SYSTEMS, DEVICES, AND METHODS FOR UNLOCKING AEROSOL-GENERATING DEVICES

§103 §112 §DP

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 12/08/2025 has been entered. Claims 1,5-10,15-26 have been examined. Claims 2-4,11-14 are cancelled. Response to Arguments With regards to Double patenting rejection, Applicant stated “the present claims remain subject to further amendment, whereby in such amended form this rejection may be inappropriate. Upon an indication of otherwise allowable subject matter and in the event this rejection is maintained, Applicant will provide an appropriate response”. Therefore, the rejection is maintained. Applicant’s argument #1: Applicant argues that nothing has been identified by the Examiner in Barbaric or Moran Saavedra that teaches or suggests an aerosol generating device as amended and that comprises a control that is configured to transmit an unlock request to a server to unlock the unlockable feature, wherein the unlock request comprises time limited nonce information corresponding to the unlockable feature as recited claim 1, 15, 25. Examiner Response to Applicant’s argument #1 Applicant relied on his argument is that a person having ordinary skill in the art would not be motivated to modify the system of Barbaric to include time limited once configuration of Moran Saavedra because Barbaric already provide alternative solution of issuing alerts in response to invalid detection messages – See Remarks page 13. In response to applicant’s argument that there is no teaching, suggestion, or motivation to combine the references, the examiner recognizes that obviousness may be established by combining or modifying the teachings of the prior art to produce the claimed invention where there is some teaching, suggestion, or motivation to do so found either in the references themselves or in the knowledge generally available to one of ordinary skill in the art. See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988), In re Jones, 958 F.2d 347, 21 USPQ2d 1941 (Fed. Cir. 1992), and KSR International Co. v. Teleflex, Inc., 550 U.S. 398, 82 USPQ2d 1385 (2007). In this case, the examiner respectfully disagrees. Barbaric ‘s invention teaches receiving a capsule attach event detection message including the capsule identifier, the vaporizer identifier, and at least one of the identifier of the compute device or the identifier of the user. A validity of the capsule attach event detection message is evaluated. If the capsule attach event detection message is valid, an unlock message is sent to the compute device or a vaporizer (Abstract). Moran Saavedra’s invention teaches transmitting a token request including time limited nonce information to a remotely executing process and receiving a token response to remove restriction associated with endpoint , such a restriction can be limited in duration ( See ¶0014). Therefore, It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify capsule attach event detection taught by Barbaric to include time limited nonce taught by Moran Saavedra. The motivation for doing so is to allow the system to enable unrestricted access . Such unrestricted access ( unlock) can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . Using a limited time nonce for device locking/unlocking ( restricting/unrestricting access) offers enhanced security by ensuring that a specific unlock (unrestricted access) is limited in duration which prevents unauthorized access. Double Patenting The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory obviousness-type double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Torrington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969). A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the conflicting application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. Effective January 1, 1994, a registered attorney or agent of record may sign a terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 37 CFR 3.73(b). Claims 1,5 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 15,16,23,25 of the Copending application 18010753 in view of Barbaric Claim 6 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 15,16,23,25 of the Copending application 18010753 in view of Barbaric further in view of Moran Saavedra Claims 7,8 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 15,23 of the Copending application 18010753 in view of Barbaric further in view of in view of Anderson Claim 9 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 15,23 of the Copending application 18010753 in view of Barbaric further in view of in view of Jiang Claim 10 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 15,23 of the Copending application 18010753 in view of Barbaric further in view of Jiang further in view of Huffman. Claims 25 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 15,23 of the Copending application 18010753 Claim 26 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 15,16,23,25 of the Copending application 18010753 in view of Kaplan Below are the analysis to the claims. Claims 1,5,25 of Instant application Claim 15,16,23,25 of application No. 18010753 Claim 1 An aerosol-generating device comprising: a controller comprising Cavity to receive an aerosol generating article; ; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element one or more processors, the controller configured to: provide an unlockable feature, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom, transmit an unlock request to a server to unlock the unlockable feature, wherein the unlock request comprises unique device-identification information identifying the aerosol-generating device and time-limited nonce information corresponding to the unlockable feature; receive an unlock grant from the server in response to the transmitted unlock request; and unlock the unlockable feature in response to reception of the unlock grant. Claim 15 A system for unlocking unlockable features of aerosol-generating devices comprising: a communication interface to transfer data to and from aerosol-generating devices; and a controller comprising one or more processors and operably coupled to the communication interface, wherein the controller is configured to: maintain a database of user accounts and aerosol-generating devices associated with the user accounts, wherein each aerosol-generating device is only associable with a single user account; receive an unlock request from a present aerosol-generating device to unlock the unlockable feature, ……. transmit an unlock grant to the present aerosol-generating device to unlock the unlockable feature. Claim 23 wherein the unlock request comprises :unique device-identification information identifying the aerosol-generating device; and time-limited nonce information corresponding to the unlockable feature. Claim 16 wherein the aerosol-generating device comprises: a cavity to receive an aerosol-generating article; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom Claim 5 wherein the unlock grant is encrypted. Claim 25 wherein the unlock grant is encrypted. Claim 25 A server for unlocking an unlockable feature of an aerosol-generating device comprising: wherein the aerosol-generating device comprises: a cavity to receive an aerosol-generating article; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom the server comprising a communication interface to transfer data to and from an aerosol-generating device; and a controller comprising one or more processors and operably coupled to the communication interface, wherein the controller is configured to: receive an unlock request from the aerosol-generating device to unlock the unlockable feature, wherein the unlock request comprises unique device- identification information identifying the aerosol-generating device and time-limited nonce information corresponding to the unlockable feature; and transmit an unlock grant to the aerosol-generating device to unlock the unlockable feature in response to the transmitted unlock request. Claim 15 A system for unlocking unlockable features of aerosol-generating devices comprising: a communication interface to transfer data to and from aerosol-generating devices; and a controller comprising one or more processors and operably coupled to the communication interface, wherein the controller is configured to: maintain a database of user accounts and aerosol-generating devices associated with the user accounts, wherein each aerosol-generating device is only associable with a single user account; receive an unlock request from a present aerosol-generating device to unlock the unlockable feature, ……. transmit an unlock grant to the present aerosol-generating device to unlock the unlockable feature. Claim 23 wherein the unlock request comprises :unique device-identification information identifying the aerosol-generating device; and time-limited nonce information corresponding to the unlockable feature Claim 16 wherein the aerosol-generating device comprises: a cavity to receive an aerosol-generating article; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom With regards to claim 1, the co-pending application 18010753 does not teach an aerosol-generating device comprising: a controller comprising one or more processors: providing an unlockable feature and unlock the unlockable feature in response to reception of the unlock grant. However, Barbaric teaches an aerosol-generating device comprising: a controller comprising one or more processors: providing an unlockable feature and unlock the unlockable feature in response to reception of the unlock grant Fig.1A & 1B; ¶ 0036, ¶0004). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 18010753 to include the teachings of Barbaric. The motivation for doing so is to allow the system to unlock the vaporizer (Abstract – Barbaric). With regards to claim 6, the co-pending application 18010753 does not teach wherein unlocking the unlockable feature in response to reception of the unlock grant comprises: decrypting the unlock grant; determining whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlocking the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information. However, Moran Saavedra teaches wherein unlocking the unlockable feature in response to reception of the unlock grant comprises: decrypting the unlock grant; determining whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlocking the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information (¶ 0003, ¶ 0028). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 18010753 to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed , thereby enabling unrestricted access . Such unrestricted access can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . With regards to claim 7, the co-pending application 18010753 does not teach wherein the controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period.. However, Anderson teaches the controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period. (¶ 0341). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 18010753 to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). With regards to claim 8, the co-pending application 18010753 does not teach wherein the controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock. However, Anderson teaches wherein the controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock. (¶ 0341). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 18010753 to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). With regards to claim 9, the co-pending application 18010753 does not teach wherein the controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server. However, Jiang teaches wherein the controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server. (¶ 0059). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 18010753 to include the teachings of Jiang. The motivation for doing so is to allow the system to add preset time interval into the challenge value and that the attacker does not know the preset time interval , so that security of data in a transmission process is improved, and unlocking security is improved ( Jiang _ ¶ 0058). With regards to claim 10, the co-pending application 18010753 does not teach wherein the validity time period is less than or equal to 5 minutes. However, Huffman teaches wherein the validity time period is less than or equal to 5 minutes.. (¶ 0102). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 18010753 to include the teachings of Huffman. The motivation for doing so is to allow a response to be limited to a certain time limit in order to improve security and prevent attacks. With regards to claim 26, the co-pending application 18010753 does not teach wherein the controller is further configured to restrict a number of unlock grants transmitted to the aerosol-generating device.. However, Kaplan teaches wherein the controller is further configured to restrict a number of unlock grants transmitted to the aerosol-generating device (¶ 0049). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 18010753 to include the teachings of Kaplan. The motivation for doing so is to allow the system to improve reliable reception of the responses ( Kaplan – ¶ 0049). With regards to Copending Application 19099952 Claims 1,25 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 16,24 of the Copending application 19099952 in view of Barbaric Claims 5, 6 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 16,24 of the Copending application 19099952 in view of Barbaric further in view of Moran Saavedra Claims 7,8 are provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 16,24 of the Copending application 19099952 in view of Barbaric further in view of Anderson Claim 9 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 16,24 of the Copending application 19099952 in view of Barbaric further in view of Jiang Claim 10 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 16,24 of the Copending application 19099952 in view of Barbaric further in view of Jiang further in view of Huffman. Claim 26 is provisionally rejected on the ground of nonstatutory obviousness-type double patenting as being unpatentable over claims 16,24 of the Copending application 19099952 in view of Barbaric further in view of Kaplan Claims 1,25 of Instant application Claims 16,24 of application No. 19099952 Claim 1 An aerosol-generating device comprising: a controller comprising a cavity to receive an aerosol-generating article; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element, one or more processors, the controller configured to: provide an unlockable feature; wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom transmit an unlock request to a server to unlock the unlockable feature, wherein the unlock request comprises unique device-identification information identifying the aerosol-generating device and time-limited nonce information corresponding to the unlockable feature; receive an unlock grant from the server in response to the transmitted unlock request; and unlock the unlockable feature in response to reception of the unlock grant. Claim 16 16. (New) An aerosol-generating system, comprising: control circuitry; an aerosol-generating device and/or a companion device for the aerosol-generating device, wherein the aerosol-generating device and/or the companion device comprises at least one communications interface configured to provide device connectivity; and one or more user interface components comprising: ……. Claim 24 wherein the control circuitry is further configured, during the online phase of the authentication process, to: transmit an unlock request to a server to transition the aerosol-generating device from the locked state to the unlocked state, wherein the unlock request comprises unique device- identification information identifying the aerosol-generating device and time-limited nonce information corresponding to an unlockable feature of the aerosol-generating device, receive an unlock grant from the server in response to the transmitted unlock request, and transition the aerosol-generating device from the locked state to the unlocked state in response to reception of the unlock grant. Claim 25 A server for unlocking an unlockable feature of an aerosol-generating device comprising: