DENTAL SYSTEM, DEVICES AND METHOD OF SECURING COMMUNICATION FOR A USER APPLICATION

§101 §103

DETAILED ACTION Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Notice to Applicant This communication is in response to application filed 12/13/2024. It is noted that application is a 371 of PCT/EP2023/066212 filed 06/16/2023 which claims priority to EP 22179521.4 filed 06/17/2022. Claims 1-15 are pending. Priority Receipt is acknowledged of certified copies of papers required by 37 CFR 1.55. Information Disclosure Statement Information disclosure statements dated 12/13/24 and 4/7/2025 have been acknowledged and considered. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-15 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claims 1-12 are drawn to method of securing communication for a user application installed on an external device of a dental system, which is within the four statutory categories (i.e. process). Claims 13-15 are drawn to a system for securing communication for a user application installed on an external device of a dental system, which is within the four statutory categories (i.e. machine). Representative independent claim 1 includes limitations that recite at least one abstract idea. Specifically, independent claim 1 recites: (Currently Amended) A method of securing communication for a user application installed on an external device of a dental system comprising an intraoral scanning device, a server device, and the external device, wherein securing communication for the user application comprises: obtaining challenge data in the server device; transmitting the challenge data from the server device to the user application installed on the external device; transmitting a challenge request comprising the challenge data from the user application to the intraoral scanning device; receiving a challenge response comprising response data from the intraoral scanning device; forwarding the response data from the user application to the server device; verifying the response data in the server device based on the challenge data; and approving the user application in the server device if verifying the response data is successful. These recited underlined limitations fall within the "Certain Methods of Organizing Human Activities" grouping of abstract ideas as it relates to – fundamental economic principles or practices (including hedging, insurance, mitigating risk); commercial or legal interactions (including agreements in the form of contracts; legal obligations; advertising, marketing or sales activities or behaviors; business relations); managing personal behavior or relationships or interactions between people (including social activities, teaching, and following rules or instructions) (see MPEP § 2106.04(a)(2), subsection II). The limitations of obtaining challenge data; transmitting challenge data; transmitting a challenge request; receiving a challenge response; forwarding the response data; verifying the response data; and approving the user application if verification is successful as drafted and detailed above, are steps that, under its broadest reasonable interpretation, recites steps for organizing human interactions. The claim teaches evaluating information (challenge data, response data, device identifiers, timestamps), and determining whether to approve or not approve a user application for communication with a device. This is a concept relating to tracking or filtering challenge data information. Tracking information or filtering content has been found to be an abstract idea and a method of organizing human behavior. See MPEP 2106.04(a)(2)(II)(C). Furthermore, the concept of managing permissions and access, verifying whether a condition is satisfied before allowing communication—are methods of organizing human activity (managing access/authorization). That is other than reciting “server device” and “user application” language, nothing in the claim element precludes the steps from describing concepts related to receiving and organizing patient data between people. If a claim limitation, under its broadest reasonable interpretation, covers concepts related to interpersonal and intrapersonal activities then it falls within the “Certain Methods of Organizing Human Activity” grouping of abstract ideas. Accordingly, the claim recites an abstract idea. In the present case, the additional limitations beyond the above-noted at least one abstract idea are as follows (where the bolded portions are the “additional limitations” while the underlined portions continue to represent the at least one “abstract idea”): (Currently Amended) A method of securing communication for a user application installed on an external device of a dental system comprising an intraoral scanning device, a server device, and the external device, wherein securing communication for the user application comprises: obtaining challenge data in the server device; transmitting the challenge data from the server device to the user application installed on the external device;* transmitting a challenge request comprising the challenge data from the user application to the intraoral scanning device; receiving a challenge response comprising response data from the intraoral scanning device; forwarding the response data from the user application to the server device; verifying the response data in the server device based on the challenge data; and approving the user application in the server device if verifying the response data is successful. For the following reasons, the Examiner submits that the above identified additional limitations do not integrate the above-noted at least one abstract idea into a practical application. The additional elements (i.e. the limitations