A method of security monitoring of data files in a computer platform is
carried out by a trusted component having a processor and trusted memory
area. The method comprises creating one or a plurality of data files in
an untrusted memory area of said computing platform, for each created
data file, periodically generating a digest data by applying a hash
function to each data file, storing the digest data in a trusted memory
area and for each file periodically comparing a current digest data of
the file with a previously generated digest data of the file. Any
differences between a previous and a current digest data indicate that a
file in the untrusted memory area has been corrupted.