Data Processing Apparatus And Method
First Claim
1. A method of certifying compliance with a designated process which is defined by a plurality of rules which are specified in a public template, wherein at least one rule associated with a process includes a certification requirement which requires compliance with that rule to be certified by a rule certifying authority, the method comprising the execution by a processing apparatus in a secure environment of the steps of:
- for each rule specified in the template, receiving rule compliance data;
checking the received rule compliance data to verify that all the rules specified in the template have been complied with, including checking that for rules having a certification requirement the associated rule compliance data includes a digital signature signed by a valid rule certifying authority for that rule; and
issuing a process compliance certificate digitally signed by the process certifying authority if the checking step verifies compliance with the rules specified in the template.
2 Assignments
0 Petitions
Accused Products
Abstract
There is a described a method of certifying compliance with a designated process defined by a plurality of rules which are specified in a public template, wherein at least one rule associated with a process includes a certification requirement which requires compliance with that rule to be certified by a rule certifying authority. A processing apparatus operating in a secure environment receives rule compliance data and checks the received rule compliance data to verify that any certification requirement has been satisfied. If the processing apparatus confirms that all the rules specified in the public template are satisfied, then the processing apparatus issues a process compliance certificate which is digitally signed by the process certifying authority.
130 Citations
22 Claims
-
1. A method of certifying compliance with a designated process which is defined by a plurality of rules which are specified in a public template, wherein at least one rule associated with a process includes a certification requirement which requires compliance with that rule to be certified by a rule certifying authority, the method comprising the execution by a processing apparatus in a secure environment of the steps of:
-
for each rule specified in the template, receiving rule compliance data; checking the received rule compliance data to verify that all the rules specified in the template have been complied with, including checking that for rules having a certification requirement the associated rule compliance data includes a digital signature signed by a valid rule certifying authority for that rule; and issuing a process compliance certificate digitally signed by the process certifying authority if the checking step verifies compliance with the rules specified in the template. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of performing a secure data processing operation, the method comprising the execution by a processing apparatus in a secure environment of the steps of:
-
certifying compliance with a designated process which is defined by a plurality of rules which are specified in a public template, the certifying step comprising;
. i) for each rule specified in the template, receiving rule compliance data; and
ii) checking the received rule compliance data to verify that compliance with all the rules specified in the template;performing the secure data processing operation to provide output data;
digitally signing a data record comprising a process compliance certificate digitally verifying compliance with the rules specified in the template; andoutputting the digitally signed data record. - View Dependent Claims (12, 13, 14)
-
-
15. A data processing apparatus comprising:
-
a secure data store; a processor operable to carry out a processing operation on data stored in the secure data store, wherein said processor is in a secure environment; and a controller operable to prevent processing of the data stored in the secure data store unless a plurality of rules specified in a public template associated with said processing operation are complied with, wherein for at least one of the plurality of rules compliance with that rule requires certification by a certifying authority. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification