A system according to the technique may include a secure device having a security kernel with protected keys.
The security kernel controls the execution of the first and second functional modules using the shared hardware component.
A security kernel (37) forming part of the invention typically resides in the upper area in memory for encrypting/decrypting data from any application that is running under the operating system.
Before passing control to a kernel extension the secure kernel deletes a subset of its sensitive portions, retaining only those sensitive portions needed to perform the task(s) delegated to the kernel extension.
The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor.