In an analogous art, Loladia discloses:
wherein the pairing operation includes: sending, from the pairing initiator device to the pairing responder device, a request to pair the pairing initiator device with the pairing responder device (col. 10:25-30: the user of the mobile selects an IoT device to be paired with); receiving, from the pairing responder device at the pairing initiator device, a first cryptographic indicator useable by an attestation server to authenticate the pairing responder device (col.10:52-54: The IoT device sends to the mobile device a copy of an encrypted token plus the IoT device ID); sending, from the pairing initiator device, the first cryptographic indicator to the attestation server (col.10:52-54: The IoT device sends to the mobile device a copy of an encrypted token plus the IoT device ID); receiving, at the pairing initiator device from the attestation server, an authentication failure indicator; and aborting the pairing operation based on receiving the authentication failure indicator (Col. 11:1-10: if the token is not validated, the pairing would fail, and the response sent back to the initiator).  It would have been obvious to a skilled artisan before the instant application was effectively filed, to receive a cryptographic indicator from the responder device and notifies of a pairing failure as suggested by Loladia because it would be informative and would allow the initiator to try again.

Regarding claim 18, Wasily in view of Malkani discloses the pairing responder device of claim 16, further comprising a cryptographic circuit (Wasily [0048]); wherein the operations further comprise: receiving, from the pairing initiator device, a request to 
In an analogous art, Loladia discloses:
 generating, using the cryptographic circuit, a first cryptographic indicator useable by an attestation server to authenticate the pairing responder device; sending, from the pairing responder device to the pairing initiator device, the first cryptographic indicator for retransmission to the attestation server by the pairing initiator device (col. 10:25-30: the user of the mobile (initiator) selects an IoT device (responder device) to be paired with ... col.10:52-54: The IoT device sends to the mobile device a copy of an encrypted token plus the IoT device ID); and receiving, from the pairing initiator device, an acknowledgement of authentication based on an authentication indicator received from the attestation server (col.10:55-67: the mobile device forwards the encrypted token and device ID to the server (IoT service), where the decrypted token and the device ID are validated and a response received at the initiator (col.11:1-10); Wasily also teaches completing the pairing after successful verification of all authentication factors ([0089], meaning the responder device receives the indication that verification was successful); wherein prior to wirelessly pairing with the pairing initiator device, the pairing responder device is not configured to directly communicate with the attestation server (Fig. 5: the interaction between the IoT device and the server starts at step 531, when a pairing is initiated ) .  It would have been obvious to a skilled artisan before the instant application was effectively filed, to receive a cryptographic indicator from the responder device and .

Claim 6 is rejected under 35 USC 103 as being unpatentable over Wasily, in view of Malkani and further view of US 20140235171 to Molettiere et al., hereinafter Molettiere.
Regarding claim 6, Wasily in view of Malkani disclose the pairing initiator device of claim 1, but does not teach: the operations further comprising: prompting the user to bring the pairing initiator device within the threshold distance from the pairing responder device.  
In an analogous art, Molettiere disclose the pairing between a client device and another device, further comprising: prompting the user to bring the pairing initiator device within the threshold distance from the pairing responder device ([0035]: the client cues the device to move closer to the transceiver).  It would have been obvious to a skilled artisan before the instant application was effectively filed, to prompt the user to come closer  as taught by Molettiere because it would allow distinguishing the proper device to pair with, which is “ useful when there is one client attempting to pair many devices” ([Molettiere [0036]) and also cause a stronger signal for a successful pairing.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Pupakdee et al 20210045169 discloses a user command to start the paring process between two devices, the user input is sent from a first to a second device, for validation before pairing.
Zong 20190014459 discloses a  user device initiating pairing with a smart device, the pairing method is select by a cloud server e.g. scanning a code from the smart device, extracting encrypted data to send to a server for verification.
George 20160294822 discloses a proximity based authentication using Bluetooth.
Yoder et al 20180243573 discloses sending a request to pair to a device, exchange unique id with the device using NFC.
Schaap et al 20170201380 discloses a first device initiates pairing with a second device, sends firmware with encrypted signature to the second device.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to CATHERINE B THIAW whose telephone number is (571)270-1138. The examiner can normally be reached Monday-Friday 7am-4pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CARL G COLIN can be reached on 571-272-3862. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/Catherine Thiaw/Primary Examiner, Art Unit 2493                                                                                                                                                                                                        2/11/2022