We present the system architecture and a prototype of Perseus, a secure operating system focusing on personal security management. Nevertheless Perseus allows users to use their favorite applications in a convenient, known way. It is built upon a trusted computing base that is small enough to be formally verified and evaluated according to the Common Criteria or ITSEC. The design includes the services necessary to support post-purchase installation of secure applications by the user. It is flexible enough to run on a wide range of hardware platforms, which allows PCs or PDAs to be used as general-purpose trusted devices. To support a common binary interface, the Perseus system acts as a host that runs on existing operating systems as one application (client OS). Moreover, by using the client OS judiciously to perform noncritical tasks, the size of the kernel can be significantly reduced compared to a stand-alone secure system.
By: Birgit Pfitzmann, James Riordan, Christian Stueble, Michael Waidner and Arnd Weber
Published in: Proceedings Verlässliche IT-Systeme (Dependable IT Systems), ed. by D. Fox, M. Köhntopp, A. Pfitzmann. Braunschweig, Vieweg, 2001. p. 1-17., Vieweg in 2001
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.
Questions about this service can be mailed to reports@us.ibm.com .