Abstract: A mobile communication device, such as a mobile phone, which comprises a processor which is configured to process requests for authorisation of use of a credential, such as a credit card, and the processor causes the device to emit a signal, such as an audible intermittent tone, the characteristics of which are indicative of the deemed importance of a particular use of the credential. Advantageously the owner of the device is alerted to the deemed importance of a use of a credential. For example, an intermittent tone of characteristic frequency is emitted by a mobile phone in relation to the monetary value of a transaction using a credit card.

Abstract: A software system for installation on computing apparatus (and a method of installing such a software system on computing apparatus), wherein the software system is provided in the form of a software package including a plurality of software components, one or more of the software components being provided as a plurality of different implementations, the apparatus including an installation engine for installing the software system only a selected one implementation of the or each of the software components having multiple implementations, and a random selector module for selecting one of the plurality of implementations of a software component for installation.

Abstract: A tamper evident electronic module comprises an electronic component, a tamper evident sheet, and encapsulant material. Said component is encapsulated in the encapsulant material and the sheet overlies the component, and the sheet comprises a flexible multi-layer sheet, a plurality of the layers of the sheet being selected from the group below: (i) an electromagnetic radiation shield layer; (ii) a tell-tale electrically conductive trip wire defining a convoluted meandering pathway on the layer, the trip wire meandering in a pattern which substantially covers the electronic component in a space filled area if the layer; (iii) a layer having the features of (ii), and in which the pathway comprises a fractual pattern; (iv) a layer having the features of (ii), and in which a second tell-tale trip wire extends alongside a first tell-tale trip wire so that they meander as a spaced pair. (v) an active electromagnetic marking layer adapted to emitt electromagnetic radiation.

Abstract: A distributed storage system for storing at least one credential (46), provided by an issuing authority and relating to an identity (42, 44), is described. The system comprises: a plurality of unique identities (42, 44) each having a local store (40). Each local store (40) securely stores credentials (46) relating to the owner of the identity (42, 44). The system also comprises one or more security certificates (66) provided at each identity (42, 44) for ensuring the authenticity of the credentials (46). The security certificates (66) provide secure references to the issuers of the credentials (46) and this can be used in verifying the origin of each credential (46). The identity can be provided a website or a mobile phone for example.

Abstract: A soft edged trampoline includes a flexible mat (1) supported from a base frame (3) by a plurality of resiliently flexible rods (2). Each rod (2) has an enlarged upper end (12). A plurality of fittings (6) coupled to the mat (1) about the periphery of the mat each include a socket cavity (10) which receives the enlarged upper end (12) of a flexible rod, so that the upper ends of the flexible rods are pivotally connected to the periphery of the mat.

Abstract: A trampoline includes a flexible mat 1, a plurality of resiliently flexible rods 2 each having a lower end retained in a frame 3 of the trampoline and an upper end coupled to the periphery of the flexible mat 1, and a region of contrasting colour to the colour of mat about a peripheral portion of the mat at or adjacent the peripheral edge of the mat. The region of contrasting colour may be provided by one or more concentric circles 9, a sinuous line 12, a zig-zag 13, or a plurality of discrete by discrete non-continuous areas 14 of contrasting colour for example.

Abstract: A distributed data processing system includes individual data processing units that automatically communicate with a centralised data management unit in response to information objects being received or accessed by the data processing units. Data associated with information objects is communicated to the data management unit, thereby facilitating the automatic management of the information objects within the system.

Abstract: A mediated RSA cryptographic method and system is provided in which a sender encrypts a message using an encryption exponent e and a public modulus n, and a recipient and a trusted authority cooperate with each other to decrypt the encrypted message by using respective components dU, dT of a decryption exponent. In order to prevent the trusted authority from reading the message in the event that it has access to the recipient decryption exponent components dU, the recipient blinds the encrypted message before passing it to the trusted authority. This blinding is effected by a modulo-n blinding operation using a factor re where r is a secret random number. The trusted authority then applies its decryption exponent component dT to the message and returns the result to the recipient who cancels the blinding and applies its decryption exponent component dU.

Abstract: A security document, comprises a printed document and one or more memory circuits adapted to be read wirelessly attached to or incorporated within the printed document, wherein data in the memory circuit is protected from access by an unauthorised reader, and wherein the memory circuit is physically isolated so as to inhibit physical tampering or to indicate when physical tampering has occurred. Methods of publishing and of reading such security documents are described.

Abstract: A hand-held, self-contained motor-driven trenching device (100) for cutting a slit or trench within a substrate is based on a chain-saw motor unit together with a purpose-built attachment. An unmodified chain-saw drive unit provides both motive force and a holder, although purpose-built units may employ other forms of motive power. A chain-driven reduction drive matches the chain-saw drive sprocket (101) speed to a suitable toothed digging chain cutting speed; the reduction drive being coupled to a sprocket wheel (102) aligned at one end of a sturdy, hardened steel blade (106) over which a heavy roller chain (200) bearing soil-cutting teeth (203) is pulled. The resulting trench is about 30-35 mm wide, up to 1 meter deep, and of indefinite length. The invention provides an optimized solution to a need for burying narrow cables, fiber-optic conduits, water pipes, and the like well into the ground.

Abstract: A method and apparatus are provided for generating a cryptographic key from multiple data sets each related to a respective association of a trusted party and user identity. The cryptographic key is, for example, one of an encryption key, a decryption key, a signature key and a verification key, and is preferably generated by applying Tate or Weil bilinear mappings to the data sets. At least two of the data sets may relate to different user identities and/or different trusted authorities. Where multiple trusted authorities are involved, these authorities may be associated with different elements to which the bilinear mapping can be applied, each trusted authority having an associated public key formed from its associated element and a secret of that trusted authority.

Abstract: A first party has a first and a second cryptographic key. A second party has a third and a fourth cryptographic key, the fourth cryptographic key being derived from the first and third cryptographic keys thereby providing an association between the parties. To enable a third party to verify the existence of an association between the first and second parties, the second party generates a number that in association with the second cryptographic key, the third cryptographic key and the fourth cryptographic key define a first cryptographic parameter, a second cryptographic parameter and a third cryptographic parameter respectively. By using these parameters and the second and third cryptographic keys, the third party can verify if the first and second parties are associated.

Abstract: A software application to be performed by a second computing resource on behalf of a first computing resource is transmitted to and installed on the second computing resource, and is run thereon using inputs received via a user interface. The software application includes a verification module for creating a sequence of data consisting of a plurality of choice points defining the sequence of events which occurred during the running of the software application. The sequence of data is transmitted to the first computing resource together with the result of the execution of the software application, the first computing resource being adapted to check the sequence of data to determine whether or not the software application was executed correctly.

Abstract: A method and apparatus is provided for securely transferring first and second data from a user to first and second parties respectively. More particularly, the user encrypts the first data using a first encryption key associated with the first party, and then encrypts the second data using, as encryption parameters, both public data of the first party and third data comprising the encrypted first data. The third data is then provided, preferably via the second party, to the first party, and the encrypted second data is provided to the second party. The first party uses a first decryption key to decrypt the encrypted first data, as provided to the first party in the third data, whereby to recover the first data. The first party also uses the third data, along with private data related to the aforesaid public data, to generate a second decryption key which is then provided to the second party to enable it to decrypt the encrypted second data.

Abstract: An indicator signal monitoring process receives the sequential transmission of an indicator signal that is repeatedly broadcast by a primary intended recipient of attributable security interest messages. A recipient offline determination process determines that the primary intended recipient is offline whenever the indicator signal is not received for a defined failure period.

Abstract: A long-term digital document storage system, comprising means for receiving one or more digital documents for storage in a storage means, one or more storage sites for storing, in association with the one or more digital documents, metadata defining a data management strategy or “agreement” with respect to the one or more digital documents, the “agreement including one or more “clauses” defining respective constraints to be applied by the storage system to the one or more digital documents, the system further comprising means for configuring the data management strategy or agreement by defining or specifying at least some of the constraints individually according to specific requirements related to said one or more pieces of digital data. As such, the invention is concerned with the fine-grained management of documents within a storage system by the flexible definition and association with a document of a number of clauses (i.e.

Abstract: A computer system comprises a first computer entity arranged to encrypt data using an encryption key comprising a time value, and a second computer entity arranged to generate, at intervals, a decryption key using a current time value. The encryption and decryption processes are such that the decryption key generated using a current time value corresponding to that used for the encryption key, is apt to decrypt the encrypted s data.

Abstract: A method of certifying by a certification authority that two or more first digitally signed certificates or identities are held by the same authorised signatory, the method comprising the steps of determining that said two or more identities or digitally signed certificates refer to the same authorised signatory, creating a digital verification certificate including data relating to said two or more identities or first digitally signed certificates and data representative of evidence or facts used to determine that said two or more identities or digitally signed certificates relate to the same authorised signatory, applying a digital signature of the certification authority to said verification certificate, and linking or otherwise associating said verification certificate to said two or more identities or first digitally signed certificates.

Abstract: A software system for installation on computing apparatus (and a method of installing such a software system on computing apparatus), wherein the software system is provided in the form of a software package (10) including a plurality of software components (12), one or more of the software components (12) being provided as a plurality of different implementations (14), the apparatus including an installation engine (20) for installing the software system only a selected one implementation of the or each of the software components having multiple implementations, and a random selector module (22) for selecting one of the plurality of implementations of a software component for installation.

Abstract: A computer system comprising a trust engine for determining a trust level associated with a computer node and a policy engine for setting access requirements to a personal profile, from the computer node, based upon the determined trust level of the computer node and respective sensitivity levels associated with sub-components of the personal profile.