A system comprising a trusted computing platform including one or more
logically protected computing environments, each of which is associated
with at least one service or process supported by said system, the system
being arranged to load onto said trusted computing platform a
predetermined security policy including one or more security rules for
controlling the operation of each of said logically protected computing
environments, the security rules for at least one of said logically
protected computing environments including an execution control rule
which defines the security attributes to be applied to a service or
process associated with said logically protected computing environment
when said service or process is started.