Abstract: A method for regulating modification of a distributed digital ledger at a node comprises controlling access to a cryptographic key used to enable modification of the distributed digital ledger according to a policy maintained by at least one owner of the distributed digital ledger.

Abstract: A method for secure hardware initialization during a start-up process comprises activating a protected portion of a physical memory, allocating a part of the protected portion of the physical memory for use by direct memory access, DMA, drivers and non-DMA related hardware initialization instructions, and using a memory management tool, allocating a first part of the physical memory, accessible by a device via the memory management tool, for use by data.

Abstract: A method for regulating modification of a distributed digital ledger at a node comprises controlling access to a cryptographic key used to enable modification of the distributed digital ledger according to a policy maintained by at least one owner of the distributed digital ledger.

Abstract: In an example, print apparatus comprises a security services engine to perform cryptographic services. The security services engine may receive a request for a cryptographic service and validate that the request is an authorised request. On successful validation, the security services engine may perform the cryptographic service by acquiring a first key, acquire an associated first key identifier and may output the first key identifier.

Abstract: A method for secure hardware initialization during a start-up process comprises activating a protected portion of a physical memory, allocating a part of the protected portion of the physical memory for use by direct memory access, DMA, drivers and non-DMA related hardware initialization instructions, and using a memory management tool, allocating a first part of the physical memory, accessible by a device via the memory management tool, for use by data.

Abstract: Examples set out herein provide a method comprising using first cryptographic key data specific to a computing device to verify a package of machine readable instructions to run on the computing device. The verified package may be executed to generate a random number using a true random number generator of the computing device, and to store the generated random number. Second cryptographic key data may be generated by a pseudorandom number generator of the computing device based on a seed comprising a combination of the random number as a first seed portion and a second seed portion. A portion of the second cryptographic key data may be sent to a certifying authority. The method may further comprising receiving a certification value based on the sent portion of the second cryptographic key data from the certifying authority and storing the certification value.

Abstract: An example system includes a main processor operable in a normal mode or a trusted mode, the main processor having an embedded diagnostic trusted code executable in the trusted mode; a secure memory accessible by the main processor when the main processor is in the trusted mode and inaccessible to the main processor when the main processor is in the normal mode, wherein execution of the embedded diagnostic trusted code causes the main processor to write diagnostic information to the secure memory; and a monitor processor having access to the secure memory to analyze the diagnostic information to determine a state of the main processor.

Abstract: According to an example, memory integrity checking may include receiving computer program code, and using a loader to load the computer program code in memory. Memory integrity checking may further include verifying the integrity of the computer program code by selectively implementing synchronous verification and/or asynchronous verification. The synchronous verification may be based on loader security features associated with the loading of the computer program code. Further, the asynchronous verification may be based on a media controller associated with the memory containing the computer program code.