Abstract: A method and apparatus are provided for generating a cryptographic key from multiple data sets each related to a respective association of a trusted party and user identity. The cryptographic key is, for example, one of an encryption key, a decryption key, a signature key and a verification key, and is preferably generated by applying Tate or Weil bilinear mappings to the data sets. At least two of the data sets may relate to different user identities and/or different trusted authorities. Where multiple trusted authorities are involved, these authorities may be associated with different elements to which the bilinear mapping can be applied, each trusted authority having an associated public key formed from its associated element and a secret of that trusted authority.

Abstract: &Lgr; data processing system is described wherein use of resources in the system is metered. Metering evidence is generated which is difficult to forge and is, thus, relavely resitant to tampering. Such a system finds application, for example, in the field of metering the amount of time a person spends reading advertisement that are published on the World Wide Web. If reliable, such metering evidence may be used by the owner of the web server that contains the adverstisement to bill the originator of the advertissement.

Abstract: A method and apparatus is provided for securely transferring first and second data from a user to first and second parties respectively. More particularly, the user encrypts the first data using a first encryption key associated with the first party, and then encrypts the second data using, as encryption parameters, both public data of the first party and third data comprising the encrypted first data. The third data is then provided, preferably via the second party, to the first party, and the encrypted second data is provided to the second party. The first party uses a first decryption key to decrypt the encrypted first data, as provided to the first party in the third data, whereby to recover the first data. The first party also uses the third data, along with private data related to the aforesaid public data, to generate a second decryption key which is then provided to the second party to enable it to decrypt the encrypted second data.

Abstract: A method for encrypting data comprising dividing a first data set into a second data set and a third data set; deriving a first value using the second data set as an input into a polynomial equation; deriving a second value using the third data set as an input into the polynomial equation; deriving a first encryption key associated with a first party; deriving a second encryption key associated with a second party; encrypting the first value with the first encryption key; encrypting the second value with the second encryption key.

Abstract: There are many times when a secret needs to be used in a distributed computing system—these are often held in security tokens, such as smart cards. It may be desirable for another device, such as a computer platform to act in place of the security token as the repository of a secret, particularly for operations within a distributed computing system. Within the distributed computing system there is located a trusted entity, physically and logically resistant to unauthorized modification—this may be a trusted device located within a specific computing platform. This contains validation information which can be communicated to the security token. The security token then carries out a validation process on this validation information—if successful, the security token then provides a secret to the trusted device for use within the distributed computing system. The trusted device may be required to use this secret only for a specified period of time, or for a specific purpose or task.

Abstract: A trusted computing platform (TCP) includes a trusted connection agent, operable to communicate with a user via a secure channel, and a trusted environment controller, operable to monitor events occurring within an environment of the TCP for changes in a level of trust in the environment, and is operable to protect sensitive data of the user in protected storage means of the TCP on detection of a change in the level of trust.

Abstract: A trusted environment agent helps a user with integrity checking of a trusted computing platform. The trusted environment agent performs the checking of a target platform by interrogation of a trusted device on the target platform.

Abstract: A host computing platform 20 provides one or more computing environments 24 and includes a trusted device 213 arranged to form an integrity metric individual to each computing environment 24. The integrity metric is provided to a user 10 in response to an integrity challenge, signed for authentication using a signature key 213 held by the trusted device. In one embodiment the trusted device 213 selects a signature key unique to the computing environment 24, or in a second embodiment the trusted device forms the signed integrity metric including an identity label, in each case such that the user 10 can verify that the signed integrity metric corresponds to the expected computing environment 24.

Abstract: A computing platform 20 provides multiple computing environments 24 each containing a guest operating system 25 provided by a virtual machine application 26. Optionally, each computing environment 24 is formed in a compartment 220 of a compartmented host operating system 22. A trusted device 213 verifies that the host operating system 22 and each guest operating system 25 operates in a secure and trusted manner by forming integrity metrics which can be interrogated by a user 10. Each computing environment is isolated and secure, and can be verified as trustworthy independent of any other computing environment.

Abstract: Computer apparatus comprising a receiver for receiving an integrity metric for a computer entity via a trusted device associated with the computer entity, the integrity metric having values for a plurality of characteristics associated with the computer entity; a controller for assigning a trust level to the computer entity from a plurality of trust levels, wherein the assigned trust level is based upon the value of at least one of the characteristics of the received integrity metric.

Abstract: A method for allowing a financial transaction to be performed using a electronic system, the method comprising interrogating an electronic transaction terminal with an electronic security device to obtain an integrity metric for the electronic financial transaction terminal; determining if the transaction terminal is a trusted terminal based upon the integrity metric; allowing financial transaction data to be input into the transaction terminal if the transaction terminal is identified as a trusted terminal.