摘要 |
A computer system has a resource, a verification unit and an execution engine for running a body of program code having an associated signature. A cryptographic key is associated with the resource and when the code is to be loaded into the execution engine a verification operation is run on the signature using the cryptographic key associated with the resource. The execution engine is separate from the resource and when access to the resource is required by the code in the execution engine a further verification operation is conducted on the signature using the cryptographic key associated with the resource. Access to the resource by the code depends upon the result of the verification operation. |