Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
This action is responsive to application filed on 08/19/2020. Claims 1-20 are pending and being considered. Claims 1, 9 and 15 are independent. Thus, claims 1-20 are rejected.

Priority
This application is a non-provisional of and claims the benefit and priority under 35 U.S.C. 119(e) of U.S. Provisional Application No. 62/889,214, filed August 20, 2019, entitled "Neuromodulation Therapy Monitoring and Continuous Therapy Reprograming", which is incorporated herein by reference in its entirety for all purposes. 

Information Disclosure Statement


The information disclosure statement (IDS) submitted on 08/24/2022 was filed on or after the mailing date of the application no. 16/997,765 filed on 08/19/2020. The submission is in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner and an initialed and dated copy of Applicant’s IDS form 1449 filed on 08/24/2022 is attached to the instant office action.

Specification
The use of the term, such as “Bluetooth”, which is a trade name or a mark used in commerce, has been noted in this application. The term should be accompanied by the generic terminology; furthermore the term should be capitalized wherever it appears or, where appropriate, include a proper symbol indicating use in commerce such as ™, SM , or ® following the term. Although the use of trade names and marks used in commerce (i.e., trademarks, service marks, certification marks, and collective marks) are permissible in patent applications, the proprietary nature of the marks should be respected and every effort made to prevent their use in any manner which might adversely affect their validity as commercial marks.
The lengthy specification has not been checked to the extent necessary to determine the presence of all possible minor errors. Applicant’s cooperation is requested in correcting any errors of which applicant may become aware in the specification.

Drawings
The drawings (Figs. 1B and 14A-14C) are objected to because of the following informalities: 
Fig. 1B is blurred, and therefore is unclear. 
Labels, for Figs. 1B and 14A-14C are missing. 
Corrected drawing sheets in compliance with 37 CFR 1.121(d) are required in reply to the Office action to avoid abandonment of the application. Any amended replacement drawing sheet should include all of the figures appearing on the immediate prior version of the sheet, even if only one figure is being amended. The figure or figure number of an amended drawing should not be labeled as “amended.” If a drawing figure is to be canceled, the appropriate figure must be removed from the replacement sheet, and where necessary, the remaining figures must be renumbered and appropriate changes made to the brief description of the several views of the drawings for consistency. Additional replacement sheets may be necessary to show the renumbering of the remaining figures. Each drawing sheet submitted after the filing date of an application must be labeled in the top margin as either “Replacement Sheet” or “New Sheet” pursuant to 37 CFR 1.121(d). If the changes are not accepted by the examiner, the applicant will be notified and informed of any required corrective action in the next Office action. The objection to the drawings will not be held in abeyance.

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. 
Regarding independent claims 1, 9 and 15, the claims recite limitation “determining a first subject-specific encryption-key value to be loaded onto a neuromodulation-therapy implant device, the first subject-specific encryption-key value being configured to generate a signature that is to be included in at least some of a plurality of data packets that are to be transmitted by the neuromodulation-therapy implant device”, which is not clearly described in the specification and/or drawings (Figs. 1-14C). The specification as filed must describe the claimed invention in sufficient detail so that one of ordinary skill in the art can reasonably conclude that the inventor had possession of the claimed invention. Examiner notes that the specification (Para. [0135]) only discloses “a platform server 110 that may generate and provide an asymmetric encryption-key pair (or digital certificate) to be loaded onto the implant device 120. For example, the platform server (or other authorized actor) may generate a digital key pair with a known asymmetric encryption algorithm (e.g., RSA). The private key may be kept secret and stored securely on the platform server 110 (and in some embodiments, exclusively on the platform server 110). The public non-secret key, which may be in the form of a digital certificate, but is not necessarily a digital certificate, may be loaded into the implant device 120 during manufacturing/prior to use. The two keys may have a unique cryptographic relationship such that the private key can be used to generate a unique signature/digest of any data (e.g., request, claim), and as further disclosed in specification (Para. [0147]) wherein at least some of the data packets transmitted from the implantable device may include a digital signature generated using the private encryption key of the implant device”, and does not include description of as to “how” a first subject-specific encryption-key value is being determined to be loaded on a neuromodulation-therapy implant device, and further fails to describe as to “how” the first subject-specific encryption-key value is being/can be configured to generate a signature. The claimed “value” as appears to a claimed to a genus “value” of the digital certificate (as in the specification), but this value does not generate any signature, rather somehow it is being used to obtain a signature by the device.Therefore, the disclosure lacks on written description on ‘algorithm’ that is being used to determine and/or the first subject-specific encryption-key value configure to generate a signature. Thus, the claims are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement(s). 
For instance, generic claim language of repeating the encryption-key value in the original disclosure does not satisfy the written description requirement since it fails to support the scope of the genus encryption-key value claimed. The description does not provides any details of “how” the first subject-specific encryption-key value is being configured to generate a signature, which does not entitle the inventor to claim any and all ways for achieving that objective. The claims lack written description since the claims define the invention in functional language specifying a desired result but the specification does not sufficiently describe how the function is performed or the result is achieved. 
MPEP 2161.01, For instance, generic claim language in the original disclosure does not satisfy the written description requirement if it fails to support the scope of the genus claimed. Ariad, 598 F.3d at 1349-50, 94 USPQ2d at 1171 ("[A]n adequate written description of a claimed genus requires more than a generic statement of an invention’s boundaries.") (citing Eli Lilly, 119 F.3d at 1568, 43 USPQ2d at 1405-06); Enzo Biochem, Inc. v. Gen-Probe, Inc., 323 F.3d 956, 968, 63 USPQ2d 1609, 1616 (Fed. Cir. 2002) (holding that generic claim language appearing in ipsis verbis in the original specification did not satisfy the written description requirement because it failed to support the scope of the genus claimed); Fiers v. Revel, 984 F.2d 1164, 1170, 25 USPQ2d 1601, 1606 (Fed. Cir. 1993) (rejecting the argument that "only similar language in the specification or original claims is necessary to satisfy the written description requirement"). The Federal Circuit has explained that a specification cannot always support expansive claim language and satisfy the requirements of 35 U.S.C. 112 "merely by clearly describing one embodiment of the thing claimed." LizardTech v. Earth Resource Mapping, Inc., 424 F.3d 1336, 1346, 76 USPQ2d 1731, 1733 (Fed. Cir. 2005). The issue is whether a person skilled in the art would understand applicant to have invented, and been in possession of, the invention as broadly claimed. In LizardTech, claims to a generic method of making a seamless discrete wavelet transformation (DWT) were held invalid under 35 U.S.C. 112, first paragraph, because the specification taught only one particular method for making a seamless DWT and there was no evidence that the specification contemplated a more generic method. "[T]he description of one method for creating a seamless DWT does not entitle the inventor . . . to claim any and all means for achieving that objective." LizardTech, 424 F.3d at 1346, 76 USPQ2d at 1733.
Dependent claims 2-8, 10-14 and 16-20 are likewise rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement since they depend on and/or carries the deficiencies of the parent claims.

Claim Rejections - 35 USC § 112
The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.

The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.

Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.
Regarding independent claim 1, the claim recites “the first subject-specific encryption-key value being configured to generate a signature that is to be included in at least some of a plurality of data packets that are to be transmitted by the neuromodulation-therapy implant device”, which renders the claim indefinite because it is unclear that as to “how” an encryption-key value can be configured by itself to generate a signature. Further, it is unclear as to who/what configures the first subject-specific encryption-key value to generate a signature that is to be included in at least some of a plurality of data packets. Further, it is unclear that how the generated signature will be included in at least some of a plurality of data packets that are to be transmitted (and has not been transmitted yet) by the neuromodulation-therapy implant device. Furthermore, it is unclear that whom the plurality of data packets is to be transmitted by the neuromodulation-therapy implant device or “who” is the receiver of the plurality of data packets that are to be transmitted by the neuromodulation-therapy implant device. Therefore, the limitation is unclear.
The claim 1 further recites “wherein the signature for each data packet of the at least some data packets is generated by: generating, using the first subject-specific encryption-key value, a hash value of data of the data packet; and encrypting, using the first subject-specific encryption-key value, the hash value;”, which renders the claim indefinite because it is not clearly defined as to who/what is generating the signature for each data packet of the at least some data packets. Further, it is unclear that who/what is generating a hash value of data of the data packet by using the first subject-specific encryption key value. Furthermore, it is unclear that who/what is encrypting the hash value by using the first subject-specific encryption key value. Therefore, the limitation is unclear.
The claim 1 further recites “receiving a request from a mobile device for a second subject-specific encryption- key value, …”. The limitation “receiving a request from a mobile device…” as recited in the claim is indefinite because it is not clearly defined as to who/what is “receiving” the request. Therefore, the limitation is unclear.
The claim 1 further recites “authenticating the request from the mobile device, said authenticating comprising comparing the subject identifier and one or more additional characteristics of the request, to subject data records stored in an authentication data store”. The limitation “authenticating the request from the mobile device, said authenticating comprising comparing the subject identifier and one or more additional characteristics of the request, to subject data records stored in an authentication data store” as recited in the claim is indefinite because it is not clearly defined as to who/what is “authenticating” the request, and who/what is “comparing” the subject identifier and one or more additional characteristics of the request. Therefore, the limitation is unclear.
The claim 1 further recites “retrieving from a data store, the second subject-specific encryption-key value associated with the subject identifier, …”. The limitation “retrieving from a data store” as recited in the claim is indefinite because it is not clearly defined as to who/what is “retrieving from a data store” the second subject-specific encryption-key value associated with the subject identifier. Therefore, the limitation is unclear.
The claim 1 further recites “transmitting, to the mobile device, the second encryption-key value corresponding to the first subject-specific encryption-key value”. The limitation “transmitting, to the mobile device, the second encryption-key value …” as recited in the claim is indefinite because it is not clearly defined as to who/what is “transmitting” the second encryption-key value to the mobile device. Therefore, the limitation is unclear.
Regarding independent claims 1, 9 and 15, the claims recite limitation “wherein the signature for each data packet of the at least some data packets is generated by…”. The limitation “the at least some data packets” has not been previously defined. Therefore, there is insufficient antecedent basis for this limitation in the claim. Further, it is unclear whether the previously recited “at least some of a plurality of data packets” (e.g., in lines 4-5 of the claim 1) is same as the recited “the at least some data packets” (e.g., in lines 5-6 of the claim 1). Therefore, clarification is required.
Regarding claims 3, 11 and 17, the claims recite limitation “in response to the pairing request, receiving a device identifier from the neuromodulation -therapy implant device”, which renders the claim indefinite because it is unclear whether the received device identifier corresponds to the neuromodulation-therapy implant device or it corresponds to the mobile device since the claim only recites to receive a device identifier. Therefore, clarification is required.
Regrading claim 7, the claim contains the trademark/trade name “Bluetooth”. Where a trademark or trade name is used in a claim as a limitation to identify or describe a particular material or product, the claim does not comply with the requirements of 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph.  See Ex parte Simpson, 218 USPQ 1020 (Bd. App. 1982).  The claim scope is uncertain since the trademark or trade name cannot be used properly to identify any particular material or product.  A trademark or trade name is used to identify a source of goods, and not the goods themselves.  Thus, a trademark or trade name does not identify or describe the goods associated with the trademark or trade name.  In the present case, the trademark/trade name is used to identify/describe the pairing request that is transmitted to the neuromodulation-therapy implant device by the mobile device via NFC or Bluetooth and, accordingly, the identification/description is indefinite.
Dependent claims 2, 4-6, 8, 10, 12-14, 16 and 18-20 are likewise rejected under 35 U.S.C. 112(b) or pre-AIA  35 U.S.C. 112, second paragraph as being indefinite since they depend on and/or carries the deficiencies of the parent claims.

Claim Rejections - 35 U.S.C. 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or non-obviousness.

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-2, 8-10, 14-16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over BEDNAR JOSEPH ANTON (EP 0689316 A2), hereinafter (Bednar), in view of Wilkins; John (US 2012/0204032 A1), hereinafter (Wilkins).

Regarding claim 1, Bednar teaches a method comprising (Bednar, Abstract, discloses a method for transmitting a data packet over a wireless network with improved security): determining a first subject-specific encryption-key value to be loaded onto a neuromodulation-therapy implant device (Bednar, Fig. 1 and pdf page 3 (2nd paragraph), discloses that each subscriber of the wireless device is provided with a unique private encryption key, K, for use as explained below. The private encryption key, K, is entered into the device 150 (hereinafter, a neuromodulation-therapy implant device), preferably in a manner not subject to tampering, and is stored in the memory unit 170 of the device 150, as depicted in Fig. 1. The private encryption key, K, may be periodically updated to further increase its security), the first subject-specific encryption-key value being configured to generate a signature that is to be included in at least some of a plurality of data packets that are to be transmitted by the neuromodulation-therapy implant device (Bednar, Fig. 3 and pdf page 3 (5th – to the- last paragraph) and pdf page 4 (1st – 3rd paragraph), discloses that the digital signature is computed/obtained by applying the pre-defined hashing algorithm and the primary encryption algorithm to the first data packet of the plurality of data packets by using the private encryption key, K. Once the device 150 computes the digital signature for the first data packet […], the transmitter 155 transmits a signed message via the wireless network 140. each message transmitted by the wireless device 150 preferably contains three segments. A first segment 201 includes the identification information that is retrieved from the memory unit 170 by the device 150, for example the electronic serial number 171. A second segment 202 includes a digital signature. Finally, a third segment 203 includes a data packet that the subscriber wishes to send, as depicted in Fig. 2. A message, such as the message 200, containing the three segments 201, 202 and 203, may be referred to as a signed message), wherein the signature for each data packet of the at least some data packets is generated by (Bednar, Fig. 3 and pdf page 3 (5th – to the- last paragraph) and pdf page 4 (1st – 3rd paragraph), discloses to compute the digital signature for the first data packet of the plurality of data packets by using the private encryption key, K): generating, using the first subject-specific encryption-key value, a hash value of data of the data packet (Bednar, Fig. 3 and pdf page 3 (7th paragraph), discloses that, at step 305 of Fig. 3, the device 150 computes a hashed  version of a first data packet by applying a pre-defined hashing algorithm to the first data packet to form hashed information); and encrypting, using the first subject-specific encryption-key value, the hash value (Bednar, Fig. 3 and pdf page 3 (8th-9th paragraph), discloses that, at step 310 of  FIG. 3, the device 150 computes an encrypted version of the hashed information according to a primary encryption algorithm using the private encryption  key, K, to form encrypted hashed information, and as disclosed in pdf page 4 (1st paragraph), wherein the encrypted version of the hashed information computed in step 310 is the digital signature); retrieving from a data store, the second subject-specific encryption-key value associated with the subject identifier, wherein second encryption-key value is different than but corresponds to the first subject-specific encryption-key value (Bednar, Fig. 3 and pdf page 4 (5th paragraph), discloses a look-up table 120 (i.e., a data store) which stores the encryption key corresponding to each subscriber. The look-up table allows the encryption key corresponding to a particular subscriber (of the device) to be retrieved based upon the identification information received, such as the processor 112 retrieves the encryption key that corresponds to the identification information. Wherein the key retrieved by the messaging network 100 (another device) in the step 325 is the same as the key, K, used by the subscriber (of the device 150) to transmit the signed message. See pdf page 5 (6th paragraph), wherein the roles of the device 150 (i.e., a neuromodulation-therapy implant device) and the network device 100 (i.e., a mobile device) may be reversed); and 
Bednar fails to explicitly disclose but Wilkins teaches receiving a request from a mobile device for a second subject-specific encryption- key value, the request including a subject identifier (Wilkins, Fig. 17 and Para. [0199-0200], discloses a User B that operates a network device ND_1, such as a personal computer, mobile phone, PDA device, etc. In operation, User B enters a serial number in a first network device ND_1, which transmits an EK request to a key exchange server (KES) through a network 652, and as disclosed in Para. [0100], wherein the encryption key request being transmitted from the User B to the key exchange server (KES) may also include a `User ID` for authentication of the requester (wherein the user ID uniquely identifies the requesting user and may include one of the user's personal serial numbers assigned by the KES 650, a login name or other identifier, as disclosed in Para. [0200]), a `Device ID` to identify a network device for logging and synchronization of stored encryption key information, a `Reply Type` or a `Device Type` for identifying a data format or protocol associated with the network device 32; a `Request Type` indicating if the encryption key request is for a new record, an update, or a deletion (among other possible request types); and, the requested serial number 22.); authenticating the request from the mobile device, said authenticating comprising comparing the subject identifier and one or more additional characteristics of the request, to subject data records stored in an authentication data store (Wilkins, Figs. 1, 8a-8d and Para. [0153-0157], discloses that the key exchange server (KES) may be any server capable of storing encryption keys associated to serial numbers 22, key IDs, network addresses, or other identifying criteria (i.e., one or more additional characteristics of the request). Accepting requests for encryption keys, retrieving an encryption key associated to a request, providing the requested encryption key to the requester. Wherein the KES 10 includes a network interface 302 to facilitate communications with network devices 30-32, a processor 304, and a program memory 306 that includes logic for instructing the processor 304 to facilitate the creation, storage, maintenance and retrieval of EK record information in a data storage 18. Program memory 306 (of the KES 10) includes a database server 310 and a web application server 320. The database server 310 includes a series of data structures 400 (FIG. 9a-9c), which the database server 310 may use for storing data in the data storage 18. The data structures 400 include a User ID table 402 for storing information about registered users, including a User ID, user information, authentication criteria, and authorization information. A second table 404 maps serial numbers 22 to user IDs, allowing the system to track the user associated with each EK record 406 […]. An EK record table 406 stores user encryption key information, an associated serial number 22, and optionally authentication information (i.e., SN 22 is login, and an MD-5 hash of a password) so that a user may gain access to a single EK record within a user account that contains multiple SNs 22); transmitting, to the mobile device, the second encryption-key value corresponding to the first subject-specific encryption-key value (Wilkins, Figs. 1, 8a-8d and Para. [0153-0157], discloses that the key exchange server (KES) may be any server capable of storing encryption keys associated to serial numbers 22, key IDs, network addresses, or other identifying criteria. Accepting requests for encryption keys, retrieving an encryption key associated to a request, providing the requested encryption key to the requester (i.e., to User B that transmits, via request, an entered serial number 22, user ID, device ID or additional authentication data to the KES 10 and requests corresponding encryption key information associated with User A, as disclosed in Para. [0099-0100])).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Wilkins’ into the teachings of ‘Bednar’, with a motivation wherein the second encryption-key value corresponding to the first subject-specific encryption-key value is transmitted to the mobile device, as taught by Wilkins, in order to establish authenticated and secure communication sessions between devices by implementing key exchange system and/or methods to further improve the secure communications between devices; Wilkins, Abstract and Para. [0002].

Regarding claim 2, Bednar as modified by Wilkins teaches the method of claim 1, wherein Bednar fails to explicitly disclose but Wilkins further teaches further comprising: transmitting, by the mobile device, a pairing request to a neuromodulation-therapy implant device, the pairing request including the second subject-specific encryption-key value (Wilkins, Para. [0183], discloses a network device that makes an EK request to establish a relationship between two users of the KES 10, the network device of the requesting party generates a key pair using its key generation functionality 548. The encryption key generated for the exclusive use of the party receiving the request is transferred via the EK request (FIG. 7a) from the network device through the network using a secure connection to the KES 10, or see also Para. [0184], discloses that a relationship is established such that the network devices 30 and 32 of both users generate key pairs for the exclusive use of the two parties. The first key pair is generated by the requester's network device 30 when making a request to the KES 10 to establish a relationship. The request contains an encryption key for the exclusive use of the party receiving the request).
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Wilkins’ into the teachings of ‘Bednar’, with a motivation wherein the mobile device transmits a pairing request including the second subject-specific encryption-key value, as taught by Wilkins, in order to establish authenticated and secure communication sessions between devices by implementing key exchange system and/or methods to further improve the secure communications between devices; Wilkins, Abstract and Para. [0002].

Regarding claim 8, Bednar as modified by Wilkins teaches the method of claim 2, wherein Bednar fails to explicitly disclose but Wilkins further teaches the transmitting the pairing request to the neuromodulation-therapy implant device comprises: receiving, from an authentication server, data identifying a temporary time window (Wilkins, Para. [0228], discloses that a web page for a TPA 620 is adapted to accept a username or serial number (in lieu of the username) and password, which is sent to the KES 10 to authenticate the user of the TPA 620 with the KES 10. In one embodiment, the KES 10 responds with an access token, which authenticates the user in subsequent requests to the KES 10 until the access token expires (i.e., data identifying a temporary time window)); and transmitting the pairing request to the neuromodulation-therapy implant device during the temporary time window (Wilkins, Para. [0120 and 0263], discloses that the User A via the email application sends a serial number 22 to User B in conjunction with a signed Triple Data Encryption Standard (DES) key generated by the KES 10, User B's email address (which can be used for authenticating User B with the KES 10), and a timestamp used to limit the duration of approval).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Wilkins’ into the teachings of ‘Bednar’, with a motivation wherein the pairing request is transmitted to the neuromodulation-therapy implant device during the temporary time window, as taught by Wilkins, in order to establish authenticated and secure communication sessions between devices to further improve the communication technology between devices; Wilkins, Abstract and Para. [0002].

