Typical　isolation　models　are　studied　and　a　New　Application　Security　Isolation　model　called　NASI　is　proposed,　which　is　based　on　trusted　computing　technology　and　least　privilege　principle.　This　paper　introduces　the　design　ideas　of　NASI,　gives　out　formal　description　and　safety　analysis　for　the　model,　and　finally　describes　the　implementation　of　prototype　system　based　on　NASI.