Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This action is responsive to application filed on October 16, 2020. Claims 1-20 are currently pending in the application.

Priority
 Acknowledgment is made of applicant’s claim for foreign priority under 35 U.S.C. 119 (a)-(d) for European Patent Application No. EP19203764.6, filed on October 17, 2019.

Drawings
The drawings filed on 10/16/2020 are acknowledged and are acceptable.

Claim Objections	
Claims 1, 5, and 20 are objected to because of the following informalities:
As per claim 1, line 15, "the medical device" is presumed to recite "the medical apparatus".
Claim 5 is merely a disclaimer; the claimed subject matter is not defined in terms of positive features indicating that certain technical elements are present.
As per claim 20, lines 1-2, "the medical device paired with the remote control" is presumed to recite "the medical apparatus paired with the remote control device".
Appropriate correction is required.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


	Claims 1-12 and 20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention. 
	As per claims 1 and 20, it is unclear how said "medical apparatus is configured to accept the instruction if the first hash key corresponds to the second hash key" since said "remote control device is configured to send an instruction controlling the medical apparatus based on the first hash key", without the remote control device sending the first hash key and the medical apparatus receiving it.
	Thus claims 1 and 20 are held to be indefinite. Claims 2-12 are rejected because of their dependency on previously rejected claim 1.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.


	Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Gutierrez et al. (U.S Publication No. 2017/0093822 A1; hereinafter “Gutierrez”) in view of Neftel et al. (U.S Publication No. 2015/0207626 A1; hereinafter “Neftel”).

As per claim 1, Gutierrez discloses a system comprising
a slave device 50) and a remote control device (fig. 1: master device 20) for controlling the HBN module 26 generates a second message -M2- consisting of: … the identifier -M_ID- for master device 20 ... HBN module 26 may send M2 to slave device 50"),
the slave nonce" or "R_S"; e.g. see figs. 1 and 4A, para. [0032]: "… HBN module 56 in slave device 50 may then generate an HBN and send that HBN to master device 20 via the HBCC. That HBN may also be referred to as a slave nonce. As indicated above, the slave nonce may include a random number and a timestamp"),
the remote control device is configured to receive the time-referenced information ("R_S") and to generate and to store a first hash key ("K_MS") based on the identifier of the remote control device and the time-referenced information (e.g. figs. 1 and 4B, para. [0053]: "During the OTA pairing phase, HBN module 26 and HBN module 56 may generate a common shared secret by applying a pseudo-random function (PRF) to some or all of the data that has been transmitted between master device 20 and slave device 50 via the HBCC, as shown at block 142"; para. [0054]: "In one embodiment, the PRF is an HMAC function, and the key for that function is the hash value of the concatenation of R_M and R_S. Master device 20 and/or slave device 50 may then use the output of that function (i.e., that message authenticate code) as the password or key (“K_MS”) for in-band wireless pairing. This approach may be formally defined as follows:
kprf←hash (R_M∥R_S)
K_MS←prf(kprf, hash (M_ID∥S_ID∥HAddr_M∥HAddr_S∥WAddr_M∥WAddr_S∥WIB2)"), and
the M_ID”) and to generate and to store a second hash key ("K_MS") based on the identifier of the remote control device and the time-referenced information (e.g. figs. 1 and 4B, para. [0053]: "During the OTA pairing phase, HBN module 26 and HBN module 56 may generate a common shared secret by applying a pseudo-random function (PRF) to some or all of the data that has been transmitted between master device 20 and slave device 50 via the HBCC, as shown at block 142"; para. [0054]: "In one embodiment, the PRF is an HMAC function, and the key for that function is the hash value of the concatenation of R_M and R_S. Master device 20 and/or slave device 50 may then use the output of that function (i.e., that message authenticate code) as the password or key (“K_MS”) for in-band wireless pairing. This approach may be formally defined as follows:
kprf←hash (R_M∥R_S)
K_MS←prf(kprf, hash (M_ID∥S_ID∥HAddr_M∥HAddr_S∥WAddr_M∥WAddr_S∥WIB2)"), wherein
the During the OTA pairing phase, HBN module 26 and HBN module 56 may generate a common shared secret by applying a pseudo-random function (PRF) to some or all of the data that has been transmitted between master device 20 and slave device 50 via the HBCC, as shown at block 142"; para. [0054]: "In one embodiment, the PRF is an HMAC function, and the key for that function is the hash value of the concatenation of R_M and R_S. Master device 20 and/or slave device 50 may then use the output of that function (i.e., that message authenticate code) as the password or key (“K_MS”) for in-band wireless pairing"),
wherein, when the pairing has been successfully completed, the remote control device is configured to send an instruction controlling the Storage 32 may also include one or more applications which allow master device 20 to control other devices, such as slave device 50. In the embodiment of FIG. 2, such an application is represented by master application 38"; para. [0025]: "…the devices may use the HBNs to derive a key confirmation key (KCK), and the devices may use that KCK to authenticate each other. For instance, the devices may use the KCK to generate a keyed-hash message authentication code (HMAC) over a piece of data known to both parties (e.g., the two nonce values). Also, the devices may use the HBNs to derive a key encryption key (KEK), and the devices may use that KEK, directly or indirectly, to secure communications via an in-band protocol. Thus, the devices may use the HBNs to derive keys for encrypting and decrypting shared in-band communications").
Gutierrez does not explicitly disclose that the apparatus is a medical apparatus but discloses "a health application that is designed to receive health data" (see Gutierrez, e.g. para. [0026]).
Additionally, in the same field of endeavor, Neftel discloses a system comprising a medical apparatus and a remote control device, wherein the remote control device is configured to perform secure communication with the medical apparatus (e.g. see para. [0016]-[0029]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to include in the system of Gutierrez the known medical apparatus, as taught by Neftel, in order to simply allow the remote control device to securely and remotely control medical devices (Neftel, e.g. para. [0002]-[0006] and [0016]-[0020]).

As per claim 2, claim 1 is incorporated and Gutierrez discloses: wherein the remote control device comprises a switch, and the remote control device is configured to send a paring request for initiating a paring procedure based on the identifier of the remote control device upon an actuation of the switch (e.g. para. [0022]-[0023] and [0027]-[0028]).
As per claim 3, claim 2 is incorporated and Gutierrez does not explicitly disclose: wherein the medical apparatus is configured to delete the second hash key in case of a subsequent pairing request.
However, Neftel discloses: wherein the medical apparatus is configured to delete the second hash key in case of a subsequent pairing request (e.g. para. [0200]: "For instance, the public key A may be stored in the first part of MCU's memory, because said secret has to be sent to the medical device, after which it will be preferable to delete said secret on a given device (e.g. pairing device as described thereafter").
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement in the system of Gutierrez the known technique of deleting the second hash key in case of a subsequent pairing request, as taught by Neftel, in order to simply delete the pairing secret key after use, thus saving memory space.

As per claim 4, claim 3 is incorporated and Gutierrez discloses: wherein the first hash key and the second hash key are identical (e.g. para. [0053]).

As per claim 5, claim 4 is incorporated and Gutierrez discloses: wherein the remote control device and the medical apparatus are configured not to send the respective hash key (e.g. see para. [0040] and [0051]).

As per claim 6, claim 5 is incorporated and Gutierrez discloses: wherein the system is configured to finish the pairing procedure when a predefined operation code is sent from the remote control device and received by the medical apparatus, or when a predefined time expires (e.g. para. [0052] and [0068]-[0069]).

As per claim 7, claim 6 is incorporated and Gutierrez discloses: wherein the identifier is a serial number of the remote control device (e.g. see para. [0030]).

Claims 8-12 are rejected for the same reasons as claims 3-7 above for having similar limitations.

As per claim 13, Gutierrez discloses a method for pairing a remote control device (fig. 1: master device 20) and a slave device 50), including the steps:
sending an identifier (“M_ID”) of the remote control device by the remote control device; receiving the identifier of the remote control device (e.g. see figs. 1 and 4B, para. [0042], [0047] and [0050]: "HBN module 26 generates a second message -M2- consisting of: … the identifier -M_ID- for master device 20 ... HBN module 26 may send M2 to slave device 50"),
sending a time-referenced information ("slave nonce" or "R_S"; e.g. figs. 1 and 4A, para. [0032]: "… HBN module 56 in slave device 50 may then generate an HBN and send that HBN to master device 20 via the HBCC. That HBN may also be referred to as a slave nonce. As indicated above, the slave nonce may include a random number and a timestamp"), and
generating a second hash key ( "K_MS") based on the identifier of the remote control device (“M_ID”) and the time-referenced information ("R_S"), by the During the OTA pairing phase, HBN module 26 and HBN module 56 may generate a common shared secret by applying a pseudo-random function (PRF) to some or all of the data that has been transmitted between master device 20 and slave device 50 via the HBCC, as shown at block 142"; para. [0054]: "In one embodiment, the PRF is an HMAC function, and the key for that function is the hash value of the concatenation of R_M and R_S. Master device 20 and/or slave device 50 may then use the output of that function (i.e., that message authenticate code) as the password or key (“K_MS”) for in-band wireless pairing. This approach may be formally defined as follows:
kprf←hash (R_M∥R_S)
K_MS←prf(kprf, hash (M_ID∥S_ID∥HAddr_M∥HAddr_S∥WAddr_M∥WAddr_S∥WIB2)");
receiving the time-referenced information (e.g. figs. 1 and 4A, para. [0032]: "HBN module 56 in slave device 50 may then generate an HBN and send that HBN to master device 20") and
generating a first hash key ( "K_MS") based on the identifier of the remote control device (“M_ID”) and the time-referenced information ("R_S")  by the remote control device (e.g. figs. 1 and 4B, para. [0053]: "During the OTA pairing phase, HBN module 26 and HBN module 56 may generate a common shared secret by applying a pseudo-random function (PRF) to some or all of the data that has been transmitted between master device 20 and slave device 50 via the HBCC, as shown at block 142"; para. [0054]: "In one embodiment, the PRF is an HMAC function, and the key for that function is the hash value of the concatenation of R_M and R_S. Master device 20 and/or slave device 50 may then use the output of that function (i.e., that message authenticate code) as the password or key (“K_MS”) for in-band wireless pairing. This approach may be formally defined as follows:
kprf←hash (R_M∥R_S)
K_MS←prf(kprf, hash (M_ID∥S_ID∥HAddr_M∥HAddr_S∥WAddr_M∥WAddr_S∥WIB2)").
Gutierrez does not explicitly disclose a medical apparatus but discloses "a health application that is designed to receive health data" (see Gutierrez, e.g. para. [0026]).
Additionally, in the same field of endeavor, Neftel discloses a method of securing a communication between a medical apparatus and a remote control (e.g. see para. [0016]-[0029]).
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement in the method of Gutierrez the known technique of paring a remote control device and a medical apparatus, as taught by Neftel, in order to simply allow the remote control device to securely and remotely control medical devices (Neftel, e.g. para. [0002]-[0006] and [0016]-[0020]).

