METHOD OF MANAGEMENT IN SECURITY EQUIPMENT AND SECURITY ENTITY
First Claim
1. A method of managing a plurality of software or hardware security entities SE positioned to cut off an information stream within a network in which the plurality of security entities SE communicate with one another, the method comprising:
- designating an entity to act as a sponsor for at least one of a new ward wishing to join the network,requesting to connect the ward with the sponsor by way of said ward contacting said sponsor and, on receipt of the request to connect said ward, said sponsor determining whether or not to accept the connection,if the sponsor accepts the connection of said ward, then connecting the sponsor to said ward and disconnecting from the plurality of entities SE forming the network,at least one of the entities or the sponsor checking security level of said ward, by performing the following steps;
if the sponsor or at least one of the plurality of entities decides to trust said ward, then the sponsor transmits to the ward configuration information designed to enable the ward to enter into communication with the plurality of entities of the network,if the sponsor or at least one of the plurality of entities decides not to trust the ward, then the ward cannot access the network and an alarm is generated to the plurality of entities of the network.
1 Assignment
0 Petitions
Accused Products
Abstract
Method of managing security entities positioned to cut off an information stream within a network. The method includes designating an entity to act as a sponsor for a new ward wishing to join the network, requesting to connect the ward with the sponsor, said sponsor determining whether or not it accepts the connection. If the sponsor accepts the connection, then connecting the sponsor and disconnecting from the plurality of entities forming the network. At least one of the entities and the sponsor checking a security level of said ward. If at least one of the entities decides to trust said ward, then the sponsor transmits to the ward configuration information to enable the ward to enter into communication with the network. If at least one of the entities decides not to trust the ward, then the ward cannot access the network and an alarm is generated.
9 Citations
10 Claims
-
1. A method of managing a plurality of software or hardware security entities SE positioned to cut off an information stream within a network in which the plurality of security entities SE communicate with one another, the method comprising:
-
designating an entity to act as a sponsor for at least one of a new ward wishing to join the network, requesting to connect the ward with the sponsor by way of said ward contacting said sponsor and, on receipt of the request to connect said ward, said sponsor determining whether or not to accept the connection, if the sponsor accepts the connection of said ward, then connecting the sponsor to said ward and disconnecting from the plurality of entities SE forming the network, at least one of the entities or the sponsor checking security level of said ward, by performing the following steps; if the sponsor or at least one of the plurality of entities decides to trust said ward, then the sponsor transmits to the ward configuration information designed to enable the ward to enter into communication with the plurality of entities of the network, if the sponsor or at least one of the plurality of entities decides not to trust the ward, then the ward cannot access the network and an alarm is generated to the plurality of entities of the network. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A software or hardware security entity positioned to cut off the information streams within a network, comprising a plurality of SE entities communicating with one another, the entity comprising:
-
a connection module configured to connect an entity to an element to be protected, the connection module configured to perform an initialization phase including; designating an entity to act as a sponsor for at least one of a new entity or ward wishing to join the network requesting to connect the ward with the sponsor via said ward contacting said sponsor and, on receipt of the request to connect said ward, said sponsor determining whether or not it accepts the connection, if the sponsor accepts the connection of said ward, then connecting the sponsor to said ward and disconnecting from the plurality of entities SE forming the network, at least one of the entities and the sponsor checking a security level of said ward, as follows; if at least one of the sponsor or one of the plurality of entities decides to trust said ward, then the sponsor transmits to the ward configuration information designed to enable the ward to enter into communication with the plurality of entities of the network, if at least one of the sponsor or one of the plurality of entities decides not to trust the ward, then the ward cannot access the network and an alarm is generated to the plurality of entities of the network, the connection module being linked to a multiplexer, which receives commands from a control device making it possible to change an operating mode of the elements, the multiplexer having an input for protected data originating from the connection module, an input, for data from the connection module used for an initialization phase, a second input receiving the commands, an output, transmitting the data to a trusted platform, the trusted platform having an output which is connected to an output port toward an unprotected network. - View Dependent Claims (7, 8, 9, 10)
-
Specification