Regarding claim 9, Bednar teaches a system comprising (Bednar, Fig. 1 and pdf page 2 (Summary of the Invention), discloses a system for transmitting information over a wireless communication system with improved security): one or more data processors; and a non-transitory computer-readable storage medium containing instructions which, when executed by the one or more data processors, cause the one or more data processors to perform operations including (Bednar, pdf page 3 (6th -to the- last paragraph), discloses a memory, and a processor (e.g., a central processing unit/ or general processor) programmed with appropriate software to perform data operations, such as hashing data and encrypting hashed data): determining a first subject-specific encryption-key value to be loaded onto a neuromodulation-therapy implant device (Bednar, Fig. 1 and pdf page 3 (2nd paragraph), discloses that each subscriber of the wireless device is provided with a unique private encryption key, K, for use as explained below. The private encryption key, K, is entered into the device 150, preferably in a manner not subject to tampering, and is stored in the memory unit 170 of the device 150, as depicted in Fig. 1. The private encryption key, K, may be periodically updated to further increase its security), the first subject-specific encryption-key value being configured to generate a signature that is to be included in at least some of a plurality of data packets that are transmitted by the neuromodulation-therapy implant device (Bednar, Fig. 3 and pdf page 3 (5th – to the- last paragraph) and pdf page 4 (1st – 3rd paragraph), discloses that the digital signature is computed/obtained by applying the pre-defined hashing algorithm and the primary encryption algorithm to the first data packet of the plurality of data packets by using the private encryption key, K. Once the device 150 computes the digital signature for the first data packet […], the transmitter 155 transmits a signed message via the wireless network 140. each message transmitted by the wireless device 150 preferably contains three segments. A first segment 201 includes the identification information that is retrieved from the memory unit 170 by the device 150, for example the electronic serial number 171. A second segment 202 includes a digital signature. Finally, a third segment 203 includes a data packet that the subscriber wishes to send, as depicted in Fig. 2. A message, such as the message 200, containing the three segments 201, 202 and 203, may be referred to as a signed message), wherein the signature for each data packet of the at least some data packets is generated by (Bednar, Fig. 3 and pdf page 3 (5th – to the- last paragraph) and pdf page 4 (1st – 3rd paragraph), discloses to compute the digital signature(s) for the first data packet of the plurality of data packets by using the private encryption key, K): generating, using the first subject-specific encryption-key value, a hash value of data of the data packet (Bednar, Fig. 3 and pdf page 3 (7th paragraph), discloses that, at step 305 of Fig. 3, the device 150 computes a hashed  version of a first data packet by applying a pre-defined hashing algorithm to the first data packet to form hashed information); and encrypting, using the first subject-specific encryption-key value, the hash value (Bednar, Fig. 3 and pdf page 3 (8th-9th paragraph), discloses that, at step 310 of  FIG. 3, the device 150 computes an encrypted version of the hashed information according to a primary encryption algorithm using the private encryption  key, K, to form encrypted hashed information, and as disclosed in pdf page 4 (1st paragraph), wherein the encrypted version of the hashed information computed in step 310 is the digital signature); retrieving from a data store, the second subject-specific encryption-key value associated with the subject identifier, wherein second encryption-key value is different than but corresponds to the first subject-specific encryption-key value (Bednar, Fig. 3 and pdf page 4 (5th paragraph), discloses a look-up table 120 which stores the encryption key corresponding to each subscriber. The look-up table allows the encryption key corresponding to a particular subscriber (of the device) to be retrieved based upon the identification information received, such as the processor 112 retrieves the encryption key that corresponds to the identification information. Wherein the key retrieved by the messaging network 100 (another device) in the step 325 is the same as the key, K, used by the subscriber (of the device 150) to transmit the signed message. See pdf page 5 (6th paragraph), wherein the roles of the device 150 and the network device 100 may be reversed); and 
Bednar fails to explicitly disclose but Wilkins teaches receiving a request from a mobile device for a second subject-specific encryption-key value, the request including a subject identifier (Wilkins, Fig. 17 and Para. [0199-0200], discloses a User B that operates a network device ND_1, such as a personal computer, mobile phone, PDA device, etc. In operation, User B enters a serial number in a first network device ND_1, which transmits an EK request to a key exchange server (KES) through a network 652, and as disclosed in Para. [0100], wherein the encryption key request being transmitted from the User B to the key exchange server (KES) may also include a `User ID` for authentication of the requester (wherein the user ID uniquely identifies the requesting user and may include one of the user's personal serial numbers assigned by the KES 650, a login name or other identifier, as disclosed in Para. [0200]), a `Device ID` to identify a network device for logging and synchronization of stored encryption key information, a `Reply Type` or a `Device Type` for identifying a data format or protocol associated with the network device 32; a `Request Type` indicating if the encryption key request is for a new record, an update, or a deletion (among other possible request types); and, the requested serial number 22); authenticating the request from the mobile device, said authenticating comprising comparing the subject identifier and one or more additional characteristics of the request, to subject data records stored in an authentication data store (Wilkins, Figs. 1, 8a-8d and Para. [0153-0157], discloses that the key exchange server (KES) may be any server capable of storing encryption keys associated to serial numbers 22, key IDs, network addresses, or other identifying criteria. Accepting requests for encryption keys, retrieving an encryption key associated to a request, providing the requested encryption key to the requester. Wherein the KES 10 includes a network interface 302 to facilitate communications with network devices 30-32, a processor 304, and a program memory 306 that includes logic for instructing the processor 304 to facilitate the creation, storage, maintenance and retrieval of EK record information in a data storage 18. Program memory 306 (of the KES 10) includes a database server 310 and a web application server 320. The database server 310 includes a series of data structures 400 (FIG. 9a-9c), which the database server 310 may use for storing data in the data storage 18. The data structures 400 include a User ID table 402 for storing information about registered users, including a User ID, user information, authentication criteria, and authorization information. A second table 404 maps serial numbers 22 to user IDs, allowing the system to track the user associated with each EK record 406 […]. An EK record table 406 stores user encryption key information, an associated serial number 22, and optionally authentication information (i.e., SN 22 is login, and an MD-5 hash of a password) so that a user may gain access to a single EK record within a user account that contains multiple SNs 22); transmitting, to the mobile device, the second encryption-key value corresponding to the first subject-specific encryption-key value (Wilkins, Figs. 1, 8a-8d and Para. [0153-0157], discloses that the key exchange server (KES) may be any server capable of storing encryption keys associated to serial numbers 22, key IDs, network addresses, or other identifying criteria. Accepting requests for encryption keys, retrieving an encryption key associated to a request, providing the requested encryption key to the requester (i.e., to User B that transmits, via request, an entered serial number 22, user ID, device ID or additional authentication data to the KES 10 and requests corresponding encryption key information associated with User A, as disclosed in Para. [0099-0100])).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Wilkins’ into the teachings of ‘Bednar’, with a motivation wherein the second encryption-key value corresponding to the first subject-specific encryption-key value is transmitted to the mobile device, as taught by Wilkins, in order to establish authenticated and secure communications between devices by implementing key exchange system and/or methods to further improve the usability of encryption technologies; Wilkins, Abstract and Para. [0002].

