PERSEUS is our open-source experimental platform of a security framework to establish a trustworthy security architecture by efficiently combining existing applications, modern operating system solutions and security technology. 

Based on the well-approved idea of a small security kernel, it solves the problem of the ever increasing complexity and insecurity of commonly used operating systems to build a trustworthy computing base that is secure enough to realise new and innovative business models, particulary in the area of privacy protection and enforcement of security policies in a distributed environment. 

The modular design of the PERSEUS framework allows the realization of a wide variety of security and functional requirements for desktop systems and servers as well as mobile devices.

The PERSEUS framework, published under the GPL License, provides basic security mechanisms and offers a necessary and sufficient basis for security relevant applications like secure signature generation, home banking, eGovernment and eCommerce applications:

• Secure Booting: Using the features offered by the underlying trusted computing hardware, secure booting ensures that local users and remote clients can verify that a trustworthy software configuration is currently running.
• Isolation: Applications and services are executed on top of the PERSEUS security kernel. Hence, the are securely isolated from each other during runtime and if the underlying platform is shut down, malicious software like viruses or worms can neither violate integrity and confidentiality requirements nor can they infect other code.
• Least Priviledge: Every application, service, or driver has only the rights required for its claimed tasks. This prevents malicious or incorrect code from violating security requirements, e.g., by maliciously accessing other documents, services, or hardware.
• Secure User Interface: The user interface is completely under the control of the trusted computing base. Hence, security features can be implemented that help users to prevent security-critical failures. A visual application authentication mechanism allows users to identify the application they are communicating with and thus protects against Trojan horse attacks like faked dialogs.
• Tamed Drivers: The provided software and/or hardware mechanisms prevent malicious device drivers from using hardware functions (e.g., busmaster DMA) to bypass security measures.

In contrast to other solutions the PERSEUS security platform provides a compact security layer, which is located between hardware and conventional Operating System. In there it controls critical hardware ressources and protects security critical applications.

The conventional OS (Linux for example) is used parallel to these applications and is controlled by the security platform.

The Perseus-Project started in the year 2000 at the university of Saarland and since 2002 it is forwarded at the Ruhr university Bochum - together with the Sirrix AG.

The PERSEUS website
The PERSEUS support forum