Abstract

We present the system architecture and a prototype of Perseus, a secure operating system focusing on personal security management. Nevertheless Perseus allows users to use their favourite applications in a convenient, known way. It is built upon a trusted computing base that is small enough to be formally verified and evaluated according to the Common Criteria or ITSEC. The design includes the services necessary to support post-purchase installation of secure applications by the user. It is flexible enough to run on a wide range of hardware platforms, which allows PCs or PDAs to be used as general-purpose trusted devices. To support a common binary interface the Perseus system acts as a host that runs an existing operating system as one application (client OS). Moreover, by using the client OS judiciously to perform non-critical tasks, the size of the secure kernel can be significantly reduced compared to a stand-alone secure system.