Abstract: The application relates to a computing device configured to establish a trusted execution environment for executing application code. The trusted execution environment comprises an execution engine configured to execute application code; a storage module to provide read-only access to the execution engine for accessing the application code; and a management module. The management module is configured to receive execution request(s); instruct the execution engine to load the application code from the storage module and to execute the application code; bundle data input, response data output to and from the execution engine into input data stream(s) and output data stream(s), respectively; terminate the execution engine after execution of the application code; create an execution record of execution of the application code comprising the input and output data streams; and transmit the execution record to the requestor.

Abstract: The application relates to a computing device comprising one or more processors and one or more memory devices having stored thereon computer readable instructions which, when executed by the one or more processors, cause the computing device to establish a storage module for storing a data file. The storage module is configured to: load a data file from a data source into the storage module; compute a hash value of the data file loaded into the storage module and make said hash value available to a hash value consumer; grant read-only access to data consumer(s) for accessing said data file loaded into the storage module. The storage module is further configured to detect any change and/or attempted change of the data file and terminate all data consumers which have been granted access to the data file.

Abstract: The application relates to a method of attesting a state of a computing environment comprising a plurality of components and a plurality of dependency relationships between the plurality of components. The method comprising the steps of A) generating a directed acyclic graph comprising a plurality of nodes and a plurality of directed edges connecting the nodes, comprising and B) generating an attest of the state of the computing environment using the directed acyclic graph. Generating a directed acyclic graph comprises: A1) associating a node with each component; A2) associating a node with each dependency relationship and assigning the node with a hash value of data descriptive of said dependency relationship; A3) connecting, using directed edges—each node associated with a dependency relationship to a node(s) associated with a component(s) included in the respective dependency relationship; and A4) assigning each node with a hash value of all of its subnodes.