With　the　rapid　development　of　information　technology,　the　secrutiy　problems　of　information　systems　are　being　paid　more　and　more　attention,　so　the　Chinese　government　is　carrying　out　information　security　classified　protection　policy　in　the　whole　country.　Considering　computer　application　systems　are　the　key　componets　for　information　system,　this　paper　analyzes　the　typical　security　problems　in　computer　application　systems　and　points　out　that　the　cause　for　the　problems　is　lack　of　safe　and　valid　isolation　protection　mechanism.　In　order　to　resolve　the　issues,　some　widely　used　isolation　models　are　studied　in　this　paper,　and　a　New　Application　Security　Isolation　model　called　NASI　is　proposed,　which　is　based　on　trusted　computing　technology　and　the　least　privilege　principle.　After　that,　this　paper　introduces　the　design　ideas　of　NASI,　gives　out　formal　description　and　safety　analysis　for　the　model,　and　finally　describes　the　implementation　of　the　prototype　system　based　on　NASI.　©　2011　ICST　Institute　for　Computer　Science,　Social　Informatics　and　Telecommunications　Engineering.