Edwin H Wrench

6643698, Nov 4, 2003

Aug 7, 2001

09/925079

James M. Holden - Valley Center CA
Stephen E. Levin - Poway CA
David W. Snow - late of Convent Station NJ
Edwin H. Wrench - San Diego CA

Micron Technology, Inc. - Boise ID

G06F 1300

709225, 709218, 709250, 713201

A method is disclosed for mixed enclave operation of a computer network with users employing a multi-level network security interface and users without any network security interface. Either the network security user selects or the network security interface automatically selects whether communications are permissible with other unsecured users. Where a mixed enclave operation is selected, the network security user identifies when communications are being undertaken with another secured user or a non-secured user. Communications with a non-secured user at a lower security level entail securing the data residing with the secured user from transmission back to the non-secured user.

6760768, Jul 6, 2004

Aug 7, 2001

09/924214

James M. Holden - Valley Center CA
Stephen E. Levin - Poway CA
James O. Nickel - Dayton MD
Edwin H. Wrench - San Diego CA

Micron Technology, Inc. - Boise ID

G06F 1300

709227, 709219, 709225, 713201

A multi-level network security system is disclosed for a computer host device coupled to at least one computer network. The system including a secure network interface Unit (SNIU) contained within a communications stack of the computer device that operates at a user layer communications protocol. The SNIU communicates with other like SNIU devices on the network by establishing an association, thereby creating a global security perimeter for end-to-end communications and wherein the network may be individually secure or non-secure without compromising security of communications within the global security perimeter. The SNIU includes a host/network interface for receiving messages sent between the computer device and network. The interface operative to convert the received messages to and from a format utilized by the network. A message parser for determining whether the association already exists with another SNIU device.

6993582, Jan 31, 2006

Oct 21, 2003

10/691058

James M. Holden - Valley Center CA, US
Stephen E. Levin - Poway CA, US
Mary Snow, legal representative - Convent Station NJ, US
Edwin H. Wrench - San Diego CA, US

Micron Technology Inc. - Boise ID

G06F 13/00

709225, 709217, 709250, 713201

A method is disclosed for mixed enclave operation of a computer network with users employing a multi-level network security interface and users without any network security interface. Either the network security user selects or the network security interface automatically selects whether communications are permissible with other unsecured users. Where a mixed enclave operation is selected, the network security user identifies when communications are being undertaken with another secured user or a non-secured user. Communications with a non-secured user at a lower security level entail securing the data residing with the secured user from transmission back to the non-secured user.

7475137, Jan 6, 2009

Jun 25, 2004

10/877791

James M. Holden - Valley Center CA, US
Stephen E. Levin - Poway CA, US
James O. Nickel - Dayton MD, US
Edwin H. Wrench - San Diego CA, US

Micron Technology, Inc. - Boise ID

G06F 13/00

709225, 709219, 709227, 709250

A multi-level network security system is disclosed for a computer host device coupled to at least one computer network. The system including a secure network interface Unit (SNIU) contained within a communications stack of the computer device that operates at a user layer communications protocol. The SNIU communicates with other like SNIU devices on the network by establishing an association, thereby creating a global security perimeter for end-to-end communications and wherein the network may be individually secure or non-secure without compromising security of communications within the global security perimeter. The SNIU includes a host/network interface for receiving messages sent between the computer device and network. The interface operative to convert the received messages to and from a format utilized by the network. A message parser for determining whether the association already exists with another SNIU device.

7624180, Nov 24, 2009

Sep 28, 2005

11/236957

James M. Holden - Valley Center CA, US
Stephen E. Levin - Poway CA, US
David W. Snow - Convent Station NJ, US
Mary Snow, legal representative - Convent Station NJ, US
Edwin H. Wrench - San Diego CA, US

Micron Technology, Inc. - Boise ID

G06F 13/00

709225, 709219, 709250

A method is disclosed for mixed enclave operation of a computer network with users employing a multi-level network security interface and users without any network security interface. Either the network security user selects or the network security interface automatically selects whether communications are permissible with other unsecured users. Where a mixed enclave operation is selected, the network security user identifies when communications are being undertaken with another secured user or a non-secured user. Communications with a non-secured user at a lower security level entail securing the data residing with the secured user from transmission back to the non-secured user.

7797423, Sep 14, 2010

Jul 11, 2007

11/776445

James M Holden - Valley Center CA, US
Stephen E Levin - Poway CA, US
James O Nickel - Dayton MD, US
Edwin H Wrench - San Diego CA, US

Round Rock Research, LLC - Mount Kisco NY

G06F 13/00

709225, 709219, 709227, 709250

A computerized access device useful within a network and adapted to provide communication security. In one embodiment, the network comprises an untrusted network, and the access device comprises stand-alone network security apparatus adapted to create associations with other network security devices on the network. Traffic between the associated devices may be encrypted for e. g. , data confidentiality and integrity protection. In one variant, the network security apparatus comprises a software entity disposed at least partly within the software stack of a stand-alone hardware device. In another variant, the device functions as a gateway or portal to another network (e. g. , the Internet or another untrusted network), or to another device within the same network.

7827291, Nov 2, 2010

Jul 11, 2007

11/776413

James M Holden - Valley Center CA, US
Stephen E Levin - Poway CA, US
James O Nickel - Dayton MD, US
Edwin H Wrench - San Diego CA, US

Round Rock Research, LLC - Mount Kisco NY

G06F 13/00

709228, 709219, 709250

A system adapted to provide communication security between computerized devices in, for example, an ad hoc or temporary networked environment. In one embodiment, the network comprises an untrusted network, and the system includes network security apparatus adapted to create security associations between devices on the network, including mutual authentication. Traffic between the associated devices may be encrypted for e. g. , data confidentiality and integrity protection. In one variant, the network security apparatus comprises a software entity disposed at least partly within the software stack of the devices. The associated devices may be for example fixed or portable, and may be untrusted (e. g. , have an untrusted operating system).

7831722, Nov 9, 2010

Jul 11, 2007

11/776406

James M Holden - Valley Center CA, US
Stephen E Levin - Poway CA, US
James O Nickel - Dayton MD, US
Edwin H Wrench - San Diego CA, US

Round Rock Research, LLC - Mount Kisco NY

G06F 13/00

709228, 709225, 709250

A portable communications device adapted to provide communications security and user identification, and authentication. In one embodiment, the device is useful with an untrusted network, and comprises security apparatus adapted to create associations with one or more security devices on the network. Traffic between the associated devices may be encrypted and residue-protected for e. g. , data confidentiality and integrity protection. In one variant, the security apparatus comprises a software entity disposed at least partly within the software stack of a host. A security card may also be used as part of the security apparatus. The portable device may be untrusted (e. g. , have an untrusted operating system) and also be physically unsecure. In one variant, the security apparatus is also agnostic to the portable device with which it is used.