Abstract: Attestation method for verifying the integrity of an attester device by an attestation proxy (AP): sending a trusted platform module (TPM) quote request message directly to a virtual TPM (vTPM) uniquely associated with the attester device, to prompt the vTPM to: produce a set of platform configuration register (PCR) values based on measurements requested and received by the vTPM directly from the attester device, then send a TPM quote comprising the set of PCR values directly to the AP; the attestation method further comprising the AP: receiving the TPM quote; sending the TPM quote to a remote relying party (RP) to prompt the RP to: verify the TPM quote is as expected, then return a remote attestation indicator to the AP; receiving the remote attestation indicator; and producing an attestation result based on the remote attestation indicator, wherein the attestation result is negative when the remote attestation indicator is negative.

Abstract: A method comprising an attestation proxy (AP): sending a trusted platform module (TPM) quote request message directly to a virtual TPM (vTPM) uniquely associated with an attester device, to prompt the vTPM to: produce a set of platform configuration register (PCR) values based on measurements requested and received by the vTPM directly from the attester device, then send a TPM quote comprising the set of PCR values directly to the AP; the attestation method further comprising the AP: receiving the TPM quote; retrieving, from a local copy of a distributed ledger (DL), a latest set of PCR values recorded for the attester device; comparing that set of PCR values retrieved from the local copy of the DL with the set of PCR values received in the TPM quote to generate a local attestation indicator; and producing an attestation result based on the local attestation indicator.

Abstract: A method and distributed system for exclusively sharing data between a data provider and one or more selected data recipients is disclosed. Known systems for exclusively sharing data with one or more selected data recipients involve the encryption of the data at a central storage service and limiting use of one or more centrally stored decryption keys to decrypt the data in accordance with an access control list maintained by the remote storage service provider. Ensuring robustness of key management in such systems requires the expenditure of a great deal of resource. This problem is addressed by a combination of two co-operating facilities in the disclosed distributed data sharing system. Firstly, a symmetric key exchange facility is provided which enables each data provider to exclusively derive 182 dedicated key encryption keys with respective selected data clients. Secondly, a device controlled by the data provider is arranged to encrypt the data using a data encryption key and.

Abstract: A computer implemented method of updating software code in a code management system, the method including receiving candidate code for merging with the code in the code management system; extracting each of a plurality of features of the candidate code, each feature being based on one or more predetermined metrics of the candidate code; processing at least a subset of the extracted features by each of a plurality of disparate classifiers, each classifier being trained by a supervised training method to identify one or more software code defects, such that each classifier identifies a set of features as indicative of a software code defect, wherein intersections between a predetermined number of the sets of features identified by the classifiers are indicated as prospective code defects; selectively merging the candidate code with the code in the code management system based on the prospective code defects.

Abstract: A computer implemented method of updating software code in a code management system, the method including receiving candidate code for merging with the code in the code management system; extracting each of a plurality of features of the candidate code, each feature being based on one or more predetermined metrics of the candidate code; processing at least a subset of the extracted features by each of a plurality of disparate classifiers, each classifier being trained by a supervised training method to identify one or more software code defects, such that each classifier identifies a set of features as indicative of a software code defect, wherein intersections between a predetermined number of the sets of features identified by the classifiers are indicated as prospective code defects; and selectively merging the candidate code with the code in the code management system based on the prospective code defects.

Abstract: A method for facilitating secure communication between a user device and a network device. Encrypted data from a user device is received at the network device. The encrypted data is encrypted based on first physiological data captured by a first sensor of the user device. The first physiological data is representative of a physiological characteristic of a user of the user device. A second sensor of the network device captures second physiological data representative of the physiological characteristic of the user. A common key for encrypting further data transferred between the user device and the network device is determined, based on the encrypted data and the second physiological data. Further aspects relate to other methods for facilitating secure communication between a user and network device, a network, and a method of operating a network.

Abstract: A method of configuring a user device. The method includes sending, from the user device to a node of a distributed ledger network (DLN), the node configured to store a distributed ledger of the DLN, a request for characteristic data indicative of a characteristic associated with a service provider, receiving, at the user device, a response from the node of the DLN in response to the request, and configuring a functionality of the user device accessible to the service provider, based at least in part on the response from the node of the DLN. Further aspects relate to a data processing system, a network, and a method of operating a network.