As per claim 14, claim 13 is incorporated and Gutierrez discloses: the method including the step of actuating a switch of the remote control device and, thereby, sending a pairing request by the remote control device to initiate the pairing of the remote control device and the medical apparatus (e.g. para. [0022]-[0023] and [0027]-[0028]).

As per claim 15, claim 14 is incorporated and Gutierrez discloses: wherein the identifier of the remote control device is sent along with the pairing request for initiating the pairing (e.g. para. [0042]-[0050] and [0053]).

As per claim 16, claim 15 is incorporated and Gutierrez discloses: the method including the step of finishing the pairing procedure by sending a predefined operation code by the remote control device and receiving the predefined operation code by the medical apparatus, or by elapsing a predefined time period (e.g. para. [0052] and [0068]-[0069]).

As per claim 17, claim 16 is incorporated and Gutierrez discloses: the method including the step of signaling the finish of the pairing by an acoustic or visual signal (e.g. see para. [0068]-[0069]).

As per claim 18, claim 17 is incorporated and Gutierrez discloses: wherein the first hash key and the second hash key are identically generated (e.g. para. [0053]).

As per claim 19, claim 18 is incorporated and Gutierrez does not explicitly disclose: wherein the second hash key is deleted by the medical apparatus in case of a subsequent pairing request.
However, Neftel discloses: wherein the second hash key is deleted by the medical apparatus in case of a subsequent pairing request (e.g. para. [0200]: "For instance, the public key A may be stored in the first part of MCU's memory, because said secret has to be sent to the medical device, after which it will be preferable to delete said secret on a given device (e.g. pairing device as described thereafter").
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to implement in the method of Gutierrez the known technique of deleting the second hash key by the medical apparatus in case of a subsequent pairing request, as taught by Neftel, in order to simply delete the pairing secret key after use, thus saving memory space.

As per claim 20, claim 13 is incorporated and Gutierrez discloses: the method further comprising operating the medical device paired with the remote control by the steps of: sending an instruction for a specific operation of the medical apparatus based on the first hash key by the remote control device; and accepting the instruction by the medical apparatus and performing the specific operation according to the instruction when the first hash key corresponds to the second hash key (e.g. see para. [0021]: "Storage 32 may also include one or more applications which allow master device 20 to control other devices, such as slave device 50. In the embodiment of FIG. 2, such an application is represented by master application 38"; and para. [0025]: "…the devices may use the HBNs to derive a key confirmation key (KCK), and the devices may use that KCK to authenticate each other. For instance, the devices may use the KCK to generate a keyed-hash message authentication code (HMAC) over a piece of data known to both parties (e.g., the two nonce values). Also, the devices may use the HBNs to derive a key encryption key (KEK), and the devices may use that KEK, directly or indirectly, to secure communications via an in-band protocol. Thus, the devices may use the HBNs to derive keys for encrypting and decrypting shared in-band communications").

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. Refer to PTO-892, Notice of References Cited for a listing of analogous art.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ADNAN AZIZ whose telephone number is (571) 270-7536, (Fax: 571-270-8536). The examiner can normally be reached Monday - Friday (9am - 6pm Eastern Time).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CURTIS KUNTZ can be reached on 571-272-7499. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ADNAN AZIZ/Primary Examiner, Art Unit 2687                                                                                                                                                                                                        adnan.aziz@uspto.gov