not identified as part of the abstract idea) amount to no more than limitations which: amount to mere instructions to apply an exception, see MPEP 2106.05(f). the recitations performing the functions in the server device amounts to merely invoking a computer as a tool to perform the abstract idea, e.g. see paragraph pg. 13 of the present Specification. generally link the abstract idea to a particular technological environment or field of use, see MPEP 2106.05(h)– for example, the recitation of an external device of a dental system comprising an interoral scanning device, a server device and the external device merely limits the abstract idea the environment of a dental system comprising a server device and an interoral scanning device system. Thus, taken alone, the additional elements do not integrate the at least one abstract idea into a practical application. Independent claim 1 does not include additional elements that are sufficient to amount to “significantly more” than the judicial exception. As discussed above with respect to discussion of integration of the abstract idea into a practical application, the additional elements amount to no more than mere instructions to apply an exception and generally linking the abstract idea to a particular technological environment or field of use and the same analysis applies with regards to whether they amount to “significantly more.” Therefore, the additional elements do not add significantly more to the at least one abstract idea. As per claim 13, the claim teaches limitations similar to claim 1 and the same abstract idea (“certain methods of organizing human activity”) for the same reasons as stated above. Independent claim 11 is directed to an abstract idea. Furthermore, for similar reasons as representative independent claim 1, analogous independent claims 13 does not recite additional elements that integrate the judicial exception into a practical application nor add significantly more. The following dependent claims further the define the abstract idea or are also directed to an abstract idea itself: Dependent claims 2-4 further define the at least one abstract idea (and thus fail to make the abstract idea any less abstract). In relation to claims 5-12 and 14-15, that teaching setting a status identifier; linking the user application to the server device; transmitting a request; storing an approval timestamp; initiating communication; verifying the response data under its broadest reasonable interpretation, covers interactions between people or managing personal behavior or relationships The dependent claims further do not include additional elements (considered both individually and as an ordered combination) that are sufficient to amount to significantly more than the judicial exception for the same reasons to those discussed above with respect to determining that the dependent claims do not integrate the at least one abstract idea into a practical application. Therefore, claims 1-15 are ineligible under 35 USC §101. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1-15 are rejected under 35 U.S.C. 103 as being unpatentable over Vendelbo (10,779,093) in view of Pesach (10,966,614) As per claim 1, Vendelbo teaches a method of securing communication for a user application installed on an external device of a dental system comprising a hearing device, a server device, and the external device, wherein securing communication for the user application comprises: obtaining challenge data in the server device (Vendelbo; Col. 10, lines 60-62 securing communication … comprises obtaining 202 challenge data in a server device and describes generating/storing challenge data in server); transmitting the challenge data from the server device to the user application installed on the external device (Vendelbo; Col. 10, lines 60-63 transmitting 204 the challenge data from the server device to the user application” (challenge message 104 with challenge data 102)); transmitting a challenge request comprising the challenge data from the user application to the hearing device (Vendelbo; Col. 9, lines 22-25f the user application 12 … transmits a challenge request 106 comprising the challenge data 102 … to the hearing device 8 (the peripheral device); receiving a challenge response comprising response data from the intraoral scanning device (Vendelbo; Col. 9, lines 27-30 the user application … receiving 208 a challenge response 108 comprising response data 110 from the hearing device 8) forwarding the response data from the user application to the server device (Vendelbo; Col. 9, lines 30-35 the user application forwards the response data 110 in a response message 112 to the server device 4); verifying the response data in the server device based on the challenge data (Vendelbo; Col. 9, lines 32-35; the server device 4 verifies 210 the response data 110 based on the challenge data and further details how verification uses challenge data, device identifiers, etc) and approving the user application in the server device if verifying the response data is successful (Vendelbo; Col. 10, lines 3-6 approving 212 the user application in the server device 4 if verifying the response data 110 is successful 214;” also: server regards the app as trusted/whitelisted upon successful verification). Vendelbo teaches an architecture for securing communication between a peripheral medical device and a user application via a server in a hearing device. Vendelbo does not expressly teach this architecture in the context of an interoral scanner device. However dental systems including intraoral scanners that acquire intraoral images and communicate with external computing devices and/or remote systems for processing and managing dental data were old