Abstract: An apparatus includes a processor and a memory to implement a method to provide a proof that two or more instances of a data structure type are as trustworthy as each other.

Abstract: A method of computer operating system data management comprising the steps of: (a) associating data management information with data input to a process (300); and (b) regulating operating system operations involving the data according to the data management information is provided (310). A computing platform (1) for operating system data management is also provided. Furthermore, a computer program including instructions configured to enable operating system data management, an operating system, and an operating system data management method and apparatus arranged to identify data having data management information associated therewith when that data is read into a memory space are provided.

Abstract: A method and apparatus are provided for tracking the state of a software component in use on a computing platform. Upon a change of a first type in the software component (such as a change to an integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded in cumulative combination with any previous integrity metric values recorded for changes of the first type to the software component. Upon a change of a second type in the software component (such as a change to a non integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded as a replacement for any previous integrity metric value recorded for changes of the second type to the software component. The two resultant values provide an indication of the integrity state of the software component.

Abstract: A data handling apparatus (400) for a computer platform (1) using an operating system executing a process, the apparatus comprising a system call monitor (402) for detecting predetermined system calls, and means (402, 404, 406) for applying a data handling policy to the system call upon a predetermined system call being detected, whereby the data handling policy is applied for all system calls involving the writing of data outside the process. A corresponding method is disclosed.

Abstract: A method and system is provided for operatively associating a signing key with a software component of a computing platform. The computing platform includes a trusted device and on start-up first loads a set of software components with each component being measured prior to loading and a corresponding integrity metric recorded in registers of the trusted device. The system stores a key-related item in secure persistent storage, the key-related item being either the signing key or authorisation data for its use. The trusted device is arranged to enable a component of the software-component set to obtain the key-related item, this enabling only occurring when the current register values correspond to values only present prior to loading of components additional to those of the software-component set. Certificate evidence is provided indicating that the signing key is operatively associated with a component of the software-component set.

Abstract: A method and apparatus are provided for tracking the state of a software component in use on a computing platform. Upon a change of a first type in the software component (such as a change to an integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded in cumulative combination with any previous integrity metric values recorded for changes of the first type to the software component. Upon a change of a second type in the software component (such as a change to a non integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded as a replacement for any previous integrity metric value recorded for changes of the second type to the software component. The two resultant values provide an indication of the integrity state of the software component.

Abstract: A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting the first operating environment access to resources available to the trust routine, wherein the trust routine being arranged to acquire the first integrity metric and a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.

Abstract: A data structure has within it the following elements: an identification of a data structure type; and a proof that two or more instances of the data structure type are as trustworthy as each other. Methods and devices using such data structures are described.

Abstract: A method for managing access to a computing environment by a computing device includes providing at least one credential that identifies both the computing device and a user of the computing device, storing data at the computing environment relating to the computing device and the user in association with the credential, and selectively granting an access request received from the computing device using the credential in accordance with the data stored at the computing environment.

Abstract: A monitoring method and system for monitoring compliance of a policy in an IT infrastructure (150) are described. A modeling component (110) and an analysis system (110) are used. The modeling component (110) is arranged to model the policy and configure the analysis system in dependence on the model and the analysis system (100) is arranged to monitor aspects of the IT infrastructure (150) in dependence on the model.

Abstract: A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting the first operating environment access to resources available to the trust routine, wherein the trust routine being arranged to acquire the first integrity metric and a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.

Abstract: Control of access to data within a first data processing device is provided. The data processing device contains at least one data item which has a use policy associated with it. In response to a request from or a requirement of a second data processing device to perform an operation on the data item, the first data processing device seeks information about the ability of the second data processing device to respect conditions specified in the policy and on the basis of a comparison between the policy and the ability of the device to satisfy the policy, the first data processing device decides whether to allow the operation to be performed.

Abstract: A data handling apparatus (400) for a computer platform (1) using an operating system executing a process, the apparatus comprising a system call monitor (402) for detecting predetermined system calls, and means (402, 404, 406) for applying a data handling policy to the system call upon a predetermined system call being detected, whereby the data handling policy is applied for all system calls involving the writing of data outside the process. A corresponding method is disclosed.

Abstract: A method of computer operating system data management comprising the steps of: (a) associating data management information with data input to a process (300); and (b) regulating operating system operations involving the data according to the data management information is provided (310). A computing platform (1) for operating system data management is also provided. Furthermore, a computer program including instructions configured to enable operating system data management, an operating system, and an operating system data management method and apparatus arranged to identify data having data management information associated therewith when that data is read into a memory space are provided.

Abstract: A trusted computing platform (TCP) includes a trusted connection agent, operable to communicate with a user via a secure channel, and a trusted environment controller, operable to monitor events occurring within an environment of the TCP for changes in a level of trust in the environment, and is operable to protect sensitive data of the user in protected storage means of the TCP on detection of a change in the level of trust.

Abstract: A trusted environment agent helps a user with integrity checking of a trusted computing platform. The trusted environment agent performs the checking of a target platform by interrogation of a trusted device on the target platform.