An aerosol-generating device comprising: a controller comprising a cavity to receive an aerosol-generating article; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom a communication interface to transfer data to and from an aerosol-generating device; and a controller comprising one or more processors and operably coupled to the communication interface, wherein the controller is configured to: receive an unlock request from the aerosol-generating device to unlock the unlockable feature, wherein the unlock request comprises unique device- identification information identifying the aerosol-generating device and time-limited nonce information corresponding to the unlockable feature; and transmit an unlock grant to the aerosol-generating device to unlock the unlockable feature in response to the transmitted unlock request. Claim 16 An aerosol-generating system, comprising: control circuitry; an aerosol-generating device and/or a companion device for the aerosol-generating device, wherein the aerosol-generating device and/or the companion device comprises at least one communications interface configured to provide device connectivity; and one or more user interface components comprising: ……. Claim 24 wherein the control circuitry is further configured, during the online phase of the authentication process, to: transmit an unlock request to a server to transition the aerosol-generating device from the locked state to the unlocked state, wherein the unlock request comprises unique device- identification information identifying the aerosol-generating device and time-limited nonce information corresponding to an unlockable feature of the aerosol-generating device, receive an unlock grant from the server in response to the transmitted unlock request, and transition the aerosol-generating device from the locked state to the unlocked state in response to reception of the unlock grant. With regards to claim 1, the co-pending application 19099952 does not teach a cavity to receive an aerosol-generating article; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom, a communication interface to transfer data to and from an aerosol-generating device; and a controller comprising one or more processors and operably coupled to the communication interface. However, Barbaric teaches teach a cavity to receive an aerosol-generating article; a heating element to heat the aerosol-generating article to generate aerosol therefrom; and a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom, a communication interface to transfer data to and from an aerosol-generating device; and a controller comprising one or more processors and operably coupled to the communication interface (Fig.1A & 1B; ¶ 0036, ¶0004, ¶ 0015). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Barbaric. The motivation for doing so is to allow the system to unlock the vaporizer (Abstract – Barbaric). With regards to claims 5,6, the co-pending application 19099952 does not teach wherein the unlock grant is encrypted. wherein unlocking the unlockable feature in response to reception of the unlock grant comprises: decrypting the unlock grant; determining whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlocking the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information. However, Moran Saavedra teaches the unlock grant is encrypted wherein unlocking the unlockable feature in response to reception of the unlock grant comprises: decrypting the unlock grant; determining whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlocking the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information (¶ 0003, ¶ 0028). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed , thereby enabling unrestricted access . Such unrestricted access can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . With regards to claim 7, the co-pending application 19099952 does not teach wherein the controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period. However, Anderson teaches the controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period. (¶ 0341). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). With regards to claim 8, the co-pending application 19099952 does not teach wherein the controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock. However, Anderson teaches wherein the controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock. (¶ 0341). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). With regards to claim 9, the co-pending application 19099952 does not teach wherein the controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server. However, Jiang teaches wherein the controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server. (¶ 0059). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Jiang. The motivation for doing so is to allow the system to add preset time interval into the challenge value and that the attacker does not know the preset time interval , so that security of data in a transmission process is improved, and unlocking security is improved ( Jiang _ ¶ 0058). With regards to claim 10, the co-pending application 19099952 does not teach wherein the validity time period is less than or equal to 5 minutes. However, Huffman teaches wherein the validity time period is less than or equal to 5 minutes.. (¶ 0102). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Huffman. The motivation for doing so is to allow a response to be limited to a certain time limit in order to improve security and prevent attacks. With regards to claim 25, the co-pending application 19099952 teaches a server . However, the Copending application 19099952 does not teach server comprising: a communication interface to transfer data to and from an aerosol-generating device; and a controller comprising one or more processors and operably coupled to the communication interface However, Barbaric teaches server comprising: a communication interface to transfer data to and from an aerosol-generating device; and a controller comprising one or more processors and operably coupled to the communication interface It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Barbaric. The motivation for doing so is to allow the system to perform the operations executed on the server . With regards to claim 26, the co-pending application 19099952 does not teach wherein the controller is further configured to restrict a number of unlock grants transmitted to the aerosol-generating device However, Kaplan teaches wherein the controller is further configured to restrict a number of unlock grants transmitted to the aerosol-generating device. (¶ 0049). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Co-pending application 19099952 to include the teachings of Kaplan. The motivation for doing so is to allow the system to improve reliable reception of the responses ( Kaplan – ¶ 0049). Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 25-26 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. With regards to claim 25, the claim recites “A server for unlocking feature of an aerosol-generating device comprising a cavity to receive…..”. It unclear from the claim language if the server comprising a cavity or the aerosol generating device comprising a cavity. Therefore, the examiner is unable to determine the metes and bounds of the claim language. Claim Rejections - 35 USC § 103 The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1,5 -6,15-17,22-23,25 are rejected under 35 U.S.C. 103 as being unpatentable over Barbaric et al. Publication No. US 2020/0085105 A1 ( Barbaric hereinafter) in view of Moran Saavedra et al. Publication No. US 2020/0313876 A1 ( Moran Saavedra hereinafter) Regarding claim 1, Barbaric teaches an aerosol-generating device (Fig.1A & 1B; ¶ 0036 - Vaporizer) comprising: a cavity to receive an aerosol-generating article, a heating element to heat the aerosol-generating article to generate aerosol therefrom, and a power supply operably coupled to the heating element (Fig.1 A, ¶ 0015 - As shown in FIG. 1A, a disposable vaporizer l00A includes a mouthpiece 102, a precursor reservoir 104, fluidic channels 106A (e.g., microfluidics or other passageways), one or more chambers 106B, a power supply 108, memory 110, input/output module 111, a heating element 120, electronics 122, and a processor 124, all disposed within a common (e.g., monolithic) housing 101. Optionally, the disposable vaporizer l00A also includes one or more of: sensor(s) 114, additive(s) 116, membrane(s) 118, indicator (s) 112, and identifier(s) 123, also disposed within the common housing 101 – ¶ 0021 - a heating profile or target temperature range associated with the carrier material ( e.g., as determined by the processor 124 and/or provided to the processor 124 prior to use). The volatilized carrier material, or vapor, travels toward the mouthpiece via one or more of the expansion chamber(s) and one or more of the fluidic channels until it exits the vaporizer for inhalation by the user. In some embodiments, the disposable vaporizer l00A can be coupled to a mobile device, the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked). a controller comprising one or more processors (Fig.1A, ¶0015 – Processor) , the controller configured to: provide an unlockable feature, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom ( ( ¶ 0021 - the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked. In some embodiments, the disposable vaporizer 100A will not operate to trigger heater control circuitry without approval from a mobile device associated with the disposable vaporizer 100A); transmit an unlock request to a server to unlock the unlockable feature, wherein the unlock request comprises unique device-identification information identifying the aerosol-generating device and [..] (Fig.4, ¶ 0003 - The method also includes receiving a capsule attach event detection message including the capsule identifier, the vaporizer identifier, and at least one of the identifier of the compute device or the identifier of the user. A validity of the capsule attach event detection message is evaluated. If the capsule attach event detection message is valid, an unlock message is sent to the compute device or a vaporizer); receive an unlock grant from the server in response to the transmitted unlock request (¶0061 - the processor receives a capsule attach event detection message, and determines, at 494, whether the capsule attach event detection message is valid. If not, the processor sends an alert message (at 498) to the requestor (i.e., to the at least one of the vaporizer and the compute device). If the capsule attach event detection message is deemed to be valid, the processor sends an unlock message, at 496, to the requestor (i.e., to the at least one of the vaporizer and the compute device); and unlock the unlockable feature in response to reception of the unlock grant (¶ 0004 - If the capsule attach event detection message is valid, an unlock message is sent from the processor to one of the compute device or a vaporizer associated with the vaporizer identifier, to unlock the vaporizer for use - ¶ 0021 - the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked. In some embodiments, the disposable vaporizer 100A will not operate to trigger heater control circuitry without approval from a mobile device associated with the disposable vaporizer 100A. For example, in some embodiments, each time a user attempts to actuate the disposable vaporizer l00A for heating and vaporization of carrier material ( e.g., via applying suction to the mouthpiece or actuating a mechanical interface (e.g., button), the disposable vaporizer l00A can request approval for operation from the mobile device and/or a command center with which the disposable vaporizer 100A is associated. The disposable vaporizer 1 00A can then operate to heat and vaporize carrier material only if the disposable vaporizer l00A receives an unlock message from the mobile device and/or the command center). However, Barbaric does not explicitly teach wherein the unlock request comprises time-limited nonce information corresponding to the unlockable feature Moran Saavedra teaches wherein the unlock request comprises time-limited nonce information corresponding to the unlockable feature ( ¶0021 - the elevate function 310 can also record a current time in a timestamp , as well as , optionally , generate a nonce . Subsequently , the elevate function can encrypt the timestamp , optional nonce , and the newly generated public key 331 with the authorization public key 321 that was previously generated and distributed as art of , for example , the cloud infrastructure itself to generate a request token , such as the exemplary request token 340. Although not explicitly illustrated in FIG . 3 , a request token , such as the exemplary request token 340 , can also include other data like when was the last time the system was unlocked , a deployment identifier , and other like data . ¶ 0022 -the request token 340 can be displayed , such as in the form of a multi - character alpha numeric string , to the end - user administrator via the remote instance. ¶ 0028 - . For example , an address , or other like communicational identifier , of such a communicational endpoint can be identified as part of the transmission of the request token 340 ,thereby enabling the response token 360 to be directed to that communicational endpoint—¶ 0018 -the end - user administrator 150 can create an account on and remotely login to such an account and execute the command line interface 190 within such an account . As indicated , for security , the commands or functions which are allowed to be invoked or executed through such a remote instance 210 can , initially , be limited to only specific commands or functions , known as allowed commands or functions ). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed , thereby enabling unrestricted access . Such unrestricted access can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . Regarding claim 5, Barbaric teaches the unlock grant (¶0061). However, Barbaric does not explicitly teach that the grant is encrypted. Moran Saavedra teaches grant is encrypted ( ¶ 0003 - The remotely executing process can utilize the newly generated public key to encrypt response data such that it can only be decrypted by the elevate function having access to the newly generated private key. Such a response token can act as evidence of a dual - party authentication). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to encrypt the response in order to improve security. Regarding claim 6, Barbaric teaches unlocking the unlockable feature (¶0061 ). However, Barbaric does not explicitly teach controller is configured to decrypt the unlock grant, determine whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlock the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information. Moran Saavedra teaches controller is configured to decrypt the unlock grant ( ¶ 0003 - The remotely executing process can utilize the newly generated public key to encrypt response data such that it can only be decrypted by the elevate function having access to the newly generated private key. Such a response token can act as evidence of a dual - party authentication and the elevate function can remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed - ¶ 0024 - Upon receipt of the response token 360 , the elevate function 310 can then utilize in the newly generated private key 332 to decrypt the response token 360. If the response token 360 is able to be properly decrypted with the newly generated private key 332 , such a proper decryption can be a verification that the response token 360 was properly generated in response to the request token 340 , which conveyed the newly generated public key 331 used to properly generate the response token 360. Such a verification can then be a trigger to the elevate function 310 to elevate the remote instance 210 to allow for the aforementioned administrator , or unrestricted , access).; determine whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlock the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information (¶ 0028 -As an optional step , a further check can be made at step 480 to verify that the nonce received in the response token , if such a nonce was previously generated , and was included in the response token , is the same nonce as was previously generated . Again , if there is a discrepancy , the relevant processing can end at step 499. Conversely , if , at step 470 , the decrypt ability of the response token and , optionally the equivalence of the nonce , at step 480 , are verified , then the remote instance can be elevated to administrator access at step 490 , ¶ 0023 -the response token 360 can be provided directly to the elevate function 310 , such as through a port , interface , or other like communicational endpoint configured to receive such response tokens . For example , an address , or other like communicational identifier , of such a communicational endpoint can be identified as part of the transmission of the request token 340 ,thereby enabling the response token 360 to be directed to that communicational endpoint). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed , thereby enabling unrestricted access . Such unrestricted access can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . Regarding claim 15, Barbaric teaches a user interface device comprising (Fig.2A 228; ¶ 0031 – mobile device) comprising: a display comprising a graphical user interface to allow a user to interact therewith to unlock an unlockable feature of an aerosol-generating device (¶ 0021 - the disposable vaporizer l00A can be coupled to a mobile device (e.g., a mobile phone, tablet, or computer) via, for example, Bluetooth or WIFI, such that the mobile device can control one or more operations of the disposable vaporizer 100A. For example, the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked). wherein the aerosol-generating device comprises a cavity to receive an aerosol-generating article: a heating element to heat the aerosol-generating article to generate aerosol therefrom, and a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom ( Fig.1 A, ¶ 0015 - As shown in FIG. 1A, a disposable vaporizer l00A includes a mouthpiece 102, a precursor reservoir 104, fluidic channels 106A (e.g., microfluidics or other passageways), one or more chambers 106B, a power supply 108, memory 110, input/output module 111, a heating element 120, electronics 122, and a processor 124, all disposed within a common (e.g., monolithic) housing 101. Optionally, the disposable vaporizer l00A also includes one or more of: sensor(s) 114, additive(s) 116, membrane(s) 118, indicator (s) 112, and identifier(s) 123, also disposed within the common housing 101 – ¶ 0021 - a heating profile or target temperature range associated with the carrier material ( e.g., as determined by the processor 124 and/or provided to the processor 124 prior to use). The volatilized carrier material, or vapor, travels toward the mouthpiece via one or more of the expansion chamber(s) and one or more of the fluidic channels until it exits the vaporizer for inhalation by the user. In some embodiments, the disposable vaporizer l00A can be coupled to a mobile device, the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked). a communication interface to transfer data to and from the aerosol-generating device and a server, and a controller comprising one or more processors and operably coupled to the display and the communication interface, wherein the controller is configured to transmit the unlock request to the server ( ¶ 0021 - the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked. In some embodiments, the disposable vaporizer 100A will not operate to trigger heater control circuitry without approval from a mobile device associated with the disposable vaporizer 100A - Fig.4, ¶ 0003 - The method also includes receiving a capsule attach event detection message including the capsule identifier, the vaporizer identifier, and at least one of the identifier of the compute device or the identifier of the user. A validity of the capsule attach event detection message is evaluated. If the capsule attach event detection message is valid, an unlock message is sent to the compute device or a vaporizer); receive an unlock grant from the server in response to the transmitted unlock request (¶0061 - the processor receives a capsule attach event detection message, and determines, at 494, whether the capsule attach event detection message is valid. If not, the processor sends an alert message (at 498) to the requestor (i.e., to the at least one of the vaporizer and the compute device). If the capsule attach event detection message is deemed to be valid, the processor sends an unlock message, at 496, to the requestor (i.e., to the at least one of the vaporizer and the compute device – ¶ 0032 - Alternatively or in addition, messages related to user registration, vapor device registration and/or vapor device validation 244b can be exchanged between the command center 224 and the compute device 228B of the user. Alternatively or in addition, messages related to user registration, vapor device registration and/or vapor device validation 244b can be exchanged between the command center 224 and the mobile device 228A of the user); and transmit the unlock grant to the aerosol-generating device to unlock the unlockable feature (¶ 0004 - If the capsule attach event detection message is valid, an unlock message is sent from the processor to one of the compute device or a vaporizer associated with the vaporizer identifier, to unlock the vaporizer for use ( ¶ 0021 - the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked. In some embodiments, the disposable vaporizer 100A will not operate to trigger heater control circuitry without approval from a mobile device associated with the disposable vaporizer 100A. For example, in some embodiments, each time a user attempts to actuate the disposable vaporizer l00A for heating and vaporization of carrier material ( e.g., via applying suction to the mouthpiece or actuating a mechanical interface (e.g., button), the disposable vaporizer l00A can request approval for operation from the mobile device and/or a command center with which the disposable vaporizer 100A is associated. The disposable vaporizer 1 00A can then operate to heat and vaporize carrier material only if the disposable vaporizer l00A receives an unlock message from the mobile device and/or the command center). However, Barbaric does not explicitly teach receive an unlock request from the aerosol-generating device to unlock the unlockable feature, wherein the unlock request comprises unique device- identification information identifying the aerosol-generating device and time-limited nonce information corresponding to the unlockable feature Moran Saavedra teaches receive an unlock request from a device to unlock the unlockable feature, wherein the unlock request comprises unique device - identification information identifying the aerosol-generating device and time-limited nonce information corresponding to the unlockable feature wherein the unlock request comprises time-limited nonce information corresponding to the unlockable feature ( ¶0021 - the elevate function 310 can also record a current time in a timestamp , as well as , optionally , generate a nonce . Subsequently , the elevate function can encrypt the timestamp , optional nonce , and the newly generated public key 331 with the authorization public key 321 that was previously generated and distributed as art of , for example , the cloud infrastructure itself to generate a request token , such as the exemplary request token 340. Although not explicitly illustrated in FIG . 3 , a request token , such as the exemplary request token 340 , can also include other data like when was the last time the system was unlocked , a deployment identifier , and other like data . ¶ 0022 -the request token 340 can be displayed , such as in the form of a multi - character alpha numeric string , to the end - user administrator via the remote instance. ¶ 0028 - . For example , an address , or other like communicational identifier , of such a communicational endpoint can be identified as part of the transmission of the request token 340 ,thereby enabling the response token 360 to be directed to that communicational endpoint—¶ 0018 -the end - user administrator 150 can create an account on and remotely login to such an account and execute the command line interface 190 within such an account . As indicated , for security , the commands or functions which are allowed to be invoked or executed through such a remote instance 210 can , initially , be limited to only specific commands or functions , known as allowed commands or functions ). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed , thereby enabling unrestricted access . Such unrestricted access can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . Regarding claim 16, Barbaric teaches the unlock grant (¶0061). However, Barbaric does not explicitly teach that the grant is encrypted. Moran Saavedra teaches grant is encrypted ( ¶ 0003 - The remotely executing process can utilize the newly generated public key to encrypt response data such that it can only be decrypted by the elevate function having access to the newly generated private key. Such a response token can act as evidence of a dual - party authentication). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to encrypt the response in order to improve security. Regarding claim 17, Barbaric teaches unlocking the unlockable feature (¶0061 ). However, Barbaric does not explicitly teach controller is further configured to decrypt the unlock grant, determine whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlock the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information. Moran Saavedra teaches controller is further configured to decrypt the unlock grant ( ¶ 0003 - The remotely executing process can utilize the newly generated public key to encrypt response data such that it can only be decrypted by the elevate function having access to the newly generated private key. Such a response token can act as evidence of a dual - party authentication and the elevate function can remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed - ¶ 0024 - Upon receipt of the response token 360 , the elevate function 310 can then utilize in the newly generated private key 332 to decrypt the response token 360. If the response token 360 is able to be properly decrypted with the newly generated private key 332 , such a proper decryption can be a verification that the response token 360 was properly generated in response to the request token 340 , which conveyed the newly generated public key 331 used to properly generate the response token 360. Such a verification can then be a trigger to the elevate function 310 to elevate the remote instance 210 to allow for the aforementioned administrator , or unrestricted , access).; determine whether the decrypted unlock grant comprises the unique device- identification information and the time-limited nonce information; and unlock the unlockable feature in response to determination that the decrypted unlock grant comprises the unique device-identification information and the time-limited nonce information (¶ 0028 -As an optional step , a further check can be made at step 480 to verify that the nonce received in the response token , if such a nonce was previously generated , and was included in the response token , is the same nonce as was previously generated . Again , if there is a discrepancy , the relevant processing can end at step 499. Conversely , if , at step 470 , the decrypt ability of the response token and , optionally the equivalence of the nonce , at step 480 , are verified , then the remote instance can be elevated to administrator access at step 490 , ¶ 0023 -the response token 360 can be provided directly to the elevate function 310 , such as through a port , interface , or other like communicational endpoint configured to receive such response tokens . For example , an address , or other like communicational identifier , of such a communicational endpoint can be identified as part of the transmission of the request token 340 ,thereby enabling the response token 360 to be directed to that communicational endpoint). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed , thereby enabling unrestricted access . Such unrestricted access can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . Regarding claim 22, Barbaric further teaches wherein the user interface device comprises a cellular telephone (¶ 0021 – disposable vaporizer l00A can be coupled to a mobile device (e.g., a mobile phone, tablet, or computer) via, for example, Bluetooth or Wifi, such that the mobile device can control one or more operations of the disposable vaporizer 100A.). Regarding claim 23, Barbaric further teaches wherein the user interface device comprises a display comprising a graphical user interface to allow a user to attempt to unlock the unlockable feature ¶ 0021 – disposable vaporizer l00A can be coupled to a mobile device (e.g., a mobile phone, tablet, or computer) via, for example, Bluetooth or Wifi, such that the mobile device can control one or more operations of the disposable vaporizer 100A. – See Also Claim 2 display of an alert message via a graphical user interface (GUI) of the compute device; or haptic feedback at the compute device- the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked – ¶ 0036 - user 226 interacts with a software application associated with the vaporizer 222, and/or at predetermined intervals). Regarding claim 25, Barbaric teaches a server for unlocking an unlockable feature of an aerosol-generating device comprising: (Fig.2 – Command center ; ¶ 0036 - Vaporizer) comprising: a cavity to receive an aerosol-generating article: a heating element to heat the aerosol-generating article to generate aerosol therefrom a power supply operably coupled to the heating element, wherein the unlockable feature is the ability to use the heating element to heat the aerosol-generating article to generate aerosol therefrom, the server comprising ( Fig.1 A, ¶ 0015 - As shown in FIG. 1A, a disposable vaporizer l00A includes a mouthpiece 102, a precursor reservoir 104, fluidic channels 106A (e.g., microfluidics or other passageways), one or more chambers 106B, a power supply 108, memory 110, input/output module 111, a heating element 120, electronics 122, and a processor 124, all disposed within a common (e.g., monolithic) housing 101. Optionally, the disposable vaporizer l00A also includes one or more of: sensor(s) 114, additive(s) 116, membrane(s) 118, indicator (s) 112, and identifier(s) 123, also disposed within the common housing 101 – ¶ 0021 - a heating profile or target temperature range associated with the carrier material ( e.g., as determined by the processor 124 and/or provided to the processor 124 prior to use). The volatilized carrier material, or vapor, travels toward the mouthpiece via one or more of the expansion chamber(s) and one or more of the fluidic channels until it exits the vaporizer for inhalation by the user. In some embodiments, the disposable vaporizer l00A can be coupled to a mobile device, the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked). a communication interface to transfer data to and from an aerosol-generating device; and a controller comprising one or more processors and operably coupled to the communication interface, wherein the controller is configured to: receive an unlock request from the aerosol-generating device to unlock the unlockable feature, wherein the unlock request comprises unique device-identification information identifying the aerosol-generating device and [..] ( ¶ 0021 - the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor 124 does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked. In some embodiments, the disposable vaporizer 100A will not operate to trigger heater control circuitry without approval from a mobile device associated with the disposable vaporizer 100A); (Fig.4, ¶ 0003 - The method also includes receiving a capsule attach event detection message including the capsule identifier, the vaporizer identifier, and at least one of the identifier of the compute device or the identifier of the user. A validity of the capsule attach event detection message is evaluated. If the capsule attach event detection message is valid, an unlock message is sent to the compute device or a vaporizer) -See Also ¶ 0061); transmit an unlock grant to the aerosol-generating device to unlock the unlockable feature in response to the transmitted unlock request. (¶0061 - the processor receives a capsule attach event detection message, and determines, at 494, whether the capsule attach event detection message is valid. If not, the processor sends an alert message (at 498) to the requestor (i.e., to the at least one of the vaporizer and the compute device). If the capsule attach event detection message is deemed to be valid, the processor sends an unlock message, at 496, to the requestor (i.e., to the at least one of the vaporizer and the compute device ( ¶ 0021 - the mobile device can lock and/or unlock the disposable vaporizer 100A such that the processor does not actuate the heater control circuitry when locked and the processor 124 can actuate the heater control circuitry when unlocked. In some embodiments, the disposable vaporizer 100A will not operate to trigger heater control circuitry without approval from a mobile device associated with the disposable vaporizer 100A. For example, in some embodiments, each time a user attempts to actuate the disposable vaporizer l00A for heating and vaporization of carrier material ( e.g., via applying suction to the mouthpiece or actuating a mechanical interface (e.g., button), the disposable vaporizer l00A can request approval for operation from the mobile device and/or a command center with which the disposable vaporizer 100A is associated. The disposable vaporizer 1 00A can then operate to heat and vaporize carrier material only if the disposable vaporizer l00A receives an unlock message from the mobile device and/or the command center). However, Barbaric does not explicitly teach wherein the unlock request comprises time-limited nonce information corresponding to the unlockable feature Moran Saavedra teaches wherein the unlock request comprises time-limited nonce information corresponding to the unlockable feature ( ¶0021 - the elevate function 310 can also record a current time in a timestamp , as well as , optionally , generate a nonce . Subsequently , the elevate function can encrypt the timestamp , optional nonce , and the newly generated public key 331 with the authorization public key 321 that was previously generated and distributed as art of , for example , the cloud infrastructure itself to generate a request token , such as the exemplary request token 340. Although not explicitly illustrated in FIG . 3 , a request token , such as the exemplary request token 340 , can also include other data like when was the last time the system was unlocked , a deployment identifier , and other like data . ¶ 0022 -the request token 340 can be displayed , such as in the form of a multi - character alpha numeric string , to the end - user administrator via the remote instance. ¶ 0028 - . For example , an address , or other like communicational identifier , of such a communicational endpoint can be identified as part of the transmission of the request token 340 ,thereby enabling the response token 360 to be directed to that communicational endpoint—¶ 0018 -the end - user administrator 150 can create an account on and remotely login to such an account and execute the command line interface 190 within such an account . As indicated , for security , the commands or functions which are allowed to be invoked or executed through such a remote instance 210 can , initially , be limited to only specific commands or functions , known as allowed commands or functions ). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Moran Saavedra. The motivation for doing so is to allow the system to remove the restrictions associated with the endpoint through which the interface into the functionality of the cloud computing infrastructure was accessed , thereby enabling unrestricted access . Such unrestricted access can be limited in duration , which duration can be established in advance , or agreed - upon through the key exchange mechanism (¶ 0003 - Moran Saavedra) . Claims 7,8,18,19 are rejected under 35 U.S.C. 103 as being unpatentable over Barbaric in view of Moran Saavedra further in view of Anderson et al. Publication No. US 2020/0000143 A1 ( Anderson hereinafter) Regarding claim 7, Barbaric does not explicitly teach wherein the controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period. However, Anderson teaches controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period (See Also ¶ 0341. A personal vaporizer may be deactivated following a threshold criteria being met. For example, the vaporizer may be rendered inactive after a period of inactivity. The period of inactivity may be preset and/or selected by the user (e.g., using the control software of running on the personal digital device). Thus, the period of inactivity may be a configurable parameter of the vaporizer. The application software/firmware may include functionality to unlock or activate the vaporizer using authentication, as mentioned above.). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). Regarding claim 8, Barbaric does not explicitly teach wherein the controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock. However, Anderson teaches wherein the controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock (See Also ¶ 0341. A personal vaporizer may be deactivated following a threshold criteria being met. For example, the vaporizer may be rendered inactive after a period of inactivity. The period of inactivity may be preset and/or selected by the user (e.g., using the control software of running on the personal digital device). Thus, the period of inactivity may be a configurable parameter of the vaporizer. The application software/firmware may include functionality to unlock or activate the vaporizer using authentication, as mentioned above.). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). Regarding claim 18, Barbaric does not explicitly teach wherein the controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period. However, Anderson teaches controller is further configured to temporarily re-lock the unlockable feature for a temporary locked time period (See Also ¶ 0341. A personal vaporizer may be deactivated following a threshold criteria being met. For example, the vaporizer may be rendered inactive after a period of inactivity. The period of inactivity may be preset and/or selected by the user (e.g., using the control software of running on the personal digital device). Thus, the period of inactivity may be a configurable parameter of the vaporizer. The application software/firmware may include functionality to unlock or activate the vaporizer using authentication, as mentioned above.). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). Regarding claim 19, Barbaric does not explicitly teach wherein the controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock. However, Anderson teaches controller is further configured to allow a user to select an amount of time in the temporary locked time period and to initiate the temporary re-lock. (See Also ¶ 0341. A personal vaporizer may be deactivated following a threshold criteria being met. For example, the vaporizer may be rendered inactive after a period of inactivity. The period of inactivity may be preset and/or selected by the user (e.g., using the control software of running on the personal digital device). Thus, the period of inactivity may be a configurable parameter of the vaporizer. The application software/firmware may include functionality to unlock or activate the vaporizer using authentication, as mentioned above.). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Anderson. The motivation for doing so is to allow the delivery of current to a heating element or otherwise activating an atomizer that causes production of inhalable aerosol. (Anderson – ¶ 0354). Claims 9,20 are rejected under 35 U.S.C. 103 as being unpatentable over Barbaric in view of Moran Saavedra further in view of Jiang et al. Publication No. US 2021/0219134 A1 ( Jiang hereinafter) Regarding claim 9, Barbaric does not explicitly teach wherein the controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server However, Jiang teaches controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server (¶ 0059 – response to checking succeeds, it is determined whether a time interval between initiation of the challenge value and reception of the response value is less than or equal to preset time interval for M communications, M being a preset positive integer. If the time interval between initiation of the challenge value and reception of the response value is less than or equal to preset time interval for M communications, then unlocking is allowed. If the time interval between initiation of the challenge value and reception of the response value is greater than preset time interval for M communications, then it is determined that unlocking fails – Claim 6). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Jiang. The motivation for doing so is to allow the system to add preset time interval into the challenge value and that the attacker does not know the preset time interval , so that security of data in a transmission process is improved, and unlocking security is improved ( Jiang _ ¶ 0058). Regarding claim 20, Barbaric does not explicitly teach wherein the controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server However, Jiang teaches controller is further configured to terminate unlocking the unlockable feature if the unlock grant is not received following a validity time period after the unlock request is transmitted to the server (¶ 0059 – response to checking succeeds, it is determined whether a time interval between initiation of the challenge value and reception of the response value is less than or equal to preset time interval for M communications, M being a preset positive integer. If the time interval between initiation of the challenge value and reception of the response value is less than or equal to preset time interval for M communications, then unlocking is allowed. If the time interval between initiation of the challenge value and reception of the response value is greater than preset time interval for M communications, then it is determined that unlocking fails – Claim 6). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Jiang. The motivation for doing so is to allow the system to add preset time interval into the challenge value and that the attacker does not know the preset time interval , so that security of data in a transmission process is improved, and unlocking security is improved ( Jiang _ ¶ 0058). Claims 10,21 are rejected under 35 U.S.C. 103 as being unpatentable over Barbaric in view of Moran Saavedra further in view of Jiang further in view of Huffman et al. Publication No. US 2020/0403992 A1 ( Huffman hereinafter) Regarding claim 10, Barbaric in view of Jiang teaches the validity time period ( Jiang – ¶ 0059). However, Barbaric In view of Jiang does not explicitly teach wherein the validity time period is less than or equal to 5 minutes. However, Huffman teaches validity time period is less than or equal to 5 minutes (¶ 0102 - a determination is made as to whether a response is received from the user to the requested authentication operation via the mobile trust application. In some instances, the time for a response may be limited to a certain time limit (e.g., five (5) minutes from the initial request) before the transaction is rejected. If no response is received, at 440 an indication of the failure of the authentication operation can be provided to the customer system). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric in view of Jiang to include the teachings of Huffman. The motivation for doing so is to allow a response to be limited to a certain time limit in order to improve security and prevent attacks. Regarding claim 21, Barbaric in view of Jiang teaches the validity time period ( Jiang – ¶ 0059). However, Barbaric in view of Jiang does not explicitly teach wherein the validity time period is less than or equal to 5 minutes. However, Huffman teaches validity time period is less than or equal to 5 minutes (¶ 0102 - a determination is made as to whether a response is received from the user to the requested authentication operation via the mobile trust application. In some instances, the time for a response may be limited to a certain time limit (e.g., five (5) minutes from the initial request) before the transaction is rejected. If no response is received, at 440 an indication of the failure of the authentication operation can be provided to the customer system). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric in view of Jiang to include the teachings of Huffman. The motivation for doing so is to allow a response to be limited to a certain time limit in order to improve security and prevent attacks. Claim 24 is rejected under 35 U.S.C. 103 as being unpatentable over Barbaric in view of Moran Saavedra further in view of Stanfield et al. Publication No. US 2019/0092282 A1 ( Stanfield hereinafter) Regarding claim 24, Barbaric teaches the locking/unlocking the aerosol-generation device (¶ 0036). However, Barbaric does not explicitly teach wherein the controller is further configured to: display, on the graphical user interface, an unlockable feature graphical region; and allow a user to select the unlockable feature graphical region to initiate the aerosol- generating device to transmit the unlock request thereto. Stanfield teaches the controller is further configured to: display, on the graphical user interface, an unlockable feature graphical region; and allow a user to select the unlockable feature graphical region to initiate a device to transmit the unlock request thereto (Fig.4 – shows on GUI a unlock region and allowing the user to select unlockable region to initiate an unlock request). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Stanfield. The motivation for doing so is to allow the user to transmit unlock request using GUI (Fig.4 – Stanfield). Claim 26 is rejected under 35 U.S.C. 103 as being unpatentable over Barbaric in view of Moran Saavedra further in view of Kaplan et al. Publication No. US 2013/0057406 A1 ( Kaplan hereinafter) Regarding claim 26, Barbaric teaches the unlock grant transmitted to aerosol -generating device (¶ 004, ¶ 0061). However, Barbaric does not explicitly teach wherein the controller is further configured to restrict a number of unlock grants transmitted to the aerosol-generating device. Kaplan teaches wherein the controller is further configured to restrict a number of grants transmitted to a device. (¶ 0049 - Usually a transmitted packet requires a response from all addressed tags. By using prior knowledge, the transmitting tag has the responsibility to limit the number of responses to an optimal number by using a random group division. The random group division method ensures that the group never exceeds the maximum traffic allowed by the protocol, and improves reliable reception of the responses). It would have been obvious to a person of ordinary skill in the art before the effective filing date of the claimed invention to modify the teachings of Barbaric to include the teachings of Kaplan. The motivation for doing so is to allow the system to improve reliable reception of the responses (Kaplan – ¶ 0049). Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure “wherein the unlock request comprises time-limited nonce information corresponding to the unlockable feature” Mani et al. Publication No. US 2019/0253255 A1 - ¶0020, ¶ 0076- ¶0 077 Any inquiry concerning this communication or earlier communications from the examiner should be directed to YOUNES NAJI whose telephone number is (571)272-2659. The examiner can normally be reached on Monday - Friday 8:30 AM -5:30 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Oscar A Louie can be reached on (571) 270-1684. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /YOUNES NAJI/Primary Examiner, Art Unit 2445