and well known in the art as evidenced by Pesach. Pesach teaches shows that intraoral scanners and associated external devices are networked medical devices that exchange sensitive patient data and device-specific settings in a manner analogous to Vendelbo's hearing systems. Substituting Pesach intraoral scanner and its external computing device for Vendelbo's hearing device and user accessory device amounts to a simple substitution of one known type of medical peripheral device for another in an otherwise unchanged secure-communication framework. This substitution would have been a predictable use of prior-art elements according to their established functions, since both references concern networked medical devices that communicate with external devices and servers. Therefore, it would have been obvious to modify the method of Vendelbo so that the peripheral device is an intraoral scanning device in a dental system, as taught by Pesach, thereby arriving at the method of claim 1 with no change in the underlying challenge/response and approval technique. As per claim 2, Vendelbo teaches the method according to claim 1, wherein the method comprises determining the response data in the intraoral scanning device based on the challenge data and an intraoral scanning device identifier of the intraoral scanning device (Vendlbo; Col. 6, lines 13-15) As per claim 3, Vendelbo teaches the method according to claim 1, wherein the response data comprises or is indicative of an intraoral scanning device identifier (Vendlbo; Col. 6, lines 13-15) As per claim 4, Vendelbo teaches the method according to claim 1, wherein receiving a challenge response comprising response data from the intraoral scanning device is performed by the user application (Vendelbo; Col. 5, lines 42-45). As per claim 5, Vendelbo teaches the method according to claim 1, wherein approving the user application comprises setting a user application status identifier to a value indicative of the user application being approved (Vendelbo; Col. 6, lines 56-58). As per claim 6, Vendelbo teaches the method according to claim 1, the method comprising setting a user application status identifier to a value indicative of the user application not being approved if verifying the response data fails (Vendelbo; Col. 6, lines 40-41). As per claim 7, Vendelbo teaches the method according to claim 1, wherein the method comprises linking the user application to an intraoral scanning device in a memory of the server device if verifying the response data is successful (Vendelbo; Col. 2, lines 50-54). As per claim 8, Vendelbo teaches the method according to claim 1, the method comprising transmitting a request for challenge data from the user application (Vendelbo; Col. 6, lines 63-64). As per claim 9, Vendelbo teaches the method according to claim 8, wherein the request for challenge data is transmitted if a first approval criterion is fulfilled (Vendelbo; Col. 3, lines 25-26). As per claim 10, Vendelbo teaches the method according to claim 1, the method comprising storing an approval timestamp indicative of time of last approval (Vendelbo; Col. 2, lines 59-60); determining if a second approval criterion based on the approval timestamp is fulfilled (Vendelbo; Col. 3, lines 26-28); and initiate securing communication for the user application if the second approval criterion is fulfilled (Vendelbo; Col. 3, lines 23-24). As per claim 11, Vendelbo teaches the method according to claim 1, wherein approving the user application comprises transmitting intraoral scanning device settings specific for the intraoral scanning device to the user application (Vendelbo; Col. 3, lines 26-27). As per claim 12, Vendelbo teaches the method according to claim 1, wherein obtaining challenge data comprises storing the challenge data in the server device, or wherein verifying the response data in the server device based on the challenge data comprises calculating the challenge data (Vendelbo; Col. 6, lines 5-7). Claim 13 repeats substantially similar limitations as claim 1, but in the form of a computer system. The reasons for rejection are incorporated herein. Claim 14 repeats substantially similar limitations as claims 9-10, but in the form of a computer system. The reasons for rejection are incorporated herein. Claim 15 repeats substantially similar limitations as claims 8-9, but in the form of a computer system. The reasons for rejection are incorporated herein. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. The closest foreign prior art of record Fang (CN-106209749-A) teaches a method, apparatus and related device for single sign-on and processing method and apparatus of application. The closest non-patent literature of record Tulasidas (Tulasidas, Sivanesan. “Secure Expandable Communication Framework for POCT System Development and Deployment.” A thesis submitted in partial fulfillment for the degree of Doctor of Philosophy in the College of Engineering, Design and Physical Sciences Department of Electronic and Computer Engineering. Brunel University London. November 2018) teaches secure cloud architecture was created with a new way of data storage and security algorithms models designed to address the security threats in the POCT system. Any inquiry concerning this communication or earlier communications from the examiner should be directed to LINH GIANG MICHELLE LE whose telephone number is (571)272-8207. The examiner can normally be reached Mon- Fri 8:30am - 5:30pm PST. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, JASON DUNHAM can be reached at 571-272-8109. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. LINH GIANG "MICHELLE" LE PRIMARY EXAMINER Art Unit 3686 /LINH GIANG LE/Primary Examiner, Art Unit 3686 1/10/26