A content provider, such as a document publisher or distributor, provides, for example, protected content to a user, for consumption within a trusted user environment. By providing integrity certification and verification services, the authenticity of the content consumption environments can be verified. The content provider forwards to the user a protected version of the digital content which includes, for example, a license agreement and an integrity profile identification. The profile includes, for example, the applications and system components that are allowed to be used in conjunction with the protected content. Additionally, the content provider initiates a request for an integrity profile. This request for the integrity profile is forwarded to an integrity certification and verification device. The integrity certification and verification device can, for example, if an integrity profile does not already exist for the requested applications and/or systems components, query a content consumption system/application provider, who, for example, has supplied the system components to the user. The content consumption system/application provider returns to the integrity certification and verification device authentication information about the particular applications or system components. The authentication information allows a comparison, or integrity verification, to be made between an application and/or system component on a user's system, and the original application or system component as distributed by the content consumption system/application provider.