Currently, to ensure security in data or information interchanges between elements within a network, specific management and security centers are typically used. This generates a significant workload for the operators, such as the banks or any other operator working in the field of information systems security (ISS). This workload is all the greater when the number of elements to be managed is large. There is therefore a need to find a “transparent management” solution with which to rationalize the human resources and hardware means.
Various applications require a management center for:                the cryptographic equipment positioned in hardware cutoff configuration in a so-called sensitive network, such as the high bit rate encryptors, the security highway encryptors (in particular for the Ethernet), and individual encryptors,        the filtering equipment positioned in hardware cutoff configuration in a sensitive network, for example the firewalls,        the security software installed on the terminals and the servers handling the information: the software firewalls, the encryption software, the antivirus software, the user authentication software, and so on.        
Hereinafter in the description, the abbreviation SE designates security entities that combine all the equipment and products cited above.
When it comes to security in the exchanging of information or data and for information systems, it is important to manage security entities. In practice, a certain number of services are needed to administer cryptographic equipment, whether civilian or defense-related. Although there is a specificity in sensitive networks, because of the protocols used, the particular protection measures, the algorithms used, or even desired level of security, the same type of management is often found:                management of the security policy: in other words, the establishment of the security associations or SA or even the constitution of communities or the creation of virtual private networks known by the abbreviation VPNs, which amounts to determining who can dialog with whom, how to manage the keys; this aspect can be called the “rights”,        management of supervision, that is to say the reporting of information coming from the entities: alarms, events, connections or logs, the common information base or the management information base, known by the abbreviation MIB for the IP (Internet protocol) world, configuration management, management of technical facts, incidents, etc.; this aspect can be called “reporting”,        administration of security products which ensures the integral nature of the network and of trust (guarantee provided by certificates, public key infrastructures, or “PKIs”, directories, etc.); this aspect is called “authority”.        
FIG. 1 diagrammatically represents the three abovementioned integrated blocks which, in the management module, constitute: rights, reporting and authority.
FIG. 2 is a diagram describing a central SE management unit linked with elements SEi, SEj, the various elements being able to communicate with one another.
One of the problems is that each element can have its own security policy and use elements that are proprietary in terms of interfaces, protocols, algorithms, usages and usage contexts. These specificities prevent or hinder the interworking between the elements and their shared working. As it happens, all the players in the abovementioned ISS domain are currently seeking to rationalize the human and hardware resources.
Moreover, the current centralized systems constitute a serious brake on the implementation of security functions in highly open-ended network environments such as ad hoc radio networks, that is to say networks in which the nodes and elements are mobile. Although the network problems are currently largely being resolved, the use of a centralized security management facility in such environments runs counter to the objectives of flexibility and decentralization.
The rest of the description uses names known to those skilled in the art to designate various elements used in the system and the method according to embodiments of the invention.
Thus, the term trust designates the determination by an SE of its future behavior with respect to another SE. This trust may be built on the basis of strong proofs like the existence of a secret shared between the SEs. This secret or these secrets may be keys, passwords, a cryptographic algorithm or any other confidential datum. In the absence of strong proof, the trust may also be based on:                the past behavior of the SEs concerned,        the degree of threat to which the SEs are subject.        
A trusted platform, an expression known in the security field, is a hardware device, such as a processor, a programmable circuit of the FPGA (field programmable gate array) type, a custom integrated circuit, better known by the abbreviation “ASIC”, and software trusted by the security experts, which means that they preferably have:                mastery of the components and of the electronic cards (printed circuits, routing), of the SE protection mechanisms (holographic labels, casing resistant to electromagnetic radiation),        the absence of back doors, which present the risk of allowing information considered sensitive to pass in clear, unencrypted, without passing through the encryption module,        mastery of the codes and absence of errors in the executive of programs, or “bugs” (coverage test, coding rule, code analysis).        
Often, a trusted platform is positioned as a cutoff and not as a resource in order to guarantee a high security level and to be the obligatory passage for all the inter-domain messages, between the sensitive domain A and the non-sensitive free domain B.
The word “vote” relates to a dialog mechanism between entities in which an entity asks others for their recommendations in order to take a collective decision. The decision is then reported to all the entities concerned. The vote is therefore based on a question/answer/decision notification network mechanism known to those skilled in the art.
The word “sponsor” corresponds to the entity through which the membership of a new arrival (or ward) within a community is decided. The sponsor is also responsible for transmitting to the ward all of the configuration elements that will enable it to communicate within the community.