Abstract: Method of managing security entities positioned to cut off an information stream within a network. The method includes designating an entity to act as a sponsor for a new ward wishing to join the network, requesting to connect the ward with the sponsor, said sponsor determining whether or not it accepts the connection. If the sponsor accepts the connection, then connecting the sponsor and disconnecting from the plurality of entities forming the network. At least one of the entities and the sponsor checking a security level of said ward. If at least one of the entities decides to trust said ward, then the sponsor transmits to the ward configuration information to enable the ward to enter into communication with the network. If at least one of the entities decides not to trust the ward, then the ward cannot access the network and an alarm is generated.

Abstract: A security apparatus positioned between at least one domain having a level of trust or of sensitivity A and at least one domain having a level of trust or sensitivity B, bearing in mind that the level A is different from the level B, comprises a virtualization software layer V implemented on the physical layer H and positioned between said physical layer H and at least one set consisting of at least three different compartmentalized blocks having different sensitivity levels, BLA, BLB, MDS.

Abstract: The invention relates to a system for processing data that can be exchanged between at least a first domain having a security level A and a second domain having a security level B, A being different from B, characterized in that it comprises at least one elementary entity EEi including a routing module URi and a device UTi for processing data, the routing module URi including at least one input Ii into the domain having the A security level for the data to be processed, and at least one first output Pi for the data that has not been processed and remains in the domain with the A security level, and a second output Li connected to the processing device UTi for the data processed and transferred into the domain with the B security level via the output Oi.

Abstract: A security apparatus positioned between at least one domain having a level of trust or of sensitivity A and at least one domain having a level of trust or sensitivity B, bearing in mind that the level A is different from the level B, comprises a virtualization software layer V implemented on the physical layer H and positioned between said physical layer H and at least one set consisting of at least three different compartmentalized blocks having different sensitivity levels, BLA, BLB, MDS.

Abstract: Method of managing security entities positioned to cut off an information stream within a network. The method includes designating an entity to act as a sponsor for a new ward wishing to join the network, requesting to connect the ward with the sponsor, said sponsor determining whether or not it accepts the connection. If the sponsor accepts the connection, then connecting the sponsor and disconnecting from the plurality of entities forming the network. At least one of the entities and the sponsor checking a security level of said ward. If at least one of the entities decides to trust said ward, then the sponsor transmits to the ward configuration information to enable the ward to enter into communication with the network. If at least one of the entities decides not to trust the ward, then the ward cannot access the network and an alarm is generated.

Abstract: The invention relates to a system for processing data that can be exchanged between at least a first domain having a security level A and a second domain having a security level B, A being different from B, characterised in that it comprises at least one elementary entity EEi including a routing module URi and a device UTi for processing data, the routing module URi including at least one input Ii into the domain having the A security level for the data to be processed, and at least one first output Pi for the data that has not been processed and remains in the domain with the A security level, and a second output Li connected to the processing device UTi for the data processed and transferred into the domain with the B security level via the output Oi.

Abstract: A unified and universal management system for one or more items of cryptographic equipment, comprising a federating portal that is adapted to allow a user to access services, one or more interfaces for the interchange of information between the management system and equipment outside the system, one or more modules having one or more sub-modules or technological bricks suitable to carry out a unified and universal management method.