A method and apparatus for operating a set of resources under the control of a secure processor, e.g. security module, having a command authentication means and a command execution means, to achieve secure control of the resources. The secure processor stores a set of command primitives for functional control of the resources. A set of defined commands for invoking command primitives has either a secured command format including a command sequence ID, a command code, and a set of command data items or a non-secured command format including a command code and a set of command data items. The secure processor stores a command set up table including command type flags to designate each command as a secured command or a non-secured command. An application program running in an external device includes a plurality of the defined commands in either secured command format or the non-secured command format and these are sent one at a time to the secure processor for execution. The secure processor looks up each received command in the command set up table, and if the command is a non-secured command it immediately executes associated command primitives. If the command is a secured command, the secure processor tests both its authenticity and regularity and only executes the associated command primitives if the command passes both tests.