Regarding claims 10 and 14, the claims are drawn to the system corresponding to the method of using same as claimed in claims 2 and 8, respectively. Therefore, the rejection(s) set forth above with respect to the method claims 2 and 8 is equally applicable to the claims 10 and 14 of the system, respectively.

Regarding claim 15, Bednar teaches a non-transitory computer-readable storage medium containing instructions which, when executed by one or more data processors, cause the one or more data processors to perform operations including (Bednar, pdf page 3 (6th -to the- last paragraph), discloses a memory, and a processor (e.g., a central processing unit/ or general processor) programmed with appropriate software to perform data operations, such as hashing data and encrypting hashed data): determining a first subject-specific encryption-key value to be loaded onto a neuromodulation-therapy implant device (Bednar, Fig. 1 and pdf page 3 (2nd paragraph), discloses that each subscriber of the wireless device is provided with a unique private encryption key, K, for use as explained below. The private encryption key, K, is entered into the device 150, preferably in a manner not subject to tampering, and is stored in the memory unit 170 of the device 150, as depicted in Fig. 1. The private encryption key, K, may be periodically updated to further increase its security), the first subject-specific encryption-key value being configured to generate a signature that is to be included in at least some of a plurality of data packets that are transmitted by the neuromodulation-therapy implant device (Bednar, Fig. 3 and pdf page 3 (5th – to the- last paragraph) and pdf page 4 (1st – 3rd paragraph), discloses that the digital signature is computed/obtained by applying the pre-defined hashing algorithm and the primary encryption algorithm to the first data packet of the plurality of data packets by using the private encryption key, K. Once the device 150 computes the digital signature for the first data packet […], the transmitter 155 transmits a signed message via the wireless network 140. each message transmitted by the wireless device 150 preferably contains three segments. A first segment 201 includes the identification information that is retrieved from the memory unit 170 by the device 150, for example the electronic serial number 171. A second segment 202 includes a digital signature. Finally, a third segment 203 includes a data packet that the subscriber wishes to send, as depicted in Fig. 2. A message, such as the message 200, containing the three segments 201, 202 and 203, may be referred to as a signed message), wherein the signature for each data packet of the at least some data packets is generated by (Bednar, Fig. 3 and pdf page 3 (5th – to the- last paragraph) and pdf page 4 (1st – 3rd paragraph), discloses to compute the digital signature(s) for the first data packet of the plurality of data packets by using the private encryption key, K): generating, using the first subject-specific encryption-key value, a hash value of data of the data packet (Bednar, Fig. 3 and pdf page 3 (7th paragraph), discloses that, at step 305 of Fig. 3, the device 150 computes a hashed  version of a first data packet by applying a pre-defined hashing algorithm to the first data packet to form hashed information); and encrypting, using the first subject-specific encryption-key value, the hash value (Bednar, Fig. 3 and pdf page 3 (8th-9th paragraph), discloses that, at step 310 of  FIG. 3, the device 150 computes an encrypted version of the hashed information according to a primary encryption algorithm using the private encryption  key, K, to form encrypted hashed information, and as disclosed in pdf page 4 (1st paragraph), wherein the encrypted version of the hashed information computed in step 310 is the digital signature); retrieving from a data store, the second subject-specific encryption-key value associated with the subject identifier, wherein second encryption-key value is different than but corresponds to the first subject-specific encryption-key value (Bednar, Fig. 3 and pdf page 4 (5th paragraph), discloses a look-up table 120 which stores the encryption key corresponding to each subscriber. The look-up table allows the encryption key corresponding to a particular subscriber (of the device) to be retrieved based upon the identification information received, such as the processor 112 retrieves the encryption key that corresponds to the identification information. Wherein the key retrieved by the messaging network 100 (another device) in the step 325 is the same as the key, K, used by the subscriber (of the device 150) to transmit the signed message. See pdf page 5 (6th paragraph), wherein the roles of the device 150 and the network device 100 may be reversed); and
Bednar fails to explicitly disclose but Wilkins teaches receiving a request from a mobile device for a second subject-specific encryption-key value, the request including a subject identifier (Wilkins, Fig. 17 and Para. [0199-0200], discloses a User B that operates a network device ND_1, such as a personal computer, mobile phone, PDA device, etc. In operation, User B enters a serial number in a first network device ND_1, which transmits an EK request to a key exchange server (KES) through a network 652, and as disclosed in Para. [0100], wherein the encryption key request being transmitted from the User B to the key exchange server (KES) may also include a `User ID` for authentication of the requester (wherein the user ID uniquely identifies the requesting user and may include one of the user's personal serial numbers assigned by the KES 650, a login name or other identifier, as disclosed in Para. [0200]), a `Device ID` to identify a network device for logging and synchronization of stored encryption key information, a `Reply Type` or a `Device Type` for identifying a data format or protocol associated with the network device 32; a `Request Type` indicating if the encryption key request is for a new record, an update, or a deletion (among other possible request types); and, the requested serial number 22); authenticating the request from the mobile device, said authenticating comprising comparing the subject identifier and one or more additional characteristics of the request, to subject data records stored in an authentication data store (Wilkins, Figs. 1, 8a-8d and Para. [0153-0157], discloses that the key exchange server (KES) may be any server capable of storing encryption keys associated to serial numbers 22, key IDs, network addresses, or other identifying criteria. Accepting requests for encryption keys, retrieving an encryption key associated to a request, providing the requested encryption key to the requester. Wherein the KES 10 includes a network interface 302 to facilitate communications with network devices 30-32, a processor 304, and a program memory 306 that includes logic for instructing the processor 304 to facilitate the creation, storage, maintenance and retrieval of EK record information in a data storage 18. Program memory 306 (of the KES 10) includes a database server 310 and a web application server 320. The database server 310 includes a series of data structures 400 (FIG. 9a-9c), which the database server 310 may use for storing data in the data storage 18. The data structures 400 include a User ID table 402 for storing information about registered users, including a User ID, user information, authentication criteria, and authorization information. A second table 404 maps serial numbers 22 to user IDs, allowing the system to track the user associated with each EK record 406 […]. An EK record table 406 stores user encryption key information, an associated serial number 22, and optionally authentication information (i.e., SN 22 is login, and an MD-5 hash of a password) so that a user may gain access to a single EK record within a user account that contains multiple SNs 22); transmitting, to the mobile device, the second encryption-key value corresponding to the first subject-specific encryption-key value (Wilkins, Figs. 1, 8a-8d and Para. [0153-0157], discloses that the key exchange server (KES) may be any server capable of storing encryption keys associated to serial numbers 22, key IDs, network addresses, or other identifying criteria. Accepting requests for encryption keys, retrieving an encryption key associated to a request, providing the requested encryption key to the requester (i.e., to User B that transmits, via request, an entered serial number 22, user ID, device ID or additional authentication data to the KES 10 and requests corresponding encryption key information associated with User A, as disclosed in Para. [0099-0100])).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Wilkins’ into the teachings of ‘Bednar’, with a motivation wherein the second encryption-key value corresponding to the first subject-specific encryption-key value is transmitted to the mobile device, as taught by Wilkins, in order to establish authenticated and secure communications between devices by implementing key exchange system and/or methods to further improve the usability of encryption technologies; Wilkins, Abstract and Para. [0002].

Regarding claims 16 and 20, the claims are drawn to the non-transitory computer-readable storage medium corresponding to the method of using same as claimed in claims 2 and 8, respectively. Therefore, the rejection(s) set forth above with respect to the method claims 2 and 8 is equally applicable to the claims 16 and 20 of the non-transitory computer-readable storage medium, respectively.

Claims 3-7, 11-13 and 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over BEDNAR JOSEPH ANTON (EP 0689316 A2), hereinafter (Bednar), in view of Wilkins; John (US 2012/0204032 A1), hereinafter (Wilkins), and further in view of Pedersen Brian Dam (EP 3032858 B1), hereinafter (Pedersen).

Regarding claim 3, Bednar as modified by Wilkins teaches the method of claim 2, wherein Bednar fails to explicitly disclose but Wilkins further teaches further comprising: using the device identifier for subsequent communication sessions with the neuromodulation-therapy implant device (Wilkins, Para. [0102, 0220, 0233, 0255], discloses to establish a bi-lateral relationship between User A and User B by using the User A’s (or recipients) serial number).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Wilkins’ into the teachings of ‘Bednar’, with a motivation wherein the device identifier is used for subsequent communication sessions with the neuromodulation-therapy implant device, as taught by Wilkins, in order to establish and improve authenticated and secure communications between devices; Wilkins, Abstract and Para. [0002].
Bednar as modified by Wilkins fails to explicitly disclose but Pedersen teaches in response to the pairing request, receiving a device identifier from the neuromodulation-therapy implant device (Pedersen, pdf page 2 (last two paragraphs) and pdf page 3 (first paragraph), discloses a client device 110 (see Fig. 2) comprises of a memory unit 203 and an interface 204 respectively connected to a processing unit 202. Wherein the processing unit 202 is configured to send a session request for a session to the hearing device 101 via the interface. The processing unit 202 is configured to receive a session response from the hearing device 101 via the interface, e.g. from a hearing device 101 and/or a session key device 111. The session response may comprise the hearing device identifier or an identifier derived therefrom. In an exemplary client device 110, the client device 110 may receive the hearing device identifier during a pairing of the client device 110 and the hearing device 101); and 
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Pedersen’ into the teachings of ‘Bednar’ as modified by ‘Wilkins’, with a motivation wherein a device identifier is received from the neuromodulation-therapy implant device in response to the pairing request, as taught by Pedersen, in order to provide an improved and secure communication between devices that protects the devices against potential attacks; Pedersen, pdf page 1 (Abstract and Summary).

Regarding claim 4, Bednar as modified by Wilkins in view of Pedersen teaches the method of claim 3, wherein Bednar further teaches further comprising: storing the device identifier in a secure memory of the mobile device (Bednar, pdf page 3 (2nd paragraph), discloses that each wireless device intended for use in the system 1, such as the wireless device 150, is assigned a unique identifier or identification information. The identification information is stored in the device 150, for example, as an electronic serial number (ESN) 171 incorporated into the device 150 at the time of manufacture. By way of example, the ESN 171 may be stored in a memory unit 170. Alternatively, the identification information may be a user name, an account identification, an account name, or a service identification stored in the memory unit 170.), the secured memory controlled by a neuromodulation-therapy mobile application installed on the mobile device (Bednar, pdf page 4 (5th paragraph), discloses a processor 112, such as a central processing unit, is connected to the memory unit 119 and controls the flow of data to and from other units in the messaging network device 100, and as disclosed in pdf page 3 (7th and 9th paragraph), wherein the processor, such as a general purpose processor programmed with appropriate software).  

Regarding claim 5, Bednar as modified by Wilkins in view of Pedersen teaches the method of claim 3, Wherein Bednar fails to explicitly disclose but Wilkins further teaches further comprising: using the device identifier to connect to the neuromodulation-therapy implant device (Wilkins, Para. [0102, 0220, 0233, 0255], discloses to establish a bi-lateral relationship between User A and User B by using the User A’s (or recipients) serial number), 
Bednar as modified by Wilkins fails to explicitly disclose but Pedersen further teaches to modify a neuromodulation-therapy algorithm and/or parameters on the neuromodulation-therapy implant device (Pedersen, pdf page 3 (5th paragraph) or pdf page 4 (last paragraph), discloses a processing unit 202 (within client device 110) that is configured to determine hearing device data. Hence the processing comprises e.g. a determiner. The hearing device data comprises e.g. firmware, fitting data, and/or hearing device operating parameters. Thus, the client device 110 may be a fitting device. Fitting data may for example be data generated by a fitting device used by a dispenser when a hearing device is being fitted in a user's ear. Fitting data may comprise hearing loss parameters, compressor parameters, filter coefficients, and/or gain coefficients. Hearing device operation parameters may comprise volume control parameters, mode and/or program control parameters. Firmware may refer to a computer program provided by the hearing device manufacturer, and to be installed on the hearing device to control the hearing device. Firmware is for example to be installed to upgrade the operations and capabilities (i.e., algorithms and/or parameters) of the hearing device).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Pedersen’ into the teachings of ‘Bednar’ as modified by ‘Wilkins’, with a motivation to modify a neuromodulation-therapy algorithm and/or parameters on the neuromodulation-therapy implant device, as taught by Pedersen, in order to provide an improved and secure communication between devices that protects the devices against potential attacks; Pedersen, pdf page 1 (Abstract and Summary).

Regarding claim 6, Bednar as modified by Wilkins in view of Pedersen teaches the method of claim 3, wherein Bednar further teaches further comprising: to retrieve subject monitoring data collected by the neuromodulation-therapy implant device, wherein the subject monitoring data includes the signature (Bednar, pdf page 4, discloses that the messaging network device 100 receives a signed message 200 that includes the digital signature (generated, by the wireless device 150, for the first data packet of the inputted/collected data 160, as shown in Fig. 1) contained in the second segment 202 of the received signed message, as depicted in Figs. 2-3).  
Bednar fails to explicitly disclose but Wilkins further teaches using the device identifier to connect to the neuromodulation-therapy implant device (Wilkins, Para. [0102, 0220, 0233, 0255], discloses to establish a bi-lateral relationship between User A and User B by using the User A’s (or recipients) serial number)
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Wilkins’ into the teachings of ‘Bednar’, with a motivation wherein the device identifier is used to connect to the neuromodulation-therapy implant device, as taught by Wilkins, in order to establish and improve authenticated and secure communications between devices; Wilkins, Abstract and Para. [0002].

Regarding claim 7, Bednar as modified by Wilkins teaches the method of claim 2, wherein Bednar as modified by Wilkins fails to explicitly disclose but Pedersen teaches the pairing request is transmitted to the neuromodulation-therapy implant device by the mobile device via NFC or Bluetooth (Pedersen, pdf page (paragraph), discloses that the hearing device 101 may be connected to the client device 110 via a communication link 113, such as a bidirectional communication link and/or a wireless communication link. The wireless communication link may be carried over a short—range communication system, such as Bluetooth, Bluetooth low energy, IEEE 802.11, Zigbee).  
Thus it would have been obvious to one ordinary skilled in the art before the effective filling date of the claimed invention to implement the teachings of ‘Pedersen’ into the teachings of ‘Bednar’ as modified by ‘Wilkins’, with a motivation wherein the pairing request is transmitted to the neuromodulation-therapy implant device by the mobile device via NFC or Bluetooth, as taught by Pedersen, in order to provide an improved and secure communication between devices that protects the devices against potential attacks; Pedersen, pdf page 1 (Abstract and Summary).

Regarding claims 11, 12 and 13, the claims are drawn to the system corresponding to the method of using same as claimed in claims 3, 4 and 6, respectively. Therefore, the rejection(s) set forth above with respect to the method claims 3, 4 and 6 is equally applicable to the claims 11, 12 and 13 of the system, respectively.

Regarding claims 17, 18 and 19, the claims are drawn to the non-transitory computer-readable storage medium corresponding to the method of using same as claimed in claims 3, 4 and 6, respectively. Therefore, the rejection(s) set forth above with respect to the method claims 3, 4 and 6 is equally applicable to the claims 17, 18 and 19 of the non-transitory computer-readable storage medium, respectively.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. See form PTO-892.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ALI CHEEMA, whose contact number is 571-272-1239. The examiner can normally be reached on Monday-Friday: 8:00AM – 4:00PM.
 If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jorge L. Ortiz-Criado can be reached on 571-272-7624. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free).If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/ALI CHEEMA/
Examiner, Art Unit 2496


/JORGE L ORTIZ CRIADO/Supervisory Patent Examiner, Art